Cloud Services and Storage
We use Google Cloud Platform, including Firebase, to manage user authentication, store user data, distribute our application, and run server-side functions for our applications. Google provides a highly secure network and computing environment. All data is encrypted in transit via HTTPS TLS 1.2 and stored on our servers under AES-256.
We aim to retain a minimum amount of customer data. For example, for each user we only retain data that is required to render that user to other users on the same team, such as name, availability, and profile picture.
Audio, Video, and Screen Share
We use Zoom as our sole vendor for audio, video, and data transmission for call data streams including screen share and text chat. Zoom uses 256-bit AES-GCM encryption for streams in transit between Zoom applications, clients, and connectors. Streams flowing between users’ Remotion apps are not decrypted until they reach the recipients’ devices. The encryption keys for each meeting are generated and managed by Zoom’s servers.
These call data streams are not recorded unless a user turns on call recording for a specific call. When call recording is enabled, a video file is retained on Zoom’s servers for seven days.
Access to your call metadata is limited to a few Remotion operations engineers, for whom access is essential. Access to this sensitive data is protected by two-factor authentication and is audited.
Analytics
We use the following analytics tools to better understand customer needs, troubleshoot, and inform our product roadmap:
Segment
Sentry
BigQuery
Google Analytics
Userlist
None of these services receive access to the audio, video, or other streaming data.
Backup and Recovery
We maintain daily backups of server data and can recover in under an hour.
Reporting Issues
Companies are able to report issues directly to security@remotion.com and we will troubleshoot as soon as possible.
If you have any questions about our security policy, please reach out to alexander@remotion.com.