Proton Meet - Privacy policy

This sub-policy is an integral part of the Proton Privacy Policy. It details the data processing activities specifically related to the creation and activity of your Proton Account when you use Proton Meet.

Account Activity: Proton Meet is designed with end-to-end encryption based on the Internet Engineering Task Force standard Messaging Layer Security (MLS), meaning Proton does not have access to the content of your meetings, including audio, video, screen sharing, or chat messages. All such data is encrypted on your device and can only be decrypted by meeting participants. Meeting authentication is secured using the Secure Remote Password (SRP) protocol, ensuring that Proton servers can verify participants without ever accessing meeting passwords. Meeting passwords are generated on the host’s device and are never transmitted to or stored by Proton servers, including when shared via meeting links. Proton Meet servers process only the minimum technical data necessary to provide the service, such as transient meeting identifiers and real-time data routing, but do not store meeting content or metadata such as participant lists or social graphs after the meeting ends. Proton does not have access to encryption keys or meeting passwords and therefore cannot decrypt or record meetings. Participants may join anonymously and are identified only by names they choose, which are end-to-end encrypted. Limited operational data, such as meeting creation and connection events, may be processed to maintain service functionality and security, but user data is never used for advertising purposes. Limited technical logs of past calls are kept temporarily for debugging purposes but do not store meeting content or metadata such as participant lists or social graphs after the meeting ends.

Data security: Proton Meet relies on infrastructure providers LiveKit Cloud to deliver real-time video conferencing. LiveKit Cloud handles the transmission and routing of data, but all meeting content, including audio, video, screen sharing, and chat messages, is end-to-end encrypted on the client side using Messaging Layer Security (MLS) before it leaves your device. As a consequence, the infrastructure only processes encrypted data and cannot access any meaningful user information.