Privacy Policy

1. Information We Collect

Meeting Copilot collects information necessary to provide our AI-powered meeting assistance service:

• Account information (email, name)
• Meeting transcripts and audio (when you explicitly start recording)
• Documents you upload for meeting context
• Usage data and analytics

2. How We Use Your Information

We use your information to:

• Provide real-time AI suggestions during meetings
• Generate post-meeting summaries and action items
• Improve our service through machine learning
• Send important service updates

3. Data Storage and Security

Your data is encrypted at rest and in transit. We use industry-standard security practices including:

• End-to-end encryption for audio transmission
• Secure cloud storage with access controls
• Regular security audits
• SOC 2 Type II compliance (in progress)

4. You Control Your Data

You have full control over your data:

• Explicit start/stop controls for recording
• Configurable transcript retention periods
• Ability to delete meetings and transcripts
• Export your data at any time
• Request complete data deletion

5. No Background Listening

Meeting Copilot only records when you explicitly press "Start Meeting". There is no background listening or recording outside of active meeting sessions.

6. Data Retention Policies

We retain your data only as long as necessary to provide our service and comply with legal obligations:

• Meeting Transcripts: Retained according to your configured retention period (default: 90 days). You can adjust this in your settings or request immediate deletion.
• Account Data: Retained while your account is active. Deleted within 30 days of account deletion request.
• Payment Records: Retained for 7 years as required by tax and accounting regulations.
• Analytics Data: Aggregated, anonymized usage data retained for up to 2 years for service improvement.

You can request deletion of your personal data at any time, subject to legal retention requirements.

7. Third-Party Data Processors

We use trusted third-party services that process your data on our behalf. All processors are bound by strict data processing agreements (DPAs) and comply with GDPR requirements:

• OpenAI - AI processing and transcription services. Data is processed according to OpenAI's DPA and is not used to train their models.
• Stripe - Payment processing. Handles payment information securely and is PCI-DSS compliant.
• Supabase - Secure cloud database and storage. Data is encrypted at rest and in transit, hosted in GDPR-compliant data centers.
• Google Analytics - Website analytics (only with your consent). Data is anonymized and used to improve our website experience.

These services are contractually prohibited from using your data for their own purposes and must comply with our data protection standards.

8. Your Data Rights (GDPR)

Under GDPR and other privacy laws, you have the following rights:

• Right to Access: Request a copy of all personal data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data (subject to legal requirements).
• Right to Data Portability: Export your data in a machine-readable format.
• Right to Object: Object to processing of your data for certain purposes.
• Right to Restrict Processing: Request limitation of how we process your data.

To exercise these rights, visit our Data Management page or contact us at support@meetingcopilot.ai.

9. Cookie Usage

We use cookies and similar technologies to:

• Remember your cookie preferences
• Analyze website usage (with your consent)
• Improve website functionality

You can manage your cookie preferences at any time using the cookie consent banner. Essential cookies are required for the website to function and cannot be disabled.

10. Contact Us

For privacy questions, data requests, or to exercise your data rights, contact us at support@meetingcopilot.ai.

We respond to all privacy requests within 30 days as required by GDPR.