Flipbase

Developer docs

Security and data residency

Where videos are stored, how they are encrypted, who can access them, and what the legal contract covers.

Flipbase stores video moments in the EU on AWS infrastructure. Data is encrypted in transit (TLS 1.2 minimum) and at rest (AES-256). Each customer's data sits in a logically isolated workspace tied to their organization id.

Hosting and residency

  • Primary region: EU (eu-central-1, Frankfurt). All video files, thumbnails, and metadata live here.
  • CDN delivery: CloudFront EU edge nodes for player playback. Videos do not transit outside the EU.
  • Database: managed Postgres in the EU. Metadata about video records (status, duration, dimensions, candidate name if supplied) lives here.

Encryption

  • In transit: TLS 1.2 or higher for all browser-to-Flipbase and partner-to-API traffic.
  • At rest: AES-256-GCM on the underlying S3 buckets. Keys managed via AWS KMS.
  • Player playback: signed URLs with short expiry (default 3600s). Direct file access without a current signed URL returns 403.

Access control

Collections (the grouping of videos in your account) can be set to secure_mode = true. Videos in a secure collection require a per-request signature to play, generated by your backend using your API secret. This is the recommended posture for any candidate-facing video.

API access is gated by an api_key + api_secret pair. Every authenticated request includes a signature derived from the secret, the request body, and a timestamp. See the API reference for the exact signing scheme.

Retention

Default retention is set per collection via delete_after_days. Videos older than the threshold are hard-deleted from object storage and removed from the database. You set the value, Flipbase honors it.

For GDPR right-to-erasure requests, a single API call deletes the video record and the underlying file. The deletion is irreversible and happens within minutes.

Legal contract

Flipbase signs a Data Processing Agreement with every customer before any production traffic. Standard contractual clauses and the sub-processor list are part of the agreement.

Read the full DPA:

Data processor agreement

What we don't do

  • We do not score, rank, or profile candidates. There is no AI evaluation layer on the platform.
  • We do not train AI models on customer videos.
  • We do not sell anonymised aggregates of candidate data.
  • We do not share video moments with anyone outside the customer's organization without an explicit signed authorization.

Ready to call the API?

The full reference is on Postman. To actually call it you need an api_key + api_secret + sandbox organization. Reply within one working day.

Open the API referenceRequest API credentials