Around's Security & Compliance Practices : Around by Miro Labs

At Around, we take privacy and security very seriously. We leverage industry standard data security policies to keep all customer data safe and treat the protection of user privacy and data with the utmost importance. You can learn more about our privacy policy here.

Encrypted Calls & Communication

All calls (including audio/video) are secured with TLS and AES-128 encryption.

Application Share

When screensharing, participants have the option to only share specific applications instead of the entire screen.

One-time Meeting ID

Generate one-time meeting IDs for instant meetings. These randomized IDs expire immediately once the instant meeting ends.

Meeting PINs

For an added layer of security, meeting passwords can be enabled for rooms by the room owner.

Room Members

Room owners can enable ongoing access to a room for specific participants.

One-time Access Tokens

For each meeting, one-time access tokens are generated and accepted by TURN and media servers.

Lock Meeting

Once a meeting has been started, the session can be locked to only include participants in attendance.

Expel Participants

While a meeting is running, any participant can be quickly removed with a click of a button.

Customer Data Storage

We store only the most basic user data (user profiles and metadata) in our database. With the exception of transcriptions and recordings, our servers only forward audio/video streams to the recipient – no processing or analyzing.

Recordings

Media is decrypted, processed and stored in our cloud storage. We use role-based access control to ensure that user data is protected from unauthorized access.

Transcriptions

Media is decrypted, decoded, and processed by Deepgram. Transcriptions are processed by OpenAI only by user request. User data is not used to train Deepgram's AI speech transcription models or stored on Deepgram's servers.

Waiting Room

The room owner or admin can control when an incoming participant is allowed to join a meeting.

Summaries

Generated transcripts are submitted to OpenAI's API to create summaries of recorded meetings. OpenAI does not use submitted data to train or improve their models. They may store data for up to 30 days to monitor for misuse or abuse. See more here for OpenAI's data policies.

Note for enterprise network admins

Here is how to set-up your firewall:

Allow essential traffic for .around.co and .media.around.co

Around uses these external services:

Mixpanel (mixpanel.com)
Sentry (sentry.io)
Deepgram (deepgram.com)
OpenAI (openai.com)

Mixpanel and Sentry are non-essential for Around's main video call functionality, but are crucial for helping us improve our service quality and resolve any potential issues that may occur. Deepgram provides speech-to-text functionality. OpenAI powers transcript summaries.