Security is foundational, not an afterthought
Your meeting data is sensitive. BriefMind is built with enterprise-grade security from the ground up — encryption, access controls, data isolation, and responsible AI practices are not add-ons. They are core architecture.
Data Encryption
- TLS 1.3 for all data in transit
- AES-256 encryption for all data at rest
- Encryption keys managed via cloud KMS with automatic rotation
- Meeting audio is processed and discarded — only transcripts and summaries are stored
Access Controls
- Clerk-based SSO with support for Google, Microsoft, and SAML providers
- Role-based permissions: admin, member, viewer
- Team-level data isolation — no cross-team data access
- Session management with automatic expiry
Data Retention
- Configurable retention policies per team
- Right to deletion: request complete data removal at any time
- Automatic data purge after retention window expires
- Export your data in standard formats before deletion
Infrastructure
- Hosted on industry-leading cloud infrastructure
- SOC 2 Type II readiness (certification in progress)
- Regular penetration testing and vulnerability assessments
- Monitoring and alerting for security events
Privacy
- GDPR-ready: data processing agreements available on request
- We do not sell or share your data with third parties
- No training on customer data — your meetings remain yours
- Transparent data processing: you always know what we process and why
Responsible AI
- LLMs are used for summarization, extraction, and search — not surveillance
- No customer data is shared with model providers for training
- AI outputs are always attributed to source meetings — no hallucinated facts
- You control what gets processed: per-meeting opt-in available
Questions about security?
We are happy to answer security questionnaires and provide detailed documentation about our practices.