careers icon
SECURITY

Enterprise-grade encryption and authentication

Reelay ensures data security is embedded throughout our AI-driven applications. In addition to fail-safe privacy protocols, you have complete control over the distribution of each Reelay Meeting Asset generated by our platform. Only approved team members within your closed network can receive and forward curated videos and transcripts.

Join Our Company - Techbit X Webflow Template
careers icon
OVERVIEW

Why work with us

We are committed to maintaining a high level of security and privacy for all our users. Here you'll find a high-level review of our security practices, frequently asked questions, and key points related to our security measures.

Download 1 Pager
100% remote icon

Users

- Secure logins using one-time passcodes (OTP)
- SSO via Microsoft Entra ID

unlimited pto icon

Infrastructure

- Secure Cloud based infrastructure
- Data stored in multiple avail zones
- Point in time data recovery
- SOC2 Compliance

flexible hours icon

Operational Controls

- Encryption at rest
- 99.9% SLA
- Secure Software Development Lifecycle

medical insurance icon

Application

- Vulnerability scanning of core applications and dependencies
- Anomaly Detection during development
- Client/Server Security validations

career growth icon

Training

Our internal datasets are not used for external LLM learning models, and we do not use external datasets for internal learning purposes

great culture icon

Content

Role Based Access Control (RBAC)Secure sharing via token based links enterprise-grade Data Management Policy

testimonials icon
MORE DETAIL

From our Security Officer

Data Protection
Our platform is built to scale across global networks. We apply data protection based on best practices aligned with a common controls framework. Any data security threat is immediately thwarted by our detections program. Our network infrastructure relies on a secure cloud service platform with flexible capacity to ensure best-in-class protection and reliability. We also maintain a secure software development process and industry-recognized operational practices.

Privacy & Hosting
As a SaaS solutions provider, we integrate security and ease of implementation into all our proprietary applications. At the data level, we only access internal information that is fully manageable by you. Our secure meeting attendant sits alongside your current video conferencing solutions. So, there is no need to integrate complex software programs with inherent security risks. We host our applications on the AWS cloud platform.

Integrations
Reelay employs a private virtual network of secured microservice using AWS Compute Engine nodes. AWS also provides a comprehensive list of compliance and regulatory assurances including SOC 1-3 and ISO 27001.

Product Architecture
Our application software complies with the latest industry security practices, which includes the ASVS 4.0.2 standard defined by OWASP. Internally, we utilize CI/CD pipelines such as Embold to perform security reviews and rapidly identify any potential issues within our development phase.

Synk.io and Dependabot are also deployed to provide vulnerability detection and detailed security audits. In addition, we maintain separate production and development environments to guarantee stability and safekeeping.

Data Security
All data-in-transit delivered through our applications is encrypted using the most up-to-date version of SSL or RTMPS. In addition, your data-at-rest is encrypted using Advanced Encryption Standard. Cryptographic encryption keys are maintained through AWS. Disk storage is also fully encrypted and utilizes AWS key management. An Advanced Encryption Standard(AES) algorithm with a key size of 256 bits and a unique encryption key rotation policy is maintained to ensure your data stays yours.

Data Protocol
We monitor all access attempts into our company resources. We also enable full backups of your data across multiple locations. This ensures your data can be retrieved within a standard recovery time objective in the unlikely event of failure. Your meeting information can be deleted through data erasure requests to our security team. Encryption-at-rest and encryption-in-transit are maintained at all times via secure data channels.

App Security
Reelay maintains a continuous integration and software delivery pipeline that utilizes security tools such as Git, Jenkins, and Snykto identify issues throughout our development phase. In addition, our security team performs regular penetration tests to address issues that may occur in later SDLC phases. All software patches and updates are installed as soon as available, and all vulnerabilities are tracked in our project security system.

Reelay takes security & privacy seriously and is SOC2 Audited. Learn more at trust.reelay.com

support icon
Support

Frequently Asked Questions

People are standing by to help you. Email, call us, or click the chat button in the bottom of you screen and a Reelay team member will get back to you during normal business hours (8am to 8pm EST).

01

What data does Reelay receive, record and/or process?

Reelay has access to the video/audio of the meeting that it is invited to along with the the participants, and possible calendar event that is associated with it.

The two options that lead to Reelay’s involvement are Record and Recap. These two options will take the video recording, transcribe it, and then scan that transcript for key moments from the call while summarizing the event for it’s owner.

When the Don't Join option is selected Reelay still has access to the users calendar event but marks it to not be recorded. No additional data is collected.

02

Where is the raw data stored?

Reelay stores it’s raw data within Amazon Web Services. We use a secure and redundant database service managed by Amazon called RDS. Frequent backup are made along with Point-in-time recovery. Data is stored across multiple availability zones to ensure it’s safety.

03

Who has access to the raw data?  / Does Relay have access to it?

The raw data is accessible by authorized members of Reelay’s Engineering team on a Need-to-access basis. Requests to access are made directly to the CTO and access is granted at the finest level possible to ensure data security for our customers.

04

What are the outputs from Reelay?

There are two ways to receive a Reelay asset (recordings & minutes). These are distilled and concise overviews of the meeting. They hold the following - Short Summary, Synopsis, Topics, Moments (Actions, Highlights, Questions), Transcription, Agenda, and Attendee list.

The Recording which is offered in the Application experience contains the recording along with all these things listed above. The Minutes document holds all of the information minus the transcription and the recording.

Users are given the option of how what asset they would like to receive post meeting.

05

Who receives these outputs?

This is determined at an organizational level. The following options exist:

A) Only the Meeting Host
B) All Verified Reelay users who were invited or attended
C) All users on the event or in attendance
D) Anyone who has been invited to view

Cut 2 hours of admin time
on every meeting