Security & data isolation
Compliance recordings are among the most sensitive data an organization holds. Our security model is built around one principle: your recordings stay isolated to you, end to end. Here is exactly how.
Dedicated-server isolation
The foundation of our security model is a single-tenant, dedicated server for every client. Your recording bot, your processing, your recordings, and your transcripts run on infrastructure provisioned for your organization alone. Unlike multi-tenant SaaS recorders — where your data shares infrastructure with other companies and is separated only by software boundaries — there is no co-mingling of data between clients. For security and compliance teams, that is a meaningful reduction in risk surface.
Your data stays in your tenant
Recordings and transcripts are archived to a SharePoint document library inside your own Microsoft 365 tenant. The final record of every call lives in your environment, governed by your Microsoft 365 policies — not on a third-party platform you can't audit. See SharePoint storage for how archiving works.
Access controls
Because recordings land in your tenant, access is governed by your existing Microsoft 365 identity and permission model. You decide who can view, download, or manage recordings, using the same controls you already trust for your most sensitive documents:
- Permissions managed through your Microsoft 365 identity and SharePoint access model
- Recordings and transcripts subject to your retention and lifecycle policies
- Encryption in transit for data moving between the service and your tenant
- Isolation of processing on a server dedicated to your organization
Hosting & residency
Your dedicated recording server is hosted in the United Statesand fully managed by our US-based team. We provision, monitor, patch, and support the server and the recording bot, so your internal teams don't carry that operational burden. Learn more about the managed model on the managed service page.
Compliance roadmap
We believe security claims should be honest. Where a formal certification such as SOC 2 or ISO 27001 is on our roadmap, we describe it as planned or in progress— never as achieved until it actually is. We would rather tell you exactly where we are than imply a certification we don't yet hold. If a specific attestation is important to your procurement process, ask us and we'll tell you our current status directly.
Shared responsibility
Security and compliance are a shared responsibility. We secure and isolate the recording infrastructure and deliver your data into your governed tenant; you own your Microsoft 365 configuration, your access policies, your consent practices, and your overall compliance program. Recording is one important control within that program — a powerful one, but not the whole of it. Our industry pages map the service to specific regulatory obligations.
See compliance recording running on your own Teams tenant
Book a walkthrough and we'll show you policy-based capture, transcription, and SharePoint archiving on a dedicated server built for your organization.