Privacy Policy

1. Information We Collect

We collect information you provide directly (name, email via Google OAuth), information generated through use of the Service (meeting recordings, transcripts, notes, tasks, calendar events), and standard usage data (IP address, browser type, pages visited).

2. How We Use Your Information

We use your information to provide and improve the Service, process your meetings and generate AI summaries, send you account-related notifications, and respond to support requests. We do not sell your data to third parties.

3. AI Processing

Meeting audio and transcripts are processed using third-party AI services (including OpenAI and Deepgram) to generate summaries, tasks, and other content. These providers process data on our behalf under appropriate data processing agreements.

4. Google Integration

If you connect Google Calendar, we access your calendar events solely to display them within Crelyzor and to create meeting blocks you explicitly request. We do not read, store, or share your Google data beyond what is necessary to provide these features.

5. Data Security

We take the security of your data seriously. Meeting transcripts, AI summaries, and notes are encrypted at rest using AES-256-GCM. Encryption is applied per-user: each account has its own encryption key managed by Google Cloud Key Management Service (KMS). Encryption keys are never stored alongside your data.

When you delete your account, your encryption key is permanently destroyed. This means your encrypted data becomes cryptographically unrecoverable, even from our own backups. This practice, known as crypto-shredding, gives you a strong guarantee that deletion is final.

All data is transmitted over HTTPS. Access to production systems is restricted to authorised personnel, and we conduct regular security reviews. No system is 100% secure. Please report any suspected vulnerabilities to us immediately.

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, your data is permanently deleted within 30 days. You may export your data at any time from Settings.

7. Cookies

We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.

8. Third-Party Services

We use the following third-party services: Google OAuth (authentication), OpenAI (AI processing), Deepgram (transcription), and Recall.ai (meeting recording, Pro/Business plans only). Each is governed by their own privacy policies.

9. Your Rights

You have the right to access, correct, or delete your personal data. To exercise these rights, contact us at support@crelyzor.app. We will respond within 30 days.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notice. Continued use of the Service constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or data requests, contact us at support@crelyzor.app.