We understand how important security is to you, and we want to assure you that LiveKit Cloud, including the free tier, takes strong measures to protect your data for both callers and receivers: • All network traffic is carefully encrypted in transit using TLS 1.2 or higher, with media streams safeguarded via DTLS-SRTP. • By default, LiveKit does not store or record audio, video, or data streams. Analytics data is kept securely in encrypted form for up to 14 days. • We support end-to-end encryption (E2EE) on all plans, including the free tier, so your media stays encrypted from sender to receiver. Developers can implement E2EE using an external key provider for added peace of mind. • Identity and access controls are thoughtfully enforced through API keys, one-time secret keys, and JWT-based access tokens with role-based permissions to keep things safe. • LiveKit proudly meets SOC 2 Type II compliance, supports GDPR and HIPAA requirements, and undergoes regular third-party audits to maintain high standards. • Session participant data is anonymized with randomly generated identifiers unless you choose otherwise, helping protect your privacy. We hope this gives you confidence that your data is well protected while using LiveKit Cloud. If you have any questions or need further help, we're here for you every step of the way! Sources: LiveKit | LiveKit Security | End-to-end encryption | LiveKit Docs | Docs::Home | LiveKit