How Secure are My Videos on MixStage™?

All files and data are hosted on Google-protected servers and secured by Google Firebase authentication.

For more details on their security protocols, visit the following links:

Only users invited to a session can join but cannot directly access the uploaded files.

Files are accessed in session through short-lived signed URLs instantly revoked when a user leaves a session.

Session owners and moderators fully control who can view and interact with the content.

Moderators have complete control over session access and can revoke invitations at any time.

If a user’s access is revoked before they join the session, they will be blocked from entering.

If a user is in a session and their access is revoked, they will be removed immediately.

The owner fully controls file actions.

Files can only be viewed in a screening room where the owner has loaded them for review.

If a file has been shared for file-based review, the owner can revoke access with immediate execution.

No session participant can download files. The files are securely streamed using signed URLs.

We use Google Analytics with custom events to log when a user logs in and out of a screening room and store information about markers dropped and chat messages sent.

This provides detailed audit logs for admins to view and ensures greater visibility into platform activity.

All data is stored on Google-powered servers, protected by Firebase authentication and access rules, with no third-party access.

Our service is built on Google infrastructure that complies with ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, and SOC 3 standards.

All files are encrypted at rest, and communications between servers and between server and client are encrypted using TLS/SSL.

Client-to-client communications are encrypted using SRTP/DTLS.

All streams are end-to-end encrypted to ensure the highest level of security.

All interactions with MixStage™ servers use SSL/HTTPS.

User data is encrypted using AES-256-bit key encryption, ensuring robust data protection.

Users consent to activity logging, which provides detailed audit logs for admins and customers.

MixStage™ regularly employs penetration testers for security scanning to ensure ongoing protection.

Level 2 (Optional/Add-on): Requires two-factor authentication, email verification, and a PIN code sent to a registered phone.

Level 3 (Optional/Add-on): Adds a new PIN code requirement each time a moderator switches which video is played back.

Level 4 (Optional/Add-on): This option uses a separate encryption key supplied by MixStage™ or the customer and disables shareable room links except for whitelisted domains.