Consent & Compliance

Recording Consent

Do I need consent to record meetings?

Yes. In most jurisdictions, you need some form of consent to record conversations. The specific requirements vary by location:

One-party consent jurisdictions: At least one participant in the conversation must consent to recording (which can be you). This is the federal standard established by the Electronic Communications Privacy Act (ECPA).
Two-party/all-party consent jurisdictions: All participants must consent to recording. This applies in 11 states plus Washington D.C.

BuildBetter provides tools to help with consent management, but legal compliance remains your responsibility. We recommend consulting with your legal team regarding specific requirements for your location and use case.

How does BuildBetter help with consent notifications?

BuildBetter offers several consent tools:

Pre-call consent emails: Automatically sent 24 hours before the call, notifying participants that the call will be recorded and offering them the option to opt out. This can be configured in your account settings.
In-call consent pop-ups: When joining a call, participants see a clear pop-up indicating that recording is active, and they confirm their consent through the meeting platform (Zoom, MS Teams, Google Meet).
Visual indicators: Clear recording indicators in supported meeting platforms.
Chat messages: Automated consent messages in meeting chat.
Custom consent workflows: Enterprise customers can design custom consent processes.

These tools can be configured to match your organization’s compliance requirements and help ensure compliance with both federal and state-specific laws.

What if someone doesn't consent to recording?

If a participant doesn’t consent to recording, you should follow these best practices:

Stop or pause recording: BuildBetter allows you to pause or stop recording at any time
Offer alternatives: Suggest alternative ways to participate (e.g., written input)
Document objection: Note the objection in your records
Post-meeting editing: You can edit transcripts to remove content if needed

Participants can revoke consent by explicitly stating so or by leaving the call. For meetings in all-party consent jurisdictions, recording should not proceed without everyone’s consent.

Does BuildBetter record meetings automatically?

BuildBetter only records meetings according to rules you configure. You have complete control through:

Recording rules: Set criteria for which meetings to record
Calendar settings: Specify which calendars to monitor
Manual controls: Override automatic settings for specific meetings
Blacklist options: Exclude specific meeting types or participants

The system never records without your explicit configuration and permission, and always follows the consent workflows you’ve established.

Legal Compliance

Which countries/states require all-party consent?

All-party consent is required in various jurisdictions, including:U.S. States with all-party consent laws:

California
Connecticut
Florida
Illinois
Maryland
Massachusetts
Montana
New Hampshire
Pennsylvania
Washington
Nevada (despite its one-party stance in-person)
Washington D.C.

Countries with strict recording consent regulations:

Australia (varies by state)
Canada (for private conversations)
Germany
Switzerland
United Kingdom (for business purposes)

This list is not exhaustive, and laws change frequently. You can find detailed information about state laws on recording at:

Justia’s 50-state survey
MWL Law’s Recording Conversations Chart

Always verify current requirements for your jurisdiction.

Are transcription laws different from recording laws?

Courts have generally ruled that AI-powered transcription is treated similarly to recording, particularly in states requiring all-party consent. For example, California’s TranscriptionStar case under Penal Code §632 established that transcription services are subject to the same consent requirements as recordings.This means that BuildBetter’s transcription process must also be compliant with:

State-specific recording consent laws
Relevant data protection regulations like HIPAA and CCPA where applicable

BuildBetter’s compliance certifications (SOC 2, GDPR, HIPAA) ensure that both recording and transcription processes meet regulatory requirements.

How do I comply with GDPR when recording?

GDPR compliance for recordings requires several measures:

Legal basis: Establish a legal basis for processing (consent, legitimate interest, etc.)
Transparency: Clearly inform participants about recording before the meeting
Data minimization: Only record necessary meetings and content
Access controls: Limit access to recordings to those with a need to know
Retention limits: Set appropriate retention periods
Subject rights: Honor data subject requests (access, deletion, etc.)

BuildBetter provides tools to help with these requirements, including consent mechanisms, access controls, and retention settings. Our platform is fully GDPR compliant, giving you the necessary infrastructure to maintain compliance.

What are BuildBetter's compliance certifications?

BuildBetter maintains several key compliance certifications:

SOC 2 Type 2: Covering security, availability, and confidentiality
GDPR: Full compliance with European data protection requirements
HIPAA: Healthcare data protection (available for healthcare customers)
CCPA/CPRA: California privacy requirements

We also provide an AI Transparency Policy detailing how our AI technologies are used and how data is handled.These certifications ensure that BuildBetter’s data handling practices meet the highest standards for security and privacy. For detailed documentation, enterprise customers can request access to our complete compliance package.

Can BuildBetter help with compliance documentation?

Yes. BuildBetter offers several documentation features:

Consent logs: Records of notification delivery and acknowledgments
Access logs: Tracking who has viewed recordings
Processing records: Documentation of data processing activities
Retention tracking: Records of when data is deleted according to policies
Policy management: Tools to document and implement compliance policies

Enterprise customers have access to additional compliance reporting features and can request access to our detailed security documentation.

Privacy Controls

How can I protect sensitive information in recordings?

BuildBetter offers several content protection features:

Automatic PII detection: Identifies potentially sensitive information
Redaction tools: Remove sensitive content from transcripts
Custom vocabulary filters: Set specific terms for automatic redaction
Access restrictions: Limit who can view sensitive recordings
Export controls: Manage how content can be shared

These tools help protect sensitive information while preserving valuable insights.

Can I edit recordings after they're created?

Yes. BuildBetter provides several post-recording editing capabilities:

Transcript editing: Modify or remove specific content
Redaction: Obscure sensitive information
Segment removal: Delete portions of recordings
Custom exports: Create sanitized versions for sharing
Annotations: Add context or corrections

Editing capabilities help you maintain compliance while preserving valuable information.

How long are recordings stored?

Retention periods are customizable based on your requirements:

Starter plan: 30-day default retention
Professional plan: 90-day default retention
Enterprise plan: Custom retention policies

You can configure different retention periods for different meeting types or content categories. Automatic deletion occurs at the end of the configured retention period.

Who owns the data recorded in BuildBetter?

Your organization retains full ownership of all data recorded and processed in BuildBetter. As our founder Spencer puts it: “BuildBetter excels at a lot of stuff, but one of the big ones is I can confidently say that no other call recorder can: ‘it’s your data.’”Your data is:

Never used to train our AI models
Never shared with third parties without your explicit permission
Fully exportable at any time
Deletable at your request

BuildBetter acts as a data processor, not a data controller (unless specifically arranged otherwise), meaning you maintain ultimate control over your information.

Best Practices

What are the recommended consent practices?

Based on our experience and legal research, we recommend these consent best practices:

Advance notice: Include recording notices in meeting invitations and send pre-call consent emails (BuildBetter can automate this)
Verbal confirmation: Announce recording at the start of meetings
Visual indicators: Ensure recording status is visible to all participants
Opt-out option: Provide clear instructions for objecting to recording
Purpose explanation: Clearly state why recording is happening and how it will be used
Access transparency: Inform participants about who will have access to recordings

At a minimum, companies should notify all call participants about recordings. In many internal settings (like customer support or user research), consent may already be covered under broader corporate policies. However, BuildBetter’s layered consent system is designed to preempt any legal issues by verifying and displaying consent clearly at every stage.Following these practices helps build trust while maintaining compliance across jurisdictions.

How should we train our team on recording compliance?

Effective team training should include:

Policy education: Clear guidelines on when and how to record
Legal requirements: Basic understanding of applicable laws (federal one-party consent and state-specific requirements)
Consent procedures: Proper methods for obtaining and documenting consent
System training: How to use BuildBetter’s consent features
Scenario practice: Handling objections or special situations
Regular updates: Refreshers when policies or laws change

BuildBetter provides training materials and getting-started videos that you can customize for your organization. These resources are available at app.buildbetter.app/getting-started.

Should we have a recording policy?

Yes. We strongly recommend creating a formal recording policy that addresses:

When recording is permitted or required
Who has authority to initiate recordings
Proper consent procedures based on jurisdiction
Access and sharing restrictions
Retention and deletion schedules
Handling of sensitive information
Compliance with applicable regulations

Your policy should account for both federal standards (ECPA) and any state-specific requirements that apply to your operations. BuildBetter can provide policy templates as a starting point for your organization.For enterprise customers operating across multiple jurisdictions, we recommend a policy that defaults to the strictest applicable standards (typically all-party consent) to simplify compliance.

Risk Mitigation

What are the legal risks of recording meetings?

The primary legal risks associated with recording meetings include:

Compliance violations: Failing to obtain proper consent as required by state or federal laws
Privacy infringement: Recording confidential or sensitive conversations without appropriate safeguards
Data protection issues: Not properly securing or handling recorded content
Contractual breaches: Violating terms of employment or service agreements regarding confidentiality

BuildBetter’s multi-tiered approach minimizes these legal risks by:

Integrating federal one-party consent requirements as defined by the ECPA
Implementing additional measures to meet stricter state laws and all-party consent states
Providing robust consent acquisition workflows (pre-call emails and in-call notifications)
Ensuring participants are fully aware of and can manage their consent at any time

This comprehensive approach helps protect your organization while maintaining ethical recording practices.

What if we operate in multiple jurisdictions?

For organizations operating across multiple states or countries, we recommend:

Default to the strictest standard: Apply all-party consent rules to all recordings to simplify compliance
Implement location detection: Configure settings based on participant locations when possible
Document state-specific procedures: Maintain clear guidance for employees on jurisdiction-specific requirements
Regular policy reviews: Update procedures as laws change

BuildBetter’s platform can accommodate these multi-jurisdiction strategies while maintaining consistent user experiences and workflows.

Need compliance assistance?

Contact our compliance specialists for personalized guidance

General

Privacy & Security

Recording

Support

Consent & Compliance

Legal Compliance

Privacy Controls

Best Practices

Risk Mitigation

Need compliance assistance?

General

Privacy & Security

Recording

Support

​Consent & Compliance

​Recording Consent

​Legal Compliance

​Privacy Controls

​Best Practices

​Risk Mitigation

Need compliance assistance?

Consent & Compliance

Recording Consent

Legal Compliance

Privacy Controls

Best Practices

Risk Mitigation