How does Versational keep user information/data safe?

• The Versational solution is deployed in Amazon Web Services (AWS) cloud. There are no endpoints exposed outside of the AWS cloud environment.
• Our production and staging environments are in a Virtual Private Cloud and our database is hosted in AWS RDS.
• AWS supports 89 security standards and compliance certifications including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, NIST 800-171, SOC 2 Type II and ISO 27001 more than any other cloud provider, our solutions are hosted in one of the most secure environments among all public cloud service provider.

• Yes. This is currently available for enterprise customers only.
• We understand that your meeting data is mission-critical and some conversations can be highly confidential. We've designed our infrastructure to be completely deployable in your own organisation's cloud or data center.
  
• This does not include the few third party services that Versational uses.
  
• You can request a copy of the high-level architecture diagram. Please email info@versational.ai or contact us.
  

• Versational employees do not have access to production customer recording data by default.
  
• Usually access to meeting data is not required even for support purposes.
  
• However, if during a support request, access to meeting data is deemed essential, then permission is requested from the user with justifiction for why meeting data is required.
  
• We apply the principle of least privilege in our access controls mechanism to sensitive data. Access to sensitive data is based on a need-to-know basis and is strictly monitored and audited.
  

• You can delete your meetings from the Versational app. See Single or Batch deletion of recordings.
  
• Deleted meeting recordings cannot be recovered. They are permanently removed from the database.
  

• We use OAuth 2.0 to authenticate with Google or Microsoft to integrate your calendar with Versational.
  
• Versational accesses your calendar data like Meeting title, which is used as the title of the meeting recording.
  

• It is restricted to only data related to the meeting and nothing else.
  
• We keep track of your edits to the AI-Gems and questions you are asking AI-Ally to improve personalisation of suggested questions.
  
• Your edits and questions are fed back to our Machine Learning pipeline to improve the AI-Gems models and our AI-Ally Q&A bot to increase their accuracy and provide you a better experience and personalised question suggestions.
  

• The American Institute of Certified Public Accountants' SOC 2 is an auditing process that ensures a company securely manages data and protects the privacy of its clients.
  
• It defines criteria for handling customer data based on five trust service principles, which are security, processing integrity, availability, confidentiality, and privacy.
  

• Similarly, we are General Data Protection Regulation (GDPR) compliant. GDPR is the world's most widespread privacy and security law and includes guidelines for collecting, processing, and storing the personal information of individuals inside the European Economic Area.
  

Versational Architecture

• Versational is deployed on AWS and utilizes services that use industry-grade security standards.
  

User Settings

• Versational platform uses the privacy-by-design approach. Therefore, a meeting recording is owned by the user who uploads or records the meeting.
  
• When the user shares the recording, internally or externally, the recording ownership remains with the user who shares the recording. Recipients of the share cannot edit or re-share the recording.
  
• That owner of the recording can revoke a share from a particular user at any time.
  

Privacy Settings

• Versational platform provides the ability for individual users to control who can view their meeting insights and analysis.
  
• Recording owners can share recording internally to specific team members or externally to specific users who are not within the team.
  
• Non-Versational users will only be presented with the guest view which contains a small subset of the complete analysis of the recording.