Security

1. Data Encryption

All data transmitted to and from June is encrypted using TLS 1.3, the latest transport layer security protocol. Data at rest is encrypted using AES-256, the same standard used by financial institutions and government agencies.

Call recordings receive additional encryption layers and are stored in access-controlled environments with strict authentication requirements.

2. Access Controls

We enforce role-based access controls throughout our systems. All administrative access requires multi-factor authentication (MFA). We follow the principle of least privilege, meaning employees only have access to data necessary for their job functions.

Access logs are maintained and regularly audited to detect any unauthorized access attempts.

3. Infrastructure Security

June runs on enterprise-grade cloud infrastructure with:

• Multiple availability zones for redundancy
• Automated daily backups with point-in-time recovery
• Disaster recovery procedures tested regularly
• Network isolation and firewall protection
• DDoS mitigation at the edge

4. Monitoring and Incident Response

Our systems are monitored 24/7 for security events and anomalies. We maintain documented incident response procedures and will notify affected customers within 72 hours of discovering any security incident that impacts their data.

We conduct regular penetration testing and vulnerability assessments using independent third-party security firms.

5. Data Storage and Retention

All data is stored in secure data centers located in the United States. We maintain strict data retention policies:

• Call recordings are retained for 90 days by default (configurable)
• Call transcripts and notes follow your account retention settings
• Upon account termination, data is deleted within 30 days

6. Third-Party Security

We carefully vet all third-party service providers and require them to meet our security standards. Data shared with integrations (ServiceTitan, Housecall Pro, Jobber) is limited to what's necessary for the integration to function and is transmitted securely.

We never sell your data to third parties.

7. Compliance

June maintains compliance with applicable data protection regulations:

• GDPR compliant for EU data subjects
• CCPA compliant for California residents
• HIPAA Business Associate Agreements available upon request
• PCI DSS compliant payment processing

8. Employee Security

All June employees undergo background checks and security training. We enforce strict policies around handling customer data, and access to production systems is limited to essential personnel only.

Employees are required to use company-managed devices with endpoint security software.

9. Your Responsibilities

Security is a shared responsibility. We recommend:

• Using strong, unique passwords for your June account
• Enabling multi-factor authentication when available
• Promptly notifying us of any suspected unauthorized access
• Regularly reviewing user access within your organization

10. Security Questions

If you have security questions, need a security questionnaire completed, or want to report a vulnerability, contact us: