[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"blog-post-ru-/what-one-intermind-meeting-is-built-from":3},{"page":4,"surround":467},{"id":5,"title":6,"authors":7,"badge":10,"body":11,"date":456,"description":457,"extension":458,"heroOrder":459,"image":460,"meta":461,"navigation":462,"path":463,"seo":464,"stem":465,"__hash__":466},"blog/blog/what-one-intermind-meeting-is-built-from.md","What one InterMIND meeting is built from",[8],{"name":9},"The Mind.com Team","Sovereignty",{"type":12,"value":13,"toc":445},"minimark",[14,18,22,41,44,47,52,55,63,65,69,87,110,113,115,119,312,327,334,336,340,343,366,369,371,375,386,397,399,403,406,428,442],[15,16,6],"h1",{"id":17},"what-one-intermind-meeting-is-built-from",[19,20,21],"p",{},"Almost every product is built from the same default stack — the big proprietary SaaS defaults everyone reaches for. They're the frictionless path. At every layer where your meeting data actually lives, we took a different one: our own code, or open-source we could self-host.",[19,23,24,25,33,34,37,38],{},"This is the companion to ",[26,27,29],"a",{"href":28},"/blog/where-one-intermind-meeting-actually-runs",[30,31,32],"em",{},"Where one InterMIND meeting actually runs",", which mapped the ",[30,35,36],{},"geography"," — where each service executes and what data passes through it. This post answers what a security team asks next: ",[30,39,40],{},"what is this thing built from — and can we read it, audit it, and replace it?",[19,42,43],{},"Not where it runs — what it's made of, layer by layer.",[45,46],"hr",{},[48,49,51],"h2",{"id":50},"the-defaults-and-what-they-cost","The defaults, and what they cost",[19,53,54],{},"Every product is a stack of choices. For most products, most of those choices are made by default: Google Analytics, Firebase, the Google Translate API, Auth0, React. They're the frictionless path, and for most teams that's a reasonable call. The trade-off is that each one puts a part of your stack behind a vendor you can't read, can't audit, and can't leave without a rewrite.",[19,56,57,58,62],{},"We made a different choice at every layer where your meeting data actually lives: ",[59,60,61],"strong",{},"our own code, or open-source software we could self-host."," Where a layer doesn't touch the content of your meeting, we stay pragmatic and say so. Here's the whole picture.",[45,64],{},[48,66,68],{"id":67},"the-spine-the-engine-is-our-code-not-a-third-partys","The spine: the engine is our code, not a third party's",[19,70,71,72,79,80,86],{},"Start with the layer that matters most, because most of your meeting flows through it. Real-time transport and voice/chat translation both run on ",[59,73,74,78],{},[75,76,77],"code",{},"mind-sdk"," + the Mind API — our own engine, on OVH France."," The default way to build a translated meeting is to bolt a real-time SaaS (LiveKit) onto a translation API (DeepL, Google); we run neither in the live path. No third-party translation model is in the loop. (We do use DeepL — but only for documents dropped into chat, not the live voice/chat path; see the runtime map. We covered the pipeline mechanics in ",[26,81,83],{"href":82},"/blog/inside-the-translation-pipelines",[30,84,85],{},"Inside the four translation pipelines",".)",[19,88,89,90,93,94,96,97,103,104,109],{},"Here's the part that isn't in the runtime map: the SDK your meeting runs on is ",[59,91,92],{},"open source under the BSD 3-Clause license"," — the ",[75,95,77],{}," client is public at ",[26,98,102],{"href":99,"rel":100},"https://gitlab.com/mindlabs/api/sdk",[101],"nofollow","gitlab.com/mindlabs/api/sdk",", copyright MindMeeting OÜ, our Estonian IP entity. It speaks to the Mind API at ",[26,105,108],{"href":106,"rel":107},"https://api.mind.com",[101],"api.mind.com",", which we run ourselves on OVH France.",[19,111,112],{},"This isn't a \"look, but don't touch\" source-available arrangement. BSD 3-Clause is a permissive, OSI-approved license. Your security team can clone the SDK, read exactly how your audio and text are captured, framed, and streamed, and audit that integration against your own requirements. The server-side engine it talks to is ours — not a third party's black box — and a fully self-hostable engine for a tenant who needs it is on our roadmap, not something we offer today. We'll update this post the moment it ships.",[45,114],{},[48,116,118],{"id":117},"layer-by-layer-the-default-vs-what-we-run","Layer by layer: the default vs. what we run",[120,121,122,141],"table",{},[123,124,125],"thead",{},[126,127,128,132,135,138],"tr",{},[129,130,131],"th",{},"Layer",[129,133,134],{},"The usual default",[129,136,137],{},"What we run",[129,139,140],{},"Why it matters to you",[142,143,144,164,180,196,216,232,248,264,280,296],"tbody",{},[126,145,146,153,156,161],{},[147,148,149,152],"td",{},[59,150,151],{},"Real-time + translation engine"," (voice + chat)",[147,154,155],{},"LiveKit + a translation API (DeepL / Google)",[147,157,158,160],{},[75,159,77],{}," (BSD-3-Clause client) + our Mind API, OVH France",[147,162,163],{},"The heaviest data flow is our own engine, not a third-party model — and its client SDK is open and auditable",[126,165,166,171,174,177],{},[147,167,168],{},[59,169,170],{},"Frontend framework",[147,172,173],{},"React (Meta) / Next.js",[147,175,176],{},"Vue + Nuxt",[147,178,179],{},"Community-governed OSS — no single corporation owns the framework your UI rides on",[126,181,182,187,190,193],{},[147,183,184],{},[59,185,186],{},"Product analytics",[147,188,189],{},"Google Analytics",[147,191,192],{},"PostHog",[147,194,195],{},"Open-source, EU cloud, proxied first-party through our own domain — usage data doesn't flow into a third-party advertising platform",[126,197,198,203,206,213],{},[147,199,200],{},[59,201,202],{},"Fonts",[147,204,205],{},"Google Fonts CDN",[147,207,208,209,212],{},"Self-hosted (",[75,210,211],{},"@nuxt/fonts",")",[147,214,215],{},"No third-party font callout from the page your users load — a recurring GDPR finding, avoided",[126,217,218,223,226,229],{},[147,219,220],{},[59,221,222],{},"Authentication",[147,224,225],{},"Auth0 / Clerk / Firebase Auth",[147,227,228],{},"Self-run OIDC, federated to your Google / Microsoft",[147,230,231],{},"No auth middleman holds your sessions — you bring your own identity provider",[126,233,234,239,242,245],{},[147,235,236],{},[59,237,238],{},"Document translation",[147,240,241],{},"Google Translate",[147,243,244],{},"DeepL (Cologne)",[147,246,247],{},"Specialized EU vendor, German processing",[126,249,250,255,258,261],{},[147,251,252],{},[59,253,254],{},"Content / docs",[147,256,257],{},"Contentful / Sanity (headless CMS)",[147,259,260],{},"Nuxt Content (git-tracked markdown)",[147,262,263],{},"The words on our site live in our repo, not a vendor's database",[126,265,266,271,274,277],{},[147,267,268],{},[59,269,270],{},"Application database",[147,272,273],{},"Firestore / DynamoDB (proprietary)",[147,275,276],{},"Postgres (on Neon)",[147,278,279],{},"Open standard — portable to any Postgres host, no proprietary query API to rewrite",[126,281,282,287,290,293],{},[147,283,284],{},[59,285,286],{},"Object storage",[147,288,289],{},"Proprietary blob APIs",[147,291,292],{},"Tigris (S3-compatible)",[147,294,295],{},"Open protocol — recordings and exports are portable to any S3 store",[126,297,298,303,306,309],{},[147,299,300],{},[59,301,302],{},"CRM / sales",[147,304,305],{},"Salesforce / HubSpot",[147,307,308],{},"Pipedrive (Estonian)",[147,310,311],{},"Customer and deal records sit in an EU-domiciled CRM, not a US sales platform",[19,313,314,315,318,319,322,323,326],{},"Two threads run through that table. ",[59,316,317],{},"Open-source"," where the tool processes your data — so it can be audited, and in principle self-hosted. ",[59,320,321],{},"Open standards"," (Postgres, the S3 API, OIDC) where we depend on infrastructure — so nothing is locked to one vendor's pricing or compliance posture. Postgres can move to any Postgres host; storage can move to any S3 store; auth federates to the identity provider you already run. The last row sits on a third axis: the CRM holding customer records is ",[59,324,325],{},"EU-domiciled"," (Pipedrive, Estonian) rather than a US sales platform — not open-source, but not under US jurisdiction either.",[19,328,329,330,333],{},"A couple of these deserve a sentence more. PostHog is open-source and self-hostable; we run it on PostHog's EU cloud and proxy it first-party through our own origin, so the events aren't silently dropped by ad-blockers ",[30,331,332],{},"and"," don't transit a third-party analytics domain. Authentication never goes to a third-party auth SaaS that would sit between you and your sessions — we run the OIDC flow ourselves and federate to your existing Google or Microsoft identity. And the fonts on every page are served from our own domain; the only place Google Fonts appears in our codebase is an offline brand-asset script, never the app your users load.",[45,335],{},[48,337,339],{"id":338},"where-were-pragmatic-said-out-loud","Where we're pragmatic — said out loud",[19,341,342],{},"We don't pretend the whole stack is hand-rolled or non-US. It isn't, and a post that claimed otherwise would be contradicted by our own runtime map.",[19,344,345,346,349,350,353,354,357,358,361,362,365],{},"The plumbing — hosting and SSR (",[59,347,348],{},"Vercel","), the meeting server's compute (",[59,351,352],{},"Fly.io","), payments (",[59,355,356],{},"Stripe","), transactional email (",[59,359,360],{},"Resend",") — runs on US-domiciled SaaS. Stripe and Resend handle billing and invites and never see meeting content. Vercel and Fly are rented compute: our own code runs on them, and the meeting server on Fly does handle the live session and the transcript our digest reads — but that's our code on their machines, not a vendor product ingesting your meeting. All of it executes in the EU at runtime (the subject of ",[26,363,364],{"href":28},"the runtime map",").",[19,367,368],{},"That's a deliberate, bounded trade-off: own and open-source the data plane; use the best available SaaS for the control plane. Naming it is the point — \"sovereignty\" means little if the exceptions aren't on the table next to the wins.",[45,370],{},[48,372,374],{"id":373},"the-one-honest-gap-and-the-plan","The one honest gap, and the plan",[19,376,377,378,381,382,385],{},"There's one path where a proprietary, US-domiciled model still touches meeting-derived data: the ",[59,379,380],{},"post-meeting AI digest"," (topics, decisions, action items). It's produced by Google Gemini 2.5 Flash with an Anthropic Claude Sonnet fallback, reached through Vercel's AI Gateway. Real-time voice, real-time chat, and document translation do ",[59,383,384],{},"not"," go through it — the digest is a separate step that summarizes the transcript we already produced.",[19,387,388,389,392,393,396],{},"We named this gap in the runtime map and we're closing it the same two ways: an ",[59,390,391],{},"owner-controlled opt-out"," so the digest pipeline can be turned off entirely, and a ",[59,394,395],{},"self-hosted, open-weights summarization model on OVH"," (Kimi-class) to replace the external one. The point of the open-weights route isn't whose lab trained the weights — it's that open weights can run on infrastructure we control, which keeps it on the same open-and-self-hostable axis as the rest of the data plane. Both are on the roadmap, not shipped; we'll update this post when they land.",[45,398],{},[48,400,402],{"id":401},"why-this-matters-beyond-us","Why this matters beyond us",[19,404,405],{},"This isn't engineering for its own sake. The reason to build a stack this way shows up on your side of the contract:",[407,408,409,416,422],"ol",{},[410,411,412,415],"li",{},[59,413,414],{},"Auditable."," The SDK your meeting runs on is open-source code your security team can read, and the engine behind it is our own — not a third party's black box.",[410,417,418,421],{},[59,419,420],{},"Portable."," Open standards at every data layer — Postgres, S3, OIDC — mean no proprietary lock-in. What can be moved isn't tied to a single vendor.",[410,423,424,427],{},[59,425,426],{},"Self-hostable."," The open-standard data layers — Postgres, S3, OIDC — already run on infrastructure you control; a fully self-hosted translation engine is on the roadmap for the tenant who needs it.",[19,429,430,431,434,435,438,439,441],{},"This is the picture on 2026-06-07. We'll update it when the stack changes — a vendor swap, a layer rebuilt, the digest model replaced. The current configuration is verifiable in our open ",[75,432,433],{},"vercel.json",", our ",[75,436,437],{},"nuxt.config.ts",", and the BSD-3-Clause ",[75,440,77],{}," repository linked above.",[19,443,444],{},"If a layer here looks wrong, or your security review needs an answer this map doesn't give, write us. We'd rather correct a missing detail than have you find it in a code audit.",{"title":446,"searchDepth":447,"depth":448,"links":449},"",2,3,[450,451,452,453,454,455],{"id":50,"depth":447,"text":51},{"id":67,"depth":447,"text":68},{"id":117,"depth":447,"text":118},{"id":338,"depth":447,"text":339},{"id":373,"depth":447,"text":374},{"id":401,"depth":447,"text":402},"2026-06-07","A companion to our runtime map: not where your meeting runs, but what it's built from. The layer-by-layer stack — where we run our own code or open-source software, where we're pragmatic about proprietary SaaS, and why the engine most of your data flows through is our own code, with a public, BSD-licensed client SDK.","md",null,"/blog/what-one-intermind-meeting-is-built-from.svg",{},true,"/blog/what-one-intermind-meeting-is-built-from",{"title":6,"description":457},"blog/what-one-intermind-meeting-is-built-from","7LntThCL_4VvRS3QNWZC2LAaDMwEXTTCPR2meZXgroc",[459,468],{"title":32,"path":28,"stem":469,"description":470,"children":-1},"blog/where-one-intermind-meeting-actually-runs","A vendor-by-vendor map of which external services touch your meeting, where they execute, and what data passes through each. Including the one path that still leaves the EU at the vendor level — and what we're doing about it."]