Privacy Policy

1. Introduction

Welcome to Optiverse’s Privacy Policy. This document outlines what information we collect when you use Optiverse's site, services, products, and content (“Services”). It also details how we store, transfer, use, and delete that information, along with your rights and choices concerning your information. This policy applies to Optiverse’s online meeting recording & transcription tool, including the website and web applications, and other Optiverse websites (collectively “the Websites”), as well as other interactions (e.g., customer support conversations, user surveys, and interviews) you may have with Optiverse. Optiverse acts as a Data Controller, determining the purposes and means of processing personal data. For content and data that you upload or make available through the Service (“User Content”), you are responsible for ensuring that this content complies with our Terms of Service and does not violate other users' privacy.

Optiverse's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

  1. Data Collection

We at Optiverse are committed to safeguarding the privacy of our users. Our business model is to provide a paid service to users who need to record, index, and store meeting recordings, and does not rely on widespread collection of general user data. We will only collect and process information that we need to deliver the service to you and to continue to maintain and develop the service.

Google API Data

Optiverse's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. For more details, visit Google API Services User Data Policy.

Scope Justification:

  • Scope Requested: https://www.googleapis.com/auth/calendar.readonly

    • Purpose: We require read access to the user's calendar to fetch existing meetings and events.

    • Justification: This scope allows our app to help users organize their meetings through the Optiverse interface by showing their schedules, meeting details, and enabling them to allocate meetings to templates and retrieve essential meeting links.

    • Narrower Scope Insufficiency: A narrower scope would not provide the necessary details to function optimally, thus compromising the user experience.

Usage Information

When you interact with our Services, we collect and process metadata to provide additional context about how the Service is being used. This includes your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. The source of the usage data is our server software and our analytics tracking system.

Product Analytics Data

Optiverse logs activities by you and other users when you interact with our websites or apps, such as when a page or a meeting room is visited, or where there is a conversation. We will never access the content in conversations unless explicitly requested by the user who recorded this content with our Services.

Video Recordings

We alert participants via email/calendar notification or chat message when they join meetings if you are recording a meeting with our service. Participants have the option to leave the meeting. As you are using Optiverse to record meetings, you are responsible for collecting consents from all participants in the meeting prior to starting the recording. The transcript, which may also contain personal data, is treated the same way as the video recording. Video recordings and transcripts will not be accessed by Optiverse, unless explicitly requested by the user who created such recordings with Optiverse.

Technical Log Data

Like most digital services, our servers automatically collect information when the Websites or Services are accessed or used and record it in log files. This log data may include Internet Protocol (IP) addresses, the address of the web page visited within the Services, browser types and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences, and cookie data.

Device Information

Optiverse may collect and process information about devices used to access the Services, including the type of device, operating system used, device settings, application IDs, unique device identifiers, and crash data. The extent of information collected depends on the type of device used and its settings.

Cookies

Optiverse uses cookies on the Optiverse Site and other aspects of the Optiverse Services. Cookies, including local shared objects, are small pieces of information that are stored by your browser on your computer’s hard drive which work by assigning your computer a unique number that has no meaning outside of the Optiverse Services. Most web browsers automatically accept cookies, but you can usually configure your browser to prevent this. Not accepting cookies may make certain features of the Optiverse Services unavailable to you. By using our Services, you agree to our use of cookies to fulfill our service agreement with you.

Location Information

We receive information from you and other third parties that helps us approximate your location. For example, we may use a business address submitted by your employer or an IP address received from your browser or device to determine approximate location. Optiverse may also collect location information from devices in accordance with the consent process provided by your device. The legal basis for this processing is our legitimate interests as per GDPR art. 6 (1) item f, namely using this data for the purpose of ensuring the proper administration of our Website and business, analyzing the use of the website and services, monitoring and improving our Website and Services, improving the user experience, preventing abuse, and assisting users with support inquiries.

Customer Support Information

We may process information that you send to us should you choose to submit a ticket to our customer support. If you contact us, we may use your Account, Transaction, or Usage Information to respond. Processing this information is required for performing the contract we entered into with you, as per our Terms of Service, as well as our legitimate interest in handling your requests, in accordance with GDPR art. 6 (1) item f.

Product & Marketing Communication

We may process information that you provide to us for the purpose of subscribing to our email newsletters. If you have given us your consent, we may use your information to send you relevant product information or newsletters. You can opt out by contacting us at Contact@optiverse.ai. The notification data may be processed for the purposes of sending you relevant product information or newsletters. The legal basis for this processing is your consent as per GDPR art. 6 (1) item a.

Transaction Information

Customers who choose to purchase a paid version of the Services provide Optiverse (and our payment processors) with billing details such as credit card information, billing email, banking information, location at the time of the transaction, and/or a billing address. The transaction data may be processed for the purpose of supplying the purchased services and keeping proper records of those transactions. This data may be used to deliver the Services to you. Processing this information is required for fulfilling the contract we entered into with you, as per our Terms of Service, in accordance with GDPR art. 6 (1) item b. Additionally, this information needs to be retained to comply with accounting and tax regulations, as stipulated by GDPR art. 6 (1) item c.

Service and Transactional Notifications

Sometimes we will send you emails about your account, service changes, or new policies. You cannot opt out of this type of “service or transactional” emails (unless you delete your account) as they contain necessary information regarding the Services. The legal basis for processing this information is our requirement to perform our commitments about communicating changes in plans and pricing to you, as per the contract we entered into with you (our Terms of Service), in accordance with GDPR art. 6 (1) item b, and our legitimate interest in communicating important information about your account to you, as per GDPR art. 6 (1) item f.

Correspondence Information

We may process information that you choose to share with us if you participate in a focus group, research interview, contest, activity, or event, apply for a job, interact with our social media accounts, or otherwise communicate with Optiverse. The correspondence data may be processed for the purposes of communicating with you and keeping records. The legal basis for this processing is our legitimate interests as per GDPR art. 6 (1) item f, namely the proper administration of our website and business, and communication with users. For all categories of data that require your consent, we will actively ask you for consent before collecting any data. You can give and revoke your consents by writing an email to Contact@optiverse.ai.

3. Data Use

Optiverse uses the collected data for various purposes:

1. To provide and maintain our Service.

2. To notify you about changes to our Service.

3. To allow you to participate in interactive features of our Service when you choose to do so.

4. To provide customer support.

5. To gather analysis or valuable information so that we can improve our Service.

6. To monitor the usage of our Service.

7. To detect, prevent, and address technical issues.

8. To fulfill any other purpose for which you provide it.

9. To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.

10. To provide you with notices about your account and/or subscription, including expiration and renewal notices, email instructions, etc.

11. To provide you with news, special offers, and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

12. In any other way we may describe when you provide the information.

13. For any other purpose with your consent.

Data Sharing with Third-Party AI Services

In order to enhance the accuracy and functionality of our transcription services, Optiverse may share certain data, including meeting transcripts and related metadata, with third-party artificial intelligence (AI) services.

Purpose of Data Sharing

- Improve transcription accuracy

- Enhance service capabilities

- Provide better user experience

Data Shared

- Meeting transcripts

- Metadata related to the transcripts (such as timestamps)

We will only share this data after obtaining your explicit consent through our sign-up process or when you first use the enhanced transcription feature.

Your Consent

- You can provide your consent by ticking the consent checkbox during sign-up or when enabling the feature.

- You can withdraw your consent at any time by contacting us at Contact@optiverse.ai.

For any questions regarding data sharing, please refer to our full privacy policy or contact us directly.


4. Data Retention

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

Transaction Information will be retained for a minimum period of 5 years following the date of the transaction, and for a maximum period of 10 years following the date of the transaction. In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:

1. Account Information will be retained until you decide to delete your account.

2. Information for Product & Marketing Communication will be retained as long as you have given us consent to use this information.

3. Usage Information will be retained based on the need for historical data to determine statistical validity and relevance for product decisions and technical monitoring.

4. Sensitive Personal Information, including meeting recordings, is by default deleted after 6 months of inactivity for a given user.

Regardless of the specific provisions above, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

5. Data Transfer

We may share information about you with third parties in some circumstances, including:

1. With your consent.

2. To a service provider or partner who meets our data protection standards. (Information might only be delivered to necessary providers to fulfill our service agreement with you. We will not sell data to third parties).

3. When we have a good faith belief it is required by law, such as pursuant to a subpoena or other legal process.

4. To protect the vital interests of others, when we have reason to believe that doing so will prevent harm to someone or illegal activities.

Our categories of service providers and partners are:

- Hosting/infrastructure/storage providers

- Payment processors

- Analysis tools providers

- Customer support tools providers

- Marketing and email providers

- Internal communication tools providers

6. International Data Transfers

In some circumstances, your personal data may be transferred to countries outside the European Economic Area (EEA). You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others. We and our providers have offices and facilities in Switzerland and the United States. The hosting facilities for account information and for video storing are situated in the United States. Transfers to the United States will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission, a copy of which can be obtained from the European Commision website (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

7. Your Rights to Access, Export, or Remove Personal Data

If you have provided your consent for the processing of your personal data, you may also withdraw your consent at any time by contacting us at Contact@optiverse.ai. You may instruct us at any time not to process your personal information for marketing purposes by reaching out to us through the same email. You can delete single recordings at any time via our web interface. If you delete your account, your information and content will be permanently unrecoverable after that time. We may withhold personal information that you request to the extent permitted by law. As an individual, you are granted rights according to the applicable data protection law: 1. The right to access your personal data.

2. The right to rectification of your personal data.

3. The right to object to and restrict our processing of your personal data.

4. The right to be forgotten (erasure of your data).

5. The right to data portability.

These rights are not absolute, and you may read more about your rights in the EU General Data Protection Regulation (GDPR) Chapter III, or at the [EU citizens' rights page](https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en).

To exercise your rights or if you otherwise have any questions regarding our processing of your personal data, we encourage you to contact us as described below. You may also raise a complaint with a data protection authority. As a Swiss company, Optiverse will comply with the requirements of the Swiss Federal Data Protection and Information Commissioner (FDPIC). You may find further information on their website: [FDPIC](https://www.edoeb.admin.ch/edoeb/en/home.html). You may also contact your national/state supervisory authority regarding any concerns.

8. Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. All connections to Optiverse are encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS. Optiverse hosts its software in Microsoft Azure and Amazon Web Services (AWS) facilities. Both Azure and AWS data centers are certified as ISO 27001, PCI DSS Service Provider Level 1, and/or SOC 1 and 2 compliant. In addition, we use Supabase, a third-party provider, to handle our data, which is hosted on both Azure and AWS. Our database is located in a Virtual Private Cloud (VPC) with Azure and AWS and is protected by restricted security groups. Only the minimal required communication to and between the servers is allowed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. Children’s Privacy

We do not knowingly collect or process personal data from children under the age of 16, and no part of our Services is directed to them. If you are a parent or guardian and you learn that your child has provided us with personal data, please contact us at Contact@optiverse.ai. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our systems.

10. Changes to this Policy

We may update our Privacy Policy from time to time. If we make any material changes, we will notify you by email or through a prominent notice on our website before the change becomes effective. By continuing to use our Services after those changes become effective, you agree to be bound by the revised Privacy Policy. If you do not agree to the changes, you should stop using our Services and delete your account before the new policy takes effect.

11. Company Acquisition

In the case that we are involved in a merger, acquisition, bankruptcy, reorganization, or sale of assets such that your information would be transferred or become subject to a different privacy policy, we will notify you in advance and give you the option to delete your data before the transfer.

12. Contact Information

If you have any questions or concerns about our Privacy Policy or our data practices, or if you wish to exercise your rights as outlined above, please contact us at: Contact@optiverse.ai).

Optiverse AG

Clausiusstrasse 16, 8006 Zürich, Switzerland