Any change will be notified prior to change to any affected parties 8 weeks in advance. Any change is officially tracked in change log.
Meetric is fully equipped to ensure compliance with both GDPR and Schrems II requirements, underscoring our commitment to data privacy and security. Our corporate and operational base is in Sweden, with data storage and server infrastructure securely hosted in France by Scaleway.com, a hosting provider whose ownership is within the European Union. We rigorously adhere to a policy of engaging only with sub-processors that are based within the EU, ensuring an unbroken chain of compliance and data protection.
For entities that operate under implied consent frameworks, we continue to support the distribution of standard meeting invitations. These are complemented by pre-meeting reminders that thoroughly inform participants about the recording and analysis processes, seamlessly integrating consent into the usual meeting workflow.
Alternatively, for organizations necessitating explicit consent, Meetric offers a sophisticated landing page solution. This approach redirects participants to a consent page, providing them with multiple options to actively grant permission, thereby facilitating compliance with specific regulatory requirements.
Meetric employs stringent measures to safeguard your data, in strict accordance with GDPR regulations. This includes the encryption of data wherever feasible and adherence to best practice security guidelines—a testament to our dedication to data protection.
While Meetric provides comprehensive tools and resources to aid in GDPR and Schrems II compliance, it is imperative to note that the responsibility for compliance ultimately resides with the data controller. It is essential for controllers to ensure that all data is managed within the Meetric platform and that they are fully conversant with the regulatory obligations pertinent to their specific operational regions.
The regulations governing consent for recording conversations and data handling vary across the European Union and various states in the United States. The complexity of these regulations can be broadly categorized into two distinct sections:
For organizations like Meetric, navigating these regulatory landscapes necessitates a flexible approach to consent management, tailored to accommodate the varying legal frameworks of different regions. This includes implementing mechanisms for both active and passive consent, in alignment with local laws for recording, as well as adhering to GDPR standards for data storage and processing. Ensuring compliance with these regulations not only fortifies data privacy and protection measures but also reinforces the trust and confidence of users and stakeholders in the organization's commitment to lawful and ethical data practices.
Meetric prioritizes a streamlined consent process by initially adopting a passive consent mechanism, where meeting reminders are sent prior to the event. These reminders not only serve to inform participants about the forthcoming recording but also integrate a clear and concise text within the meeting invitation itself. This dual-notification approach ensures participants are fully aware of the recording practices, facilitating a transparent and effortless consent gathering process.
For instances necessitating an active consent framework, Meetric introduces the "Meetric links" feature. This option redirects participants to a landing page dedicated to active consent, where they must explicitly agree to be recorded before proceeding to the meeting. This method is tailored to accommodate diverse consent requirements and preferences, enhanced by offering a variety of consent options. By clearly informing participants in both the meeting invitation and through an active consent landing page, Meetric ensures comprehensive compliance and participant awareness across all scenarios.
See the example below:
Yes, Meetric incorporates a feature similar to a pop-up, offering an active consent landing page, which is in line with GDPR compliance.
Meetric is GDPR-compliant, emphasizing encryption and secure data storage within the EU. It ensures no personal data is stored or processed outside the EU or by non-EU based vendors. But getting concent from participants is a critical part but how its done is different based on your business.
Customers are responsible for obtaining the necessary consent from all meeting participants and ensuring their use of Meetric complies with relevant laws, including GDPR and any applicable US regulations.
Meetric requires an initial video recording to transcribe meetings, but the recording can be automatically removed after processing, allowing for the retention of transcripts and summaries without the video or the call.
For recordings made without proper consent, especially in all-party consent regions, Meetric recommends deleting these recordings and implementing the active consent page or other means to prevent future compliance issues.