TrailerCast
Security & Trust

Built to protect your demos

Your sales demos contain sensitive product conversations, customer data, and competitive intelligence. Here's how we keep them safe.

Encryption everywhere

All data is encrypted in transit with TLS 1.3 and at rest with AES-256. Passwords are hashed with bcrypt (cost factor 12). You never send data to us over an unencrypted channel.

Modern authentication

Email + password with bcrypt hashing and JWT session tokens. Password reset links expire after 1 hour and are single-use. SSO / SAML available on the Enterprise plan.

US-based infrastructure

All data is stored in US data centers via Railway (backend + Postgres) and Vercel (frontend + edge network). Canadian and EU data residency available on Enterprise plans.

Your data stays yours

We do not use your recordings or generated content to train AI models. Our vendor contracts (Anthropic, OpenAI, ElevenLabs) all include no-training clauses for API inputs.

Least-privilege access

Access to production infrastructure is limited to authorized engineers, protected by 2-factor authentication on Google Workspace, GitHub, Railway, and Vercel admin accounts.

Delete anytime

You control your data. Delete individual recordings or your entire account at any time from the app. Account deletions purge all content within 30 days.

Our Commitments

These aren't marketing claims. They're what we actually do and what we write into customer contracts.

We never sell your data

Period. No advertisers, no data brokers, no marketing syndicates.

We never use your content to train models

Your recordings, transcripts, and generated trailers are processed for you, not used to improve our AI or our vendors' AI.

We encrypt everything

TLS 1.3 in transit. AES-256 at rest. Bcrypt-hashed passwords (cost 12).

We disclose subprocessors transparently

The full list of third-party services that handle your data is in our Privacy Policy and kept up to date.

We respond to incidents quickly

Any security incident affecting your data will be disclosed within 72 hours with full details of impact and remediation.

Compliance & Enterprise

TrailerCast is an early-stage company and we're transparent about where we are on formal compliance. Here's our current state and roadmap:

Today

  • GDPR-compliant data handling (EU user rights, data portability, deletion on request)
  • PIPEDA-compliant for Canadian users
  • Custom Data Processing Agreements (DPAs) available on request
  • Subprocessor list published in our Privacy Policy

On the roadmap

  • SOC 2 Type I audit (target: within 12 months)
  • SSO / SAML integration for Enterprise plans
  • Canadian and EU data residency options for Enterprise
  • Customer-managed encryption keys for Enterprise

For Enterprise buyers

If your procurement process requires SOC 2 reports, InfoSec questionnaires, custom DPAs, or a security review call, reach out at support@trailercast.io. We'll respond within 1 business day.

Responsible Disclosure

Found a security vulnerability? We appreciate responsible disclosure and will respond within 48 hours.

Email details to support@trailercast.io with “Security” in the subject line. Please include steps to reproduce, impact assessment, and any proof-of-concept details. We ask that you give us a reasonable time to remediate before public disclosure.

Turn your next demo into a conversation.

Record the call, ship a branded trailer, answer the questions, watch the signal. Free to start, every feature, every call.

Get started for freeView pricing