Changelog

April 2026

2026-04-08

GDPR compliance documentation published — Privacy Policy, Data Processing Agreement, Sub-Processor List, Technical and Organizational Measures (TOM) document, Record of Processing Activities (ROPA), and Breach Notification Procedure.

2026-04-06

Security and privacy hardening across the platform:

• File encryption at rest — AES-256-GCM chunked encryption (CHEF format) for all uploaded files
• Log pseudonymization — HMAC-SHA256 pseudonymization of usernames across all server logs
• Push notification sanitization — personal data removed from all FCM and APNs payloads
• Docker secrets migration — encryption keys moved from environment variables to mounted secret files
• Audit log retention — configurable retention with HMAC hash chain continuity
• Admin data export encryption — AES-256 encrypted archives with out-of-band password delivery

2026-04-05

Admin analytics dashboard for Enterprise tier — activity windows, bandwidth quota tracking, engagement metrics, and per-user statistics with configurable retention.

2026-04-04

GDPR data request pipeline — per-user export and deletion, configurable cooling-off periods, deletion receipts, legal hold enforcement, and self-hosted admin tooling.

March 2026

2026-03-24

SFU migration complete — legacy SIPSorcery media server removed, replaced with Pion Go sidecar for all WebRTC operations including desktop, mobile, and web clients.

2026-03-15

Recurring meeting series — cancellation, reschedule, per-occurrence threads, and join window guard. Unified expansion pipeline for meeting projections.

2026-03-01

Simulcast video — dynamic tier switching across desktop, mobile, and web clients with bandwidth-adaptive quality selection.