Security at Pipe
At Pipe, data security is a critical aspect. If you come across any security vulnerability in our platform, please do not hesitate to inform us so we can take prompt action and address the issue together.
Data Security
Encryption in transit
Pipe encrypts the data in transit. From the user that is making a recording all the way to our complimentary storage all data is encrypted in transit. The Pipe Platform will securely push the recording data to your storage using Amazon S3, Dropbox, SFTP and FTPS. The REST API and webhooks support https. More information about encryption in transit is provided in the Recordings Security section.
Encryption at rest
The Pipe Platform encrypts the data at rest. Our database, ingestion, and processing servers use LUKS to encrypt data at rest. The complimentary storage buckets hosted with Amazon S3 for the US1 & US2 regions encrypt data at rest with Amazon S3 managed keys (SSE-S3). The files hosted by us on Scaleway (EU2 and EU3) are encrypted at rest using Scaleway Server-Side Encryption with Object Native Encryption (SSE-ONE) which behaves similarly to Server Side Encryption with Amazon S3 managed keys (SSE-S3). For more information check out this section on the topic.
Historically the EU2 region’s storage did not encrypt at rest due to the limitations of our provider (Scaleway). This has now changed, as Scaleway implemented encryption for data at rest.
What this means for you:
- Any new recording stored in our EU2 storage will be encrypted at rest.
- Recordings stored in our EU2 storage prior to 16th of March, 2026 are not yet encrypted at rest.
- EU3 always used encryption at rest
Who has access to my data?
A limited number of our employees have access to customer data to provide customer support or to solve a technical issue. Our team follows a need-to-know basis and the principle of least privilege to keep access and permissions to only data that is required.
Furthermore, you should know that data collected through the Pipe Platform belongs to you, and we do not sell or transmit it to any third party. You can also export or permanently delete the recording data associated with your account.
You can opt not to collect PII data together with each recording, or delete it once the recordings are pushed to you.
Application Security
We follow best practices concerning application development and use https://pentest-tools.com to constantly monitor our front-facing properties. 3rd party security reports are duly reviewed.
Infrastructure Security
The Pipe Platform uses Hetzner and DigitalOcean to host the core of our infrastructure. Additional services are contracted from Amazon Web Services and Scaleway. We use 2FA and/or SSO on a need-to-access basis to sign in to the respective dashboards.