ZoomClawZoomClaw

Privacy Policy

Last updated: February 12, 2026

1. Information We Collect

We collect the following categories of information:

  • Account information: Name, email address, and profile picture provided through Google OAuth when you sign in.
  • Meeting metadata: Meeting URLs, start/end times, and duration for usage tracking and billing.
  • Real-time meeting data: Audio transcriptions and AI-generated responses are processed in real-time during meetings. We do not permanently store meeting audio recordings.
  • Billing data: Payment information is processed and stored by Stripe. We store only your Stripe customer ID and subscription status.
  • Usage data: Anonymous analytics collected via Vercel Analytics (page views, geography, device type).
  • Guest identifiers: A randomly generated cookie-based ID for anonymous visitors to enforce free-tier usage limits.

2. How We Use Your Information

  • To provide and operate the Service (join meetings, transcribe, generate AI responses).
  • To manage your account and process billing.
  • To enforce usage limits and prevent abuse.
  • To improve the Service and fix bugs.
  • To communicate with you about your account or the Service.

3. Third-Party Services

We use the following third-party services that may process your data:

  • Zoom — Meeting platform integration (subject to Zoom's Privacy Policy).
  • Recall.ai — Meeting bot infrastructure for joining calls and receiving audio streams.
  • OpenAI — AI model provider for text-to-speech and vision features.
  • Stripe — Payment processing (subject to Stripe's Privacy Policy).
  • Vercel — Hosting and analytics.
  • Neon — PostgreSQL database hosting.
  • Google — OAuth authentication provider.

4. Data Retention

  • Meeting audio: Not permanently stored. Processed in real-time and discarded.
  • Meeting metadata: Retained for up to 90 days for usage tracking and billing reconciliation.
  • Account data: Retained for the lifetime of your account. You may request deletion at any time.
  • Guest cookies: Expire after 1 year. Contain only a random identifier — no personal information.

5. Data Security

We implement industry-standard security measures including:

  • HTTPS/TLS encryption for all data in transit.
  • HttpOnly, Secure, SameSite cookies for session management.
  • Cryptographic webhook signature verification for all third-party integrations.
  • Environment variable isolation — secrets are never exposed to the client.
  • Rate limiting on all API endpoints.
  • Session ownership verification to prevent unauthorized meeting access.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Export your meeting history and usage data.
  • Withdraw consent for data processing (by deleting your account).

To exercise any of these rights, contact us at support@zoomclaw.com.

7. Cookies

We use the following cookies:

  • Session cookie (better-auth.session_token) — Required for authentication. HttpOnly, Secure, SameSite=Lax.
  • Guest ID cookie (zc_guest) — Used to track anonymous usage limits. HttpOnly, Secure, SameSite=Lax. Contains only a random UUID.

We do not use advertising cookies or third-party tracking cookies.

8. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a revised "Last updated" date. Your continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related questions or requests, contact us at support@zoomclaw.com.