This is a sensitive issue for both users and Admins/Owners of a communication server, whichever it may be, in the context of the encription debates. The question, therefore, has a very good timing.
Based on your company's policy, which all your empoloyees are bound by, or based on lawful requests, the owner of the account may have rights to access the content produced by his team's users that would otherwise be considered private.
Here is the security technology we use:
For call encryption (voice and video through webrtc) we use the DTLS-SRTP standard. Whereas at call level, the SIP signaling is encrypted through WSS (web socket secure).
Data encryption (for chat and files) is achieved through SSL (Secure Sockets Layer). Although each operation involving files in Hubgets is performed through SSL, they are not kept encrypted on the server, to facilitate the user's search process.