Stats
Actions
Tags
From granola-pack
Guides Granola security configuration: data encryption (AES-256/TLS 1.3), SOC 2/GDPR compliance, SSO/SCIM setup, sharing defaults, and retention policies.
How this skill is triggered — by the user, by Claude, or both
Slash command
/granola-pack:granola-security-basicsThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Granola achieved SOC 2 Type 2 certification in July 2025. It encrypts data with AES-256 at rest and TLS 1.3 in transit. Audio is transcribed server-side and not stored after processing. This skill covers security configuration, compliance posture, and organizational controls.
Granola achieved SOC 2 Type 2 certification in July 2025. It encrypts data with AES-256 at rest and TLS 1.3 in transit. Audio is transcribed server-side and not stored after processing. This skill covers security configuration, compliance posture, and organizational controls.
Audio Capture (your device)
│
├─→ Transmitted via TLS 1.3
│
▼
Granola Cloud (transcription)
│
├─→ Transcript generated (GPT-4o / Claude)
├─→ Audio DELETED after processing (not stored)
│
▼
Encrypted Storage (AES-256 at rest)
│
├─→ Meeting notes (your typed + AI enhanced)
├─→ Transcript text (stored, searchable)
├─→ Attendee metadata
│
▼
Your Device (local cache: cache-v3.json)
Key security properties:
cache-v3.json) contains meeting data on your device| Control | How to Enable | Plan Required |
|---|---|---|
| Google/Microsoft SSO | Default (social login) | All |
| Enterprise SSO (Okta, Azure AD) | Settings > Security > SSO | Enterprise |
| SCIM provisioning | Settings > Security > SCIM | Enterprise |
| Session timeout | Settings > Security | Enterprise |
| IP allowlisting | Contact Granola support | Enterprise |
Sharing defaults:
Settings > Privacy:
Default sharing: Private (recommended)
Auto-share with attendees: Off (enable per-folder instead)
External sharing: Disabled or Admin Approval Required
Public links: Disabled
Link expiration: 30 days (if external sharing enabled)
Data retention:
Settings > Data Retention:
Meeting notes: Organization policy (1-2 years typical)
Transcripts: 90 days (recommended for storage efficiency)
Audio: Deleted after processing (Granola default, not configurable)
AI training opt-out:
Settings > Privacy > AI Training:
Organization-wide opt-out: Enabled (Enterprise: enforced by default)
This ensures your meeting data is never used to train foundational models.
Granola records audio from your device. You are responsible for informing meeting participants:
Legal requirements by jurisdiction:
Calendar invite consent notice:
Note: This meeting will be recorded using Granola AI for note-taking
purposes. By joining, you consent to the recording and AI processing
of the discussion. Contact [your-email] to opt out.
| Framework | Granola Status | Evidence |
|---|---|---|
| SOC 2 Type 2 | Certified (July 2025) | Available on request |
| GDPR | Compliant | DPA available |
| CCPA | Compliant | Privacy policy updated |
| HIPAA | Not certified | Do not use for PHI without BAA |
| ISO 27001 | Not certified | Covered by SOC 2 controls |
GDPR requirements you must implement:
For confidential meetings (board discussions, HR, legal, M&A):
| Error | Cause | Fix |
|---|---|---|
| SSO login fails | SAML/OIDC misconfigured | Verify Entity ID and ACS URL with IdP |
| Cannot disable external sharing | Individual override | Set workspace-level policy to override user settings |
| Data export fails | Insufficient permissions | Request export access from workspace admin |
| Consent notice ignored | Not in calendar template | Add to organization's default calendar template |
The local cache file (~/Library/Application Support/Granola/cache-v3.json) contains meeting data in plaintext. For sensitive environments:
chmod 600 "$HOME/Library/Application Support/Granola/cache-v3.json"Proceed to granola-prod-checklist for production rollout preparation.
npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin granola-packManages Granola meeting data exports via local cache Python script, retention policies, GDPR/CCPA compliance, archival workflows, and data rights requests.
Implements TwinMind security best practices: on-device audio processing, encrypted cloud backups, microphone permissions, and data privacy controls. For API/Chrome extension integrations.
Creates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.