Security best practices for Granola meeting data. Use when implementing security controls, reviewing data handling, or ensuring compliance with security policies. Trigger with phrases like "granola security", "granola privacy", "granola data protection", "secure granola", "granola compliance".
Implements security best practices for protecting Granola meeting data and ensuring compliance.
/plugin marketplace add jeremylongshore/claude-code-plugins-plus-skills/plugin install granola-pack@claude-code-plugins-plusThis skill is limited to using the following tools:
Implement security best practices for protecting meeting data in Granola.
Audio Capture (Local Device)
↓
Encrypted Transmission (TLS 1.3)
↓
Processing Server (Transient)
↓
Encrypted Storage (AES-256)
↓
Access via App (Auth Required)
| Feature | Status | Details |
|---|---|---|
| Encryption at rest | Yes | AES-256 |
| Encryption in transit | Yes | TLS 1.3 |
| SOC 2 Type II | Yes | Certified |
| GDPR compliant | Yes | EU data options |
| Audio retention | Configurable | Delete after processing |
## Checklist
- [ ] Use strong unique password
- [ ] Enable 2FA (two-factor authentication)
- [ ] Review connected apps regularly
- [ ] Log out from shared devices
- [ ] Use SSO if available (Business/Enterprise)
| Share Level | Access | Use Case |
|---|---|---|
| Private | Owner only | Sensitive meetings |
| Team | Workspace members | Internal meetings |
| Link (View) | Anyone with link | Read-only sharing |
| Link (Edit) | Anyone with link | Collaborative notes |
Settings > Privacy > Default Sharing
- New meetings: Private (recommended)
- Auto-share with attendees: Off (for sensitive meetings)
- External sharing: Disabled (for compliance)
## Sensitive Meeting Checklist
- [ ] Disable auto-recording
- [ ] Confirm attendee list
- [ ] Review sharing settings
- [ ] Check for screen share visibility
- [ ] Consider using "Off the Record" mode
Settings > Privacy > Data Retention
Options:
- Keep forever (default)
- Delete audio after 30 days
- Delete audio after 7 days
- Delete audio immediately after processing
Recommendation: Delete audio after processing
(Notes are retained, raw audio is deleted)
## Delete Meeting Data
1. Open meeting in Granola
2. Click ... menu > Delete
3. Confirm deletion
4. Note: Deletion is permanent
## Bulk Deletion
1. Settings > Data
2. Export data (backup)
3. Select date range
4. Click "Delete meetings in range"
## Data Export Options
Formats:
- Markdown (.md)
- PDF
- Word (.docx)
- JSON (full data)
Export includes:
- Meeting notes
- Transcripts
- Action items
- Metadata
Does NOT include:
- Raw audio files
- AI model data
| Requirement | Granola Support |
|---|---|
| Right to access | Data export available |
| Right to delete | Full deletion option |
| Data portability | JSON export |
| Consent | Recording notifications |
| DPA available | Yes (Business plans) |
## Available Controls
- [ ] Enforce SSO login
- [ ] Set password policies
- [ ] Manage user permissions
- [ ] View audit logs
- [ ] Control external sharing
- [ ] Enforce 2FA
- [ ] IP allowlisting
Available Events:
- User login/logout
- Meeting recorded
- Notes shared
- Data exported
- Settings changed
- User added/removed
Proceed to granola-prod-checklist for production deployment preparation.
Expert guidance for Next.js Cache Components and Partial Prerendering (PPR). **PROACTIVE ACTIVATION**: Use this skill automatically when working in Next.js projects that have `cacheComponents: true` in their next.config.ts/next.config.js. When this config is detected, proactively apply Cache Components patterns and best practices to all React Server Component implementations. **DETECTION**: At the start of a session in a Next.js project, check for `cacheComponents: true` in next.config. If enabled, this skill's patterns should guide all component authoring, data fetching, and caching decisions. **USE CASES**: Implementing 'use cache' directive, configuring cache lifetimes with cacheLife(), tagging cached data with cacheTag(), invalidating caches with updateTag()/revalidateTag(), optimizing static vs dynamic content boundaries, debugging cache issues, and reviewing Cache Component implementations.