Privacy Policy

1. Data We Collect

We collect the following categories of data:

1.1 Data you provide directly

• Account information (name, email, password, role, organization)
• Project information (project descriptions, metadata, members)
• Documents you upload (PDF, DOCX, spreadsheets, slides, etc.)
• Meetings and audio recordings for transcription
• Transcripts and speaker segmentation
• Manual notes, comments, tags, and decisions within the platform
• Deliverables you create (reports, summaries, exports)

1.2 Data collected automatically

• Device & OS information
• IP address & location (inferred from IP)
• Browser type & version
• Activity logs (timestamps, actions, errors)
• Performance metrics
• Session analytics

1.3 Cookies & tracking

We use cookies and similar technologies for:

• Essential site functionality
• Authentication
• Analytics (only with consent)
• Performance tracking
• Preference storage

See Section 10 – Cookies for details.

2. How We Use Your Data

We use your personal data strictly for the following purposes:

2.1 To provide and operate the Service

• Manage your account
• Process documents, meetings, transcripts
• Generate AI outputs (summaries, insights, context, actions)
• Maintain project context graph

2.2 To improve the product

• Feature usage analytics
• Error & crash diagnostics
• Performance optimization

2.3 For communication

• Customer support
• Operational emails (alerts, billing, updates)
• Security notifications

2.4 For legal and security purposes

• Fraud prevention
• Access monitoring
• Compliance with legal obligations

3. AI Processing & Data Usage

Perceptio uses AI models to process data, including:

• Transcription
• Summarization
• Semantic search
• Project context mapping
• Smart action generation and deliverables

We apply strict rules:

3.1 Your data is NOT used to train public models

• We never use your data to train upstream foundation models (OpenAI, Anthropic, etc.)
• We never sell or share data with AI providers outside processing agreements

3.2 Your data may be processed by models for inference

Strictly to operate the Service, including:

• Converting speech → text
• Extracting key insights
• Generating structured outputs

3.3 You retain ownership of all inputs and outputs

All content you upload and all results generated from your content remain your property.

4. Legal Bases for Processing (GDPR)

We rely on the following lawful bases:

• Contract performance: delivering the Service you subscribed to
• Legitimate interest: improving Service security, detecting abuse, internal analytics
• Consent: cookie usage, marketing communications
• Legal obligation: record-keeping, tax compliance

5. Sharing of Personal Data

We only share data with:

5.1 Sub-processors

Third-party providers necessary to operate Perceptio, such as:

• Hosting (e.g., Vercel, OVH)
• Database & storage providers
• Email delivery
• Analytics (only with consent)
• AI inference providers

A full updated list is always available in our Trust Center.

5.2 Legal authorities

Only if required by law or valid court order.

5.3 Never shared or sold

• We never sell personal data
• We never share data with advertisers
• We never monetize user data

6. International Data Transfers

If personal data is transferred outside the EU/EEA/UK, we ensure adequate protection via:

• Standard Contractual Clauses (SCCs)
• UK Addendum / IDTA
• Adequacy decisions
• Or other legally recognized mechanisms

7. Data Retention

We retain data only as long as necessary for the purposes described in this Policy:

• Account data: until account deletion
• Project data: duration of subscription + 12 months (unless requested otherwise)
• Meetings & transcripts: according to your workspace-level retention settings
• Backups: retained for ~30-90 days depending on system architecture
• Billing data: up to 10 years (legal requirement)

You may request deletion at any time (Section 8).

8. Your Rights

Depending on your jurisdiction (GDPR, CCPA, LGPD…), you may exercise the following rights:

GDPR / UK GDPR / LGPD

• Right of access
• Right to rectification
• Right to deletion ("right to be forgotten")
• Right to data portability
• Right to restrict processing
• Right to object
• Right to withdraw consent

CCPA / CPRA (California)

• Right to know
• Right to deletion
• Right to correct
• Right to opt-out of "sale or sharing" of data
• Right to non-discrimination

9. Security Measures

We implement strong technical and organizational measures, including:

• Encryption in transit (TLS 1.2+)
• Encryption at rest (AES-256)
• Secure isolation between tenants
• Strict access control and least-privilege policies
• Regular penetration testing
• Audit logs & anomaly detection
• Multi-factor authentication (MFA)
• SSO (SAML, OAuth) for eligible plans

See our Security & Compliance / Trust Center for more details.

10. Cookies and Tracking

10.1 Types of cookies

• Essential cookies (authentication, security, navigation)
• Analytics cookies (optional)
• Performance cookies
• Preference cookies

10.2 Consent

In regions where required (EU, UK), you will see a cookie consent banner allowing:

• Accept all
• Reject all
• Customize

10.3 Opt-out (US)

A "Do Not Sell or Share My Personal Information" link is available via the Trust Center.

11. Children's Data

The Service is not intended for individuals under 16 years old.

We do not knowingly collect children's personal data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

If changes are significant, we will notify you via email or in-app notification.

Continued use of the Service after updates constitutes acceptance.

13. Contact Information

For any question, request, or complaint regarding this Policy: