Overview of Read AI
Read is trusted by the Fortune 500 companies, platforms, governments, NGOs, thousands of organizations and millions of individual users.
Read's mission is to make every human interaction meaningfully better, smarter, and happier starting with the hundreds of million people worldwide using video conferencing, email, messaging, and calendars.
Read was founded with a privacy and transparency first approach to measurement, aligning with the founders' past experiences at Placed, Foursquare, and Snapchat.
- Overview of Read AI
-
Privacy
- Does Read use customer data to train AI model?
- Does Read disclose customer data to third parties?
- Who can see my data? Is my data confidential?
- Can employees see my data?
- Deleting data
- Deleting data at the request of corporate IT
- Deleting your account
- Deleting your meeting report
- Deleting a Read meeting report owned by someone else
- Identifying Read users
- Security & Compliance
Please contact Support for a copy of Read's SOC2 Type 2 report, W-9 or other forms.
How can I (or how did I) create an account?
Creating an account with Read is a multi-step process that requires the user to either login with SSO (e.g. Microsoft, Google) or create a username and password. The onboarding process also requires a user to provide permission for Read to connect to their calendar.
- Created an account at read.ai to learn more about Read, include Read in your next meeting/email/message, or were shared a report that requires an account to view (set by the meeting report owner).
- Created an account for read.ai by installing the Read app, add-on, or extension on Zoom, Microsoft Teams, Google Meet, Microsoft Edge, and Google Chrome.
All together, this process requires several clicks and the user must consent to providing this access to Read. See more below:
How can I centrally manage Read users under a corporate account?
Read provides a mechanism to centrally manage licenses, users, settings, and permissions via our Workspace capability. Workspaces come included with any paid plan and are strongly recommended for any organization. This approach also simplifies billing to a single payment rather than handling payments across individual users.
- How do I start Workspace onboarding? (End-to-end guide)
- What is a Workspace?
- How do I set up a Workspace?
- What do Read's paid plans include for companies/groups in Workspaces?
- How does billing work with a Workspace?
- Workspace | Frequently Asked Questions
How does Read join meetings?
Integrating Read AI with your online meeting platform is as simple as connecting your calendar and then telling Read which meetings it should join. There's nothing required to download, install, update or maintain.
When it comes to meetings, Read will never attend a meeting unless the following steps occur:
- User creates an account on Read
- User connects a calendar to Read
- User has settings in place for Read to join a meeting
In no instance does Read join random meetings. Read has to be added by a user who has been invited to the meeting for the purpose of generating a meeting report.
Notifications in meetings
When joining a meeting, Read will do the following:
- Request permission to join from the host (varies depending on platform and settings).
- (Zoom) Once in the meeting, Read will attempt to request recording permissions if available.
- After joining the meeting, Read will appear as a named participant, where the host can remove at any time.
- Read will attempt to notify users in chat that it has joined the meeting, and a quick way to remove Read is to type "opt out" (varies if chat is enabled for the platform).
- Read will list the name(s) of who invited Read in the chat (varies if chat is enabled for the platform).
Stop read from joining meetings
There are several ways to stop or control which meetings Read joins:
Read makes it easy to delete your account with the click of a button from your Account Settings page. See this article for details:
- How do I delete my account?
- Why is Read still joining my meetings after I told it to stop or if I deleted my account?
Please note that due to Read's security policy, our support agents are not able to delete an account for you from a support request. Our policy requires that each user logs in and clicks the button themself so that we know they are the account owner.
Finally, multiple people can invite Read to meetings. This can sometimes cause confusion if one person disabled Read and didn't expect the app to join. Check the meeting's chat window for a message saying who invited Read.
Privacy
Read was founded with a privacy and transparency first approach to measurement. You can read more in our privacy policy and terms of service.
Does Read use customer data to train AI model?
The default is to opt-out, but users have a choice to opt-in to contributing their data into our models. You can read more in our privacy policy and terms of service. Contributing to our AI model is completely optional. We believe in giving you the power to decide how you engage with us.
Does Read disclose customer data to third parties?
No, Read does not sell user data, and will not share user data with third parties except as necessary to perform the functions of our business. For core business functions, Read may integrate customer metadata (name, email, etc) into systems like a CRM, email system or cloud computing provider, but Read does not share or sell this information for profit. A list of Read's subprocessors can be found here. You can read more in our privacy policy and terms of service.
Who can see my data? Is my data confidential?
Read does not publish data to the open internet, and by default, protects your meeting reports behind our account login system. Your data is kept private and only used to provide the service to you. You have full control of what gets shared with whom. You can read more in our privacy policy and terms of service.
As the owner of the meeting, you can control who the content is shared with. For example, you have the option to automatically share the meeting report with your participants or not to share with them. See this article for details on managing your automatic sharing settings for upcoming meetings, and this article for how to share or modify access to a report after it's been generated.
Can employees see my data?
Read uses a principle of least privilege. Under this policy, only certain internal technical staff may be granted temporary permission to access production systems in order to resolve operational issues or when otherwise granted permission by a user (e.g. via support ticket). In all cases, access permissions are logged and subject to both audit and automatic expiration.
Deleting data
Deleting your account or a meeting report where you are the owner will permanently remove all of your associated data from our servers, and this cannot be undone.
Deleting data at the request of corporate IT
Due to our privacy and security policy, we are not able to delete accounts or meeting reports at the request of a third party. If you need data deleted, you should contact the person who controls the Read account and ask them to delete it. (Instructions here.) According to our terms of service, Read is a service provider, and the data belongs to them as a user of Read.
Deleting your account
Read makes it easy to delete your account with the click of a button from your Account Settings page. See this article for details:
- How do I delete my account?
- Why is Read still joining my meetings after I told it to stop or if I deleted my account?
Deleting your meeting report
Meeting report owners can delete a meeting report:
Deleting a Read meeting report owned by someone else
Read would recommend that you reach out to the participant on the call who utilized Read, requesting they delete the meeting. Read posts a message in the meeting chat when it joins, which lists the name(s) of whoever invited it to the meeting. Also, if you received an email recap after the report, it will list the name of the report owner at the top. How do I see who invited or added Read to my meetings?
Similar to Zoom, Google, Teams, and Webex and their record functions, the user/host determines when Read is activated. Read does not automatically join meetings without being invited by the user. Just like how a video conference recording is controlled by the user, the same is the case for Read. To have your data deleted, please reach out to the user who owns the report and request they delete it. The steps to delete are as simple as going to the report and selecting "Delete Report" from the listed options.
Identifying Read users
Due to our privacy and security policies, we cannot disclose user information, nor delete or disable accounts at the request of third parties.
We recommend reaching out to whomever invited Read to your meetings (listed in the meeting chat) to ask they no longer invite Read (which they can do via Account Settings > Meeting Assistant > Join Preferences) or delete their account entirely (which they can do by clicking "Delete my account" at the bottom of their Account Settings).
Security & Compliance
Read uses industry best practices around security and has invested in regular SOC 2 audits and penetration tests. All data measured during video conference calls are encrypted during transmission and storage. Specifically, data captured is stored encrypted at rest within the AWS us-east-1 datacenter in Northern Virginia.
Retention policies are set by the user. Within our settings, a user can determine whether audio and video is saved for playback. If a user chooses not to retain audio and video for playback, no audio or visual data is retained by Read beyond the duration needed to reliably produce the meeting report. In addition, the user has the ability to delete their account or any individual meeting report at any time.
By default all meeting data is set to opt out as it relates to improving the product. An organization can opt-in, but requires manually going to the settings page and checking a box to contribute data to improve the product. Read uses AWS KMS and Secrets Manager to store keys and any pieces of sensitive application configuration. Access to each is determined per internal application/service and limited using a principle of least privilege.
Third party audit reports (e.g. SOC 2 Type 2)
Read has achieved Service Organization Control (SOC) 2 Type 2 certification. This means we follow best practices when handling and safeguarding your data by using the appropriate encryption algorithms, access controls, and monitoring tools.
For a copy of Read's latest SOC 2 report, please contact Support.
Encryption in transit and at rest
Read encrypts all data in transit with HTTPS with TLS 1.2, and encrypts all data at rest with AES-256.
User authentication and two factor authentication (2FA)
Every user with a Read account has the option to create an account using common SSO providers (Microsoft, Google, Zoom, etc), or by creating a username and password.
2FA can be set at the SSO level but is not enforced at via username/password. If this is a concern, the organization can enable SAML authentication and domain capture. Please see below.
Additional security features in Enterprise+
Read's paid Enterprise+ plan offers several additional security features commonly used by large IT organizations. (More details on the pricing page here.)
-
SAML Authentication: integrate with SAML providers like Microsoft Entra or Google Authentication to allow for centralized management of your users. (Docs here)
-
Domain Capture: enabling this feature allows organizations to prevent users on their domain(s) from creating new Read accounts unless they are invited to the Read Workspace. This helps an organization to control access to Read and prevent Free accounts being opened "in the wild".
- Data Retention Policy: automatically delete data after a certain number of days as specified by the organization. This is commonly used by organizations with compliance or tight security constraints.
If you purchase Enterprise+, please contact our support team to request enabling any of these extra features.
GDPR
With regard to GDPR, Read has many customers in the EU who have reviewed our capabilities and are comfortable that the functionality and features we provide meets GDPR's expectations including notification and opt-out features (varies depending on the platform). Users have full control over their account, with the ability to delete or download the data for each report, in addition to deleting the overall account. All of the data collected is only used for the purpose of providing the service to the user; by default, users are opted out of Read's Customer Experience Program. A list of Read's subprocessors can be found here.
HIPAA / BAA
Read is not issuing BAA's until we roll out a setting in Read to more directly support HIPAA requirements. This is tentatively scheduled for Q1 2025.
However, Read has a number of organizations in this category (HIPAA compliance requirement) that use Read. With the settings provided by Read, health organizations are able to customize to national and local legal requirements. This said, we leave it up to each organization to make sure the settings comply with their specific regulations.
These customers have reviewed our SOC 2 Type 2, along with Workspace settings, and confirmed that they are able to run a HIPAA compliant version of Read.