Interview data is more sensitive than typical HR data, and the SOC 2 Type II audit Metaview just closed is the certification built around that fact, not around the average HR-tech footprint.
Metaview has been SOC 2 Type II certified across the audit period ending Q1 2026. The Type I attestation, which evaluates whether the right controls are designed, was already in place. Type II tests whether those controls actually operated continuously over time. The shift from Type I to Type II is the shift from “we designed it correctly” to “the design held under audit, every day, for the audit window.” For enterprise procurement, that’s the difference between a check-the-box and a decision-ready certification.
This post is for the TA leader or IT partner who has to defend the procurement decision. It covers what changed, what the certification actually attests to, the Metaview-specific design choices the audit tested, and how the practical surfaces, like Transient Mode, show up for the recruiter who runs the platform every day.
What's actually different from Type I
| Attestation type | What it tests | Audit window | What it tells a buyer |
|---|---|---|---|
| SOC 2 Type I | Whether the right controls are designed | Point-in-time | The control framework is in place |
| SOC 2 Type II | Whether the controls actually operated effectively | Continuous, audit-period window | The controls worked, every day, under audit |
Type I is the design audit. Type II is the operating audit. For SaaS that touches sensitive data, Type II is the version enterprise procurement actually reads.
Why interview intelligence raises the bar
The default SOC 2 narrative is generic: encrypt the data at rest, log access, rotate keys, run the audit. That narrative was written for HR systems whose primary data is structured records: names, addresses, comp bands, performance ratings. Interview intelligence is a different shape of data.
Three reasons interview audio sits in a higher-sensitivity tier:
- Conversation content reveals more than records do. A captured panel conversation surfaces not just what a candidate did, but how they reason, what they’re flexible on, what they care about. The data is denser, and denser data demands tighter handling.
- The capture is bidirectional. Interview audio includes the interviewer as well as the candidate. That means employee data and candidate data sit in the same artifact, with different retention preferences for each.
- The use case for “don’t capture this one” is real. Sometimes a session shouldn’t be retained, full stop. Investigations, sensitive feedback conversations, executive-level calibration. The platform has to have a first-class answer for that case.
Metaview’s controls are designed for those three properties, not retrofitted from a generic HR-tech baseline.
What the certification covers
The audit covered Metaview’s production environment for the AICPA Trust Services Criteria across Security, Availability, and Confidentiality. The auditor is a Big-4 affiliated CPA firm. The audit window is twelve months ending Q1 2026.
The controls that operated continuously over that window include:
| Control area | What’s in place |
|---|---|
| Encryption | Captured audio and transcripts encrypted at rest and in transit. AES-256 at rest, TLS 1.2+ in transit |
| Region-specific storage | EU customer data stored in EU regions, US data in US regions. No cross-region transfer of raw interview content |
| Access controls | Role-based access to interview transcripts and structured outputs. Customer admins set the policy; Metaview cannot grant itself access |
| Sub-processors | Full sub-processor list published and updated. Each sub-processor evaluated against the same trust criteria |
| Incident response | Documented, tested, and operated continuously across the audit window. Notification SLAs defined per customer agreement |
| Retention and deletion | Customer-configurable retention windows, with deletion workflows that propagate to backups and sub-processors |
This isn’t lifted from the audit report. These are the controls the Type II window actually tested.
The Metaview design choices the audit tested
The reason the trust posture matters for a Metaview buyer is the design choices the audit attests to. Three are worth naming explicitly.
EU and US data residency
EU customer interview content is stored in EU regions. US customer content is stored in US regions. No raw interview audio or transcript crosses regions in the storage layer. The architecture isn’t “EU-friendly settings.” It’s a residency boundary the audit tested.
Role-based access to transcripts
Customer admins control who in their org can see interview transcripts and structured outputs. Metaview employees do not have standing access to customer interview content. Access for support cases is logged, time-bound, and customer-approved.
A customer's view
Once we did the demo, our legal team requested a lot of documentation. We have a rigorous internal AI-tool approval process.”
For enterprise customers, the SOC 2 Type II certification is the document the InfoSec partner asks for before the procurement conversation runs. At Brex, Metaview is scaled across every interviewer and recruiter, and a company-wide deployment like that runs through security review first. The Type II report is the artifact that closes it.
How this fits with the agentic recruiting platform
The Type II window is the trust foundation under everything Metaview has shipped since the Type I attestation: the intake and debrief notes launch, the AI Filters query layer, the MCP integration. Each of those is a new surface for the underlying interview-data layer, and each operates inside the same control framework the Type II audit tested.
The category-level point: the platform that captures the most sensitive recruiting data is the one that has to operate the most boring, well-tested, continuously-audited control framework. Type II is the proof that this is, in fact, how Metaview is operated.
Related launches
The Type II window is the trust layer under the most recent product surfaces. See also the intake and debrief launch, the SOC 2 Type I post for the prior milestone, and the 2026 Alignment Report for the data behind Metaview’s positioning.
Bring Metaview into your hiring stack.
Live notes, structured scorecards, and ATS sync - set up in under 10 minutes.
Frequently asked
What’s the difference between SOC 2 Type I and Type II?
Type I attests that the right controls are designed. Type II attests that the controls actually operated continuously over an audit window, typically twelve months. For enterprise procurement, Type II is the version that matters.
Where is EU customer interview data stored?
In EU regions. The raw interview audio and transcripts for EU customers don’t leave EU storage. This is a residency boundary the Type II audit tested, not a configurable setting.
What’s Transient Mode?
A capture mode that produces the structured notes from a meeting without persisting the raw audio or transcript. Used for sensitive sessions where the artifact is needed but the recording isn’t.
Who at Metaview can access customer interview transcripts?
Nobody, by default. Customer admins control access inside their own org. For support cases, access is logged, time-bound, and customer-approved.
Is ISO 27001 next?
Metaview’s trust roadmap is published and updated on request. The next milestone evaluation is underway; the Type II posture sits inside the same control framework that ISO 27001 builds on.
