docs(security): add guide for retrieving call artifacts from private storage

[stevenbdf]

Summary

• Adds a new page at security-and-privacy/retrieve-call-artifacts explaining how HIPAA-enabled orgs use their Private API Key to download recordings, call logs, video, and pcaps via authenticated, short-lived signed URLs (302 redirect from the Vapi API).
• Documents the seven GET /call/{id}/... artifact endpoints and includes curl -L examples for stereo recordings and call logs.
• Adds the new page to the Security and privacy section of docs.yml (right after HIPAA compliance) and cross-links it from the HIPAA page so impacted customers can find it.

Test plan

• Verify the new page renders in the Fern preview under Resources → Security and privacy → Retrieve call artifacts.
• Confirm the cross-link from the HIPAA page resolves to /security-and-privacy/retrieve-call-artifacts.
• Spot-check the endpoint table and example curl commands for accuracy against the API.

🤖 Generated with Claude Code

[github-actions]

🌿 Preview your docs: https://vapi-preview-55788104-90ba-4d37-b964-61d5f5a6f772.docs.buildwithfern.com