Built for your tenant, not around it.
summri.ai works inside your Microsoft 365 tenant's own governance boundary. We don't add a third-party meeting bot, we don't store transcripts in any provider that trains on customer data, and your minutes are encrypted with a key we control — not the cloud provider's.
Four things that matter most
AES-256-GCM at rest
Every transcript and minutes blob is encrypted with a 256-bit master key before being persisted. Per-row IVs. The database is also encrypted at the storage layer — defense in depth.
UK-hosted, self-managed
Application server and PostgreSQL run on our own UK-based VPS. Not on AWS, Azure, or any US hyperscaler. UK GDPR governs the operating company.
TLS 1.3 + strict CSP
HSTS preload, Strict-Transport-Security, content-security-policy locked to first-party scripts + Stripe + Microsoft + Sentry. No analytics scripts in the app.
DPA + GDPR aligned
Standard Data Processing Agreement available before contract. Sub-processors disclosed in the DPA. Article 28 obligations met by design.
Where your meeting data goes
Plain-language walkthrough so your IT team can sign off without a 30-page diagram.
- 1Microsoft 365 → Graph API → summri
Your Teams meeting transcript is generated by Microsoft inside your tenant. When ready, Microsoft notifies us via a webhook. We fetch the transcript over TLS 1.3 using the OAuth token your tenant admin granted.
- 2Transient processing via Anthropic Claude
The transcript is sent to Anthropic's Claude API to generate structured minutes. Anthropic does not retain or train on API content (their commercial terms). Processing happens in EU-routed data centres where possible. The request takes 30–60 seconds; nothing is persisted by Anthropic.
- 3Encrypted at rest on our UK VPS
Both the original transcript and the generated minutes are encrypted with AES-256-GCM using a key we manage, then written to PostgreSQL on our self-hosted UK infrastructure. Decryption only happens server-side when the authenticated owner views or exports the meeting.
- 4Email out via Microsoft Graph sendMail
“Minutes ready” notifications and the optional auto-email to attendees go through Microsoft 365 (Graph sendMail) from our own mailbox. SPF/DKIM/DMARC pass; we never spoof your domain.
Who else touches your data
Full list. Disclosed up front. Same list appears in our DPA verbatim.
Source of meeting transcripts (Graph API). Sends transactional email on our behalf via Graph sendMail.
Generates structured minutes from transcripts via Claude API. Does not train on or retain API content. Data Privacy Framework + SCCs in place.
Subscription billing. We share email + name + payment-method token. Never sees transcript or minutes content.
Error monitoring. PII is scrubbed from breadcrumbs before transmission (emails, tokens, transcript fragments masked).
Bounded by Microsoft 365. Not negotiable.
summri can only see what Microsoft's permission model already permits the signed-in identity to see. We never escalate, never bypass, never read outside the consent your tenant granted. This is the answer to almost every “but can it…” question your IT director will ask.
Individual / Professional
Delegated OAuth — summri uses YOUR Microsoft token, scoped to OnlineMeetings.Read + OnlineMeetingTranscript.Read.All. It can read transcripts of meetings you organise. It cannot read anyone else's. Revoke any time from Microsoft Account → Apps.
Enterprise (org-wide capture)
Tenant admin grants application permissions in a one-off PowerShell setup. Scope: that one tenant. summri can then read transcripts of any meeting any user in that tenant organises. Other tenants are untouched.
Cross-tenant meetings
If you're invited to a meeting hosted by a different tenant, summri can only read the transcript if THAT tenant has also granted summri permission. Microsoft Graph enforces this server-side — we couldn't read it if we wanted to.
Meeting-policy overrides
If your tenant's Teams transcription policy is disabled, no transcript exists for summri to read — full stop. Microsoft generates the transcript; we read what Microsoft made. Your existing meeting policy IS the access control.
As important as what we do
No bot in your meetings
No participant labelled summri. No awkward Otter-style join. Your customers don't see us; your meeting host doesn't have to manage consent prompts.
No third-party training data
We don't sell or share your content for model training. Anthropic doesn't train on it either (commercial API terms).
No silent recording
We rely on Microsoft's own meeting transcription, which requires the meeting organiser's standard Teams policy to allow it. We never bypass tenant controls.
No advertising pixels
The app loads no Google Analytics, no Meta pixel, no Hotjar, no third-party ad tech. Just Stripe + Microsoft + Sentry — all listed in our DPA.