Audited & independently tested

Private by design, provable by audit

Security isn't a setting you switch on. It's baked into how Nimbus routes, stores and forgets your data.

End-to-end encryption

Optional E2EE uses per-participant keys negotiated in the browser. Media never leaves a device in the clear.

Zero data retention

Rooms exist only while they're in use. Signalling metadata is discarded within minutes of a call ending.

Self-hosting

Deploy the whole platform inside your own network so no packet ever touches infrastructure you don't own.

DTLS-SRTP transport

Every media stream is protected with DTLS-SRTP and perfect forward secrecy over the WebRTC data path.

Granular access control

Lock rooms, require a knock-to-enter lobby, and revoke a participant instantly from the host panel.

Audit logging

Every admin action is written to an append-only log you can stream to your own SIEM in real time.

SOC 2 Type II
GDPR compliant
ISO 27001
HIPAA ready