security.label

security.titlePart1 security.titleAccent

security.intro

security.architectureTitle

security.architectureIntro

security.architectureDiagramTitle

  ┌──────────────┐         POST /api/v1/bot          ┌─────────────────────┐
  │   your app   │ ────────────────────────────────▶  │  meetbot api edge   │
  │   backend    │ ◀──── 200 { bot_id, status } ─────│  (cloudflare → eu)  │
  └──────┬───────┘                                    └──────────┬──────────┘
         │                                                       │
         │ webhook (HMAC-SHA256)                                 │ enqueue
         │                                                       ▼
         │                                            ┌─────────────────────┐
         │                                            │  orchestrator (eu)  │
         │                                            │  picks platform pod │
         │                                            └──────────┬──────────┘
         │                                                       │ spawn
         │                                                       ▼
         │                                            ┌─────────────────────┐
         │                                            │  bot container      │
         │                                            │  meet · teams · zoom│
         │                                            └──────────┬──────────┘
         │                                                       │
         │                          per-speaker audio,           │
         │                          captions, chat, video        │
         │                                ▼                      │
         │                       ┌─────────────────┐             │
         │                       │  YOUR S3 bucket │  ◀──────────┘
         │                       │  (you own it)   │   multipart upload
         │                       └────────┬────────┘
         │ ◀──── webhook: meeting_ended, files_ready ────┘
         ▼
  ┌──────────────┐
  │ your handler │
  └──────────────┘

security.architectureNote

security.encryptionTitle

in transit
security.encryptionTransit
at rest
security.encryptionRest
roadmap
security.encryptionRoadmap

security.retentionTitle

security.retentionBody1

security.retentionBody2

security.retentionDocsLabel

security.complianceTitle

security.complianceIntro

security.colControl	security.colStatus	security.colTarget	security.colNote
SOC 2 Type 1	in progress	2026 H2	Engagement signed; gap assessment in progress with our auditor.
SOC 2 Type 2	planned	2027 H1	12-month observation window starts the day Type 1 is issued.
ISO 27001	planned	2027 H1
HIPAA BAA	enterprise tier	available on request	BAA signable on enterprise contracts. Formal HIPAA certification: 2027.
GDPR	in scope	EU-hosted by default	DPA available on request. No DPO appointed yet — pavel@meetbot.dev acts as privacy contact.
PCI DSS	n/a — Stripe-handled	—	We never see card numbers; Stripe Checkout + Stripe-hosted billing portal handle PCI scope.

security.accessTitle

security.accessBody1

security.accessBody2

security.vulnTitle

security.vulnBody

security.vulnEmail

security.incidentTitle

security.incidentBody

security.footerCta