Your board data is sensitive. We treat it that way.
Board meetings involve confidential decisions, financial discussions, and personnel matters. Here is exactly how MinuteSmith protects your data — no vague promises, just specifics.
Encrypted everywhere
TLS 1.3 in transit, AES-256 at rest
Board-level isolation
Every request verified for access
No data selling
Your data is never shared or sold
Encryption
In transit
All data is encrypted with TLS 1.3 (HTTPS). We enforce HSTS with preload, ensuring your browser never connects over an unencrypted channel.
At rest
Your data is stored in Supabase (powered by AWS), which encrypts all data at rest using AES-256. Database backups are also encrypted.
Recordings
Audio and video recordings are stored in private Supabase Storage buckets. Files are encrypted at rest and accessible only through authenticated, time-limited signed URLs.
Who Can See Your Data
Board owners
Only the person who creates a board can manage its settings, create meetings, invite members, generate minutes, and delete the board. Board owners see all data for their boards.
Invited board members
Members you invite can view meetings, minutes, action items, and insights for the boards they belong to. They can mark their own action items complete. They cannot create meetings, manage settings, or see other boards.
Other users
Users who are not the board owner or an invited member cannot see any of your board data. There is no public discovery of boards, members, or meetings.
MinuteSmith staff
Our team does not access your board data unless you explicitly request support help. We have no 'browse all boards' feature. Database access is restricted to essential infrastructure operations.
AI providers
When you use AI-powered features (minutes generation, Ask AI, document parsing, audio transcription), the relevant data is sent to our AI providers (Anthropic for text, AssemblyAI or OpenAI for audio). These providers process your data per their enterprise terms and do not use it for training. No board data is shared with AI providers unless you actively use an AI feature.
Access Controls
Authentication
All accounts are secured with Supabase Auth (email + password or Google OAuth). Sessions use secure, httpOnly cookies with automatic refresh.
Board-level isolation
Every API request verifies that the requesting user is either the board owner or an accepted board member before returning any data. This check happens on every single endpoint.
Token-based features
Review links, action item completion links, and portal links use cryptographically random tokens. These tokens are single-purpose and do not grant access to other board data. Token endpoints are rate-limited to prevent enumeration.
Admin access
Administrative operations require HMAC-signed session tokens with short expiration. Admin endpoints are separate from user endpoints.
API keys
API keys are hashed with SHA-256 before storage. We never store or display your full API key after creation. Keys can be revoked at any time.
Infrastructure
Hosting
The MinuteSmith application runs on Railway (cloud PaaS). Our infrastructure is not directly accessible from the public internet.
Database
Your data is stored in Supabase (PostgreSQL), hosted on AWS in the United States. Supabase provides automated daily backups, point-in-time recovery, and connection pooling with SSL enforcement.
File storage
Documents and recordings are stored in Supabase Storage (S3-compatible), with private bucket policies. Files are never publicly accessible.
Network security
Our management infrastructure uses Tailscale (WireGuard-based VPN) with zero-trust networking. SSH access is key-only, with no password authentication. All management ports are firewalled from the public internet.
Monitoring
We use Sentry for error tracking (no PII in error reports) and automated health checks. Suspicious activity is logged and reviewed.
Application Security
Security headers
We enforce Content-Security-Policy, X-Frame-Options (DENY), X-Content-Type-Options (nosniff), Strict-Transport-Security (HSTS with preload), and Referrer-Policy.
Rate limiting
All API endpoints are rate-limited to prevent abuse. AI-powered endpoints have stricter limits. Token-based endpoints (review links, action completion) have dedicated rate limits to prevent brute-force attacks.
Input validation
All user input is validated and sanitized. We use parameterized queries through Supabase (no raw SQL). File uploads are validated for type, size, and content.
Dependency management
We use automated security scanning for dependencies and apply patches promptly. Our server runs unattended security upgrades with automatic reboot for kernel patches.
Your Data Rights
Data portability
You can export your meeting minutes as PDF at any time. Your data belongs to you.
Data deletion
You can delete individual meetings, boards, or your entire account. Deletion is permanent and removes all associated data including recordings, transcripts, and minutes.
No data selling
We never sell, share, or monetize your data. Your board meeting data is yours alone.
Retention
We retain your data as long as your account is active. If you cancel your subscription, your data remains accessible on the free tier. If you delete your account, all data is permanently removed.
AI & Transcription Data Handling
What is sent to AI
When you generate minutes, the meeting notes/transcript and board context (member names, board name) are sent to Anthropic's Claude API. When you upload audio, the file is sent to our transcription provider. Only the data needed for the specific feature is transmitted.
AI provider terms
Our AI providers (Anthropic, AssemblyAI) operate under enterprise terms that prohibit using your data for model training. Your board discussions are not used to improve AI models.
Local recording
When you use in-browser recording, the audio is captured and stored locally on your device (in browser storage) until you choose to submit it. No audio leaves your device until you explicitly click to transcribe.
Transcript storage
Transcripts are stored in your meeting record in the database, encrypted at rest. They are accessible only to the board owner and invited members, like all other meeting data.
Report a Security Issue
If you discover a security vulnerability, please report it responsibly.
[email protected]