The video and audio communication in a Whereby room is only visible to participants inside a room. It’s not possible for another user to listen in on room data unless they are present in the room themselves (which means they would be visible to everyone in the room). Because the room URL is a public URL, it’s possible for anyone who can guess a room name to enter an open room. If you want to prevent others from coming into the conversation, we recommend locking the room by clicking the Lock button in the room menu. After doing this no new participants will be able to enter the room without the owner’s permission. This is thanks to the Knock feature, where a user can ask to be let in, and the owner can the let them in or stop them from joining.
All communication between your browser and Whereby is transmitted over an encrypted connection (HTTPS using TLS). Real time messaging is done using encrypted WebSockets or polling using HTTPS. Video and audio transmitted in the service is sent directly between the participants in a room and is encrypted (DTLS-SRTP) with client-generated encryption keys. In some cases, due to NAT/firewall restrictions, the encrypted data content will be relayed through our server. We take pride in collecting and storing as little user data as possible in the service. No audio or video is ever stored on our servers. Chat history needs to be stored to be distributed across clients.
To control the room, we recommend Creating it so you become the owner of the room. As the owner you can keep the room locked at all times, so no one else can enter it.
As for saving data, we store as a little as possible about the user. Our main goal is to create a service that is fast and reliable, but also easy for new users to get started with as little information as possible. Basically, the only thing we are going to know about you is what you voluntarily tell us (e-mail address if you choose to create a room or sign up for Pro, background pictures/content for the room, etc). No video or audio is ever saved on our servers. Finally, we don’t partner with third-party vendors and sell user information for targeted marketing. We believe we are part of a team with our users and respect your privacy as any good team should. You can reference more of our security and privacy standards in our Terms of Service.