LEGAL & SECURITY
Privacy for Humans
Last Updated July 17th, 2020
At Vowel, security and privacy underscores every technical and business decision. Our product aims to improve collaboration and productivity in the workplace, and that means sensitive information passes through our servers and infrastructure. We take this responsibility very seriously and go to great lengths to protect your data and keep it private and secure. This means we employ best practices for encryption, security, and privacy, and keep your team’s data sequestered and encrypted at rest. Furthermore, Vowel maintains a cloud infrastructure that utilizes industry standards for security and privacy and utilizes cloud services that offer PCI whenever possible. At Vowel, we make security and privacy a top priority — this page aims to clarify some of the technical details on how we enable our security standards. We’ve also added a helpful glossary below with definitions for words with an asterisk(*).
How does Vowel store my data?
Meeting and Account Data
Text-based data that you may collect within the scope of a meeting, such as notes, agenda items, tasks, and transcriptions, are stored in an encrypted* database in AWS*. We adhere to best practices for persisting and encrypting data, and to that end, data is always encrypted at rest* and in-transit*. Additionally, Vowel databases are located in a private subnet within a VPC*, which means they are not directly accessible from the Public Internet and can only be reached via other privileged Vowel application servers. In fact, our application servers, database servers, and other aspects of our infrastructure (including caching servers) are all located within a VPC*, in order to prevent any direct access from the outside world. As an additional safeguard, we keep all “tenant data” (i.e. data related to a particular team and account) sequestered in its own database, which allows us to provide additional protective measures for your data, beyond industry-standard best practices.
Image and Video Data
Video and audio data is transmitted to Vowel using industry-standard WebRTC*, which ensures that all media streams are encrypted in transit. Each audio and video stream has its own encryption key, preventing anyone else from viewing or intercepting streamed data, and ensuring that only Vowel Media Servers have access to decrypt these data streams. Internally, Vowel processes and routes media using dedicated servers and infrastructure directly managed by Vowel. We do not leverage third-party services for media streaming or conferencing functionality. All RTP*, WebRTC, and conferencing functionality is powered by our servers, running code under the direction of the Vowel Engineering Team. These server processes (along with the rest of our infrastructure) run within a dedicated Kubernetes* cluster, using AWS EKS* (a managed Kubernetes infrastructure, run by AWS). Furthermore, we leverage industry-standard frameworks and strategies for processing streaming data, such as Apache Kafka*, which we utilize internally to queue and process media and text data in real-time — this allows us to efficiently process meeting data in near real-time, while also keeping each team’s data compartmentalized .
At Vowel, we only allow access to our services over SSL*. As a security precaution, we do not allow any insecure access to any part of our website or product. Furthermore, any account-level access to Vowel requires authentication and authorization using OAuth2* and OpenID* — industry standards for authentication.
Where does my data go outside of Vowel?
As a general policy, Vowel user data is always persisted in our infrastructure — we do not generally share your data with third parties, and we prevent data from being moved outside our infrastructure. There are a few specific exclusions for a subset of functionality where we leverage external services.
💬 Google Transcribe
Transcription is the primary exception for third-party data being moved outside our infrastructure. We use Google’s speech to text API to help power our transcription service. We only share raw audio streams, and communication with Google is conducted over encrypted channels. Furthermore, Google does not persist any data. We persist the final transcription data in our encrypted database to ensure this data is only accessible to users on your team with active account access and valid credentials.
We want to stress that your textual data (name, email, Vowel userId, persona, and so on) does not leave our trusted third-party systems. We think it’s important you understand not only what these systems are but also why we send your data to these systems.
If you don’t agree with or understand our reasoning, please email us at firstname.lastname@example.org. If you strongly feel you do not agree with your data going to a specific system, deleting your Vowel account will indefinitely delete all of your data from all our systems and third-party providers permanently.
For GDPR compliance, all of the following 3rd parties act as data processors for us. If any kind of personal information (email, name, persona) is sent to the following third parties, a ⭐ is shown next to the provider name.
💭 Intercom ⭐
What: Intercom is a messaging and marketing platform that allows us to do customer success better. This is where you’re able to chat with us from that little bubble in the bottom-right of our web pages.
Why: Intercom increased our ability to address bugs and handle requests from our users over when we used to primarily use email. As a part of being able to maintain your relationship with us on this platform, we have to know who you are. We only know this once you’ve signed up and given us consent, but we use this information for various debugging purposes and to send you product updates and announcements.
How to be forgotten: If you’d like to be permanently forgotten from Intercom, you will need to delete your Vowel account. If you would like to unsubscribe from Intercom announcements, you can hit the unsubscribe link we provide at the bottom of all of these emails.
📊 Google Analytics
What: Google Analytics is an analytics platform that more uniquely gives us certain nice-to-have “vanity” analytics and serves as a good place for understanding where on the web our users are coming from.
Why: It’s good to know where our users are finding us so we can promote our product more with those partners and channels or figure out whether there are tangential products that should be introduced to our platform.
How to be forgotten: Because of how we use Google Analytics, all data sent to it is anonymous. We send no emails, no names, and we even anonymize IP addresses. Your identity is completely safe here.
📪 Sendgrid ⭐
What: SendGrid is used for our transactional email service. These are notification email updates and service-level emails such as email verification, password reset links, and the like. We do not use SendGrid for marketing purposes.
Why: We need a distinct way to send emails for core authentication flows and platform notifications.
How to be forgotten: All data sent to SendGrid is not anonymous by nature since it is a transactional email service (we send them your email so they can send you an email). For notifications, you can turn off your email notifications in your account settings. For authentication emails (such as email verification), we rely on Sendgrid. Since we cannot guarantee you won’t get these emails, the only way to get forgotten is to delete your Vowel account.
🐾 Datadog ⭐
What: Datadog is used as our error logging platform. When you get an error, we get it too so we can better fix these bugs as soon as possible.
Why: All data sent to Datadog includes IP and your Vowel ID and nothing else. We grab your IP to get a general location the error is happening in and potentially pin-down bugs that have to do with time zones. We send your user ID so we can more quickly search and diagnose issues surfaced by our users in our customer support panel (Intercom). Your user ID does not reveal any of your personal information to the engineer investigating the issue.
How to be forgotten: All data sent to Datadog only includes IP (so we can pin down bugs that have to do with time zones and location) and your Vowel user ID. This data is not used to identify a user by any means unless our investigation begins with the user reporting the bug to us. Your identity is completely safe here.
🐛 LogRocket ⭐
What: LogRocket is used as another error logging and debugging platform, aimed at helping us debug issues on the front-end (i.e. in the browser).
Why: LogRocket captures debugging and error logs in a user’s browser, so that if an issue arises, Vowel engineers are able to more expediently track down and resolve these issues — which means less time debugging, and less back and forth in explaining the exact symptoms and details of the problem.
How to be forgotten: We take security and privacy very seriously, and so we are careful to only send metrics, logs, and user interactions — not private meeting data, such as images, audio, video, transcription data, notes, tasks, agenda, or other company information. Furthermore, any data that gets sent to LogRocket automatically expires after one month.
🧾 Chargebee ⭐
What: Chargebee is a service that helps with the purchasing and tracking of Team service plans, such as tracking Free Trials, handling upgrades to different Vowel Plans, and managing the different features and quotas of each Service Plan Vowel offers.
Why: We want to make managing your team’s service plan as straightforward as possible. Additionally, we want to more easily support a range of useful features, such as Free Trials, addons, usage tracking, etc. Chargebee simplifies the management and support of these account-level features, allowing us to focus our attention on other services and offerings.
How to be forgotten: Chargebee integrates with Stripe (our payment gateway) and stores records of company transactions (but it does not have any access to credit card or financial data). Chargebee also persists metadata related to available service plans offered by Vowel, as well as the current service plan options and metadata selected by each team account. This includes account status, service plan renewal and expiration details, and other account-specific attributes. This data is archived when a team cancels their Vowel account.
Who has access to what within Vowel?
Our non-technical team members have access to Intercom, which allows every person at Vowel to be able to do customer support. Over time, this will become more restricted as we scale up the team to only be customer support individuals.
Our technical team can be granted temporary access to our servers, video and thumbnail storage layers. This is always for debugging and development purposes. Each engineer has a unique key that identifies them within our systems. All actions are logged. If their key is compromised, we have an instantaneous way of expiring that key, checking if their key was used by an outsider, and processes to remedy such situations and alert the affected user base.
🤝 Database: this is a server that stores data that relates to one another.
🔒 Encrypted: encryption is a process where data is scrambled with a specific secret that only a select few have. If this data is stolen, it cannot be understood unless the stealer has the proper secret. All of your personally-identifiable data (voice, notes and text) are encrypted at-rest and in-transit across all systems.
🛌🏾 At-rest: your data is physically being stored on a device (usually a server)
🏃🏾♂️ In-transit: your data is being sent from one location to another (usually one server/computer to another)
🤖 AWS (Amazon Web Services): our cloud provider that allows us to rent storage and compute capacity from their data centers
📦 AWS EKS (Elastic Kubernetes Service): a managed Kubernetes infrastructure, run by Amazon Web Services
💻 Kubernetes: an open-source system for automating deployment, scaling, and management of containerized applications
🗂 Apache Kafka: a distributed data streaming platform that can publish, subscribe to, store, and process streams of records in real time
🔐 OAuth2: allows a user to grant limited access to their resources on one site, to another site, without having to expose their credentials
🔑 OpenID: allows you to use an existing account to sign in to multiple websites, without needing to create new passwords
🔗 RTP (Real-time Transport Protocol): allows for the real-time transfer of streaming media like audio and video
📁 S3 Bucket: this is where we store files
🗄 SSL (Secure Sockets Layer): the standard security technology for establishing an encrypted link between a web server and a browser.
🔥 VPC: a firewall that blocks access to a server or group of servers only to users/robots that have the proper permissions
🖥 WebRTC (Web Real-Time Communication): allows web applications and sites to capture and optionally stream audio and/or video media
If you have any questions on this terminology, we are here to help. Email us at email@example.com.