01Who we are
MeetingViz ("MeetingViz", "we", "our", or "us") is a web application that transforms long-form text — meeting transcripts, reports, research notes, and other dense documents — into structured, shareable HTML visualizations using artificial intelligence.
This Privacy Policy describes how we collect, use, store, and protect information about you when you use the MeetingViz service available at www.meetingviz.com (the "Service").
By accessing or using the Service you agree to this Privacy Policy. If you do not agree, please do not use the Service.
02Data we collect
Account data
When you create an account we collect:
- Your email address (provided via Google OAuth or magic-link authentication)
- Your display name (you may set a custom display name after registering)
- Profile information provided by Google (name, profile photo URL) where you sign in via Google OAuth
- A unique internal account identifier
- Account creation timestamp and last-login timestamp
Usage data
We collect information about how you use the Service, including:
- Visualizations you generate, including the raw input text you submit and the HTML output we produce
- Templates and visual styles you select
- Credit balance, credit transactions, and purchase history
- Sharing settings you apply to each visualization (private, public, authenticated-viewer)
- Timestamps for creation, generation, and last modification of each visualization
Technical data
We automatically collect standard server-side technical data when you use the Service:
- IP address and approximate geographic location (country/region)
- Browser type, operating system, and device type
- Referring URL and pages visited within the Service
- Error logs and performance metrics
Payment data
All payment processing is handled by Stripe. We never receive or store your full card number, CVV, or bank account details. MeetingViz only stores the transaction reference, amount, credit quantity purchased, and timestamp provided to us by Stripe after a successful transaction.
03How we use your data
| Purpose | Data used | Legal basis |
|---|---|---|
| Authenticate you and maintain your session | Email, account ID, OAuth tokens | Contract performance |
| Generate visualizations from your input | Input text, template selection, style selection | Contract performance |
| Store and serve your visualization library | Generated HTML, metadata, sharing settings | Contract performance |
| Manage credit balance and process payments | Credit transactions, Stripe references | Contract performance |
| Operate shared visualization links | Generated HTML, sharing settings | Contract performance |
| Prevent fraud, abuse, and security incidents | IP address, account data, usage patterns | Legitimate interests |
| Improve the reliability and performance of the Service | Error logs, performance metrics | Legitimate interests |
| Comply with legal obligations | Account data, transaction records | Legal obligation |
We do not use your content to train, fine-tune, or evaluate any AI model — including the Anthropic Claude API we use for generation. Your input text is passed to the Claude API solely to fulfil your generation request and is not retained by MeetingViz beyond the scope of that request.
04Third-party services
We share data with the following third-party service providers as necessary to operate the Service. We do not sell your personal data to any party.
| Provider | Purpose | Data shared |
|---|---|---|
| Auth0 (Okta) | Authentication & identity management | Email, OAuth profile, session tokens |
| Anthropic | AI generation (Claude API) | Input text and generation prompts — not associated with your account identity |
| Stripe | Payment processing | Email, purchase amount; full card data is processed by Stripe directly and never reaches MeetingViz |
| Microsoft Azure | Cloud hosting & infrastructure | All Service data is stored and processed on Microsoft Azure |
We may disclose your information if required to do so by law, court order, or government authority, or to protect the rights, property, or safety of MeetingViz, our users, or the public.
05Your content
You own your content. The text you paste into MeetingViz and the visualizations generated from it remain your property. MeetingViz claims no ownership rights over your input text or the generated output.
You grant MeetingViz a limited, non-exclusive licence to store, process, and serve your content solely to provide you with the Service. This licence ends when you delete the content or close your account, subject to the retention periods described in Section 6.
Shared visualizations
When you publish a visualization as a public link, the generated HTML becomes accessible to anyone who has the URL. You are responsible for ensuring that publicly shared content does not include sensitive personal data belonging to third parties (for example, identifiable information in a meeting transcript).
Authenticated-viewer links restrict access to signed-in users, but those users do not need a paid MeetingViz account. You can remove a shared link at any time, which immediately revokes all access to that visualization.
06Retention & deletion
We retain your data for as long as your account is active or as required to provide the Service. Specific retention periods are:
- Active account data — retained while your account exists
- Individual visualizations — retained until you delete them from your library
- Credit and payment transaction records — retained until your account is permanently deleted
- Server logs and technical data — retained for up to 90 days
Account deletion
You can delete your account at any time from the Account page. When you initiate account deletion:
- All shared links are revoked immediately
- Your visualizations are marked for deletion and removed from your library immediately
- Your remaining credit balance is retained for 30 days
- All personal data — including credit and transaction records — is permanently and irreversibly deleted within 30 days
07Security
We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. Specific measures include:
- All data in transit is encrypted using TLS 1.2 or higher
- All data at rest is encrypted using AES-256
- Database access is row-level isolated — queries are scoped to authenticated user accounts and no user can access another user's data
- API keys and secrets (including the Anthropic API key) are stored in Azure Key Vault and are never exposed to the frontend or logged
- Authentication is delegated entirely to Auth0, which implements industry-standard security controls including brute-force protection and anomaly detection
- Payment data is never stored on MeetingViz infrastructure — all card processing occurs on Stripe's PCI-DSS-certified systems
No system is completely secure. If you discover a security vulnerability, please contact us at support@meetingviz.com before disclosing it publicly.
08Cookies
MeetingViz uses a minimal set of cookies required for the Service to function. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
| Cookie | Purpose | Duration |
|---|---|---|
auth0_session |
Maintains your authenticated session (set by Auth0) | Session / rolling 7 days |
__stripe_mid |
Fraud prevention (set by Stripe during checkout) | 1 year |
__stripe_sid |
Fraud prevention — session identifier (set by Stripe) | 30 minutes |
You may disable cookies in your browser settings, but doing so will prevent you from signing in or using any authenticated features of the Service.
09Your rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate data (your display name can be updated directly in the Account page)
- Erasure — request deletion of your data (you can delete your account directly from the Account page; we will process all remaining data within 30 days)
- Restriction — request that we restrict processing of your data in certain circumstances
- Portability — request a machine-readable export of your personal data
- Objection — object to processing based on legitimate interests
To exercise any of these rights, contact us at support@meetingviz.com. We will respond within 30 days. We may need to verify your identity before processing your request.
If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection authority.
10Children
The Service is intended for users who are at least 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child under 16, please contact us immediately at support@meetingviz.com and we will delete it promptly.
11Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and by displaying a notice in the Service at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.
Your continued use of the Service after the effective date of any update constitutes your acceptance of the revised Privacy Policy. If you do not agree to the changes, you should stop using the Service and delete your account.
12Contact us
If you have questions, concerns, or requests relating to this Privacy Policy or our handling of your personal data, please contact us:
Email: support@meetingviz.com
We aim to respond to all privacy enquiries within 5 business days.