Privacy Policy

/Summary of key points

This summary provides key points from our privacy notice. You can find more detail on any topic via the contents above.

• What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with Epicbrief, the choices you make, and the features you use.
• Do we process sensitive personal information? No — we do not process sensitive personal information.
• Do we receive information from third parties? No — we do not receive any information from third parties.
• How do we process your information? To provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process your information only when we have a valid legal reason.
• How do we share information? In specific situations, and with specific categories of third parties.
• How do we keep your information safe? Through organizational and technical measures — though no electronic transmission or storage can be guaranteed 100% secure.
• What are your rights? Depending on where you are located, applicable privacy law may grant you certain rights over your personal information. The easiest way to exercise them is to contact us at legal@epicbrief.com.

01What information do we collect?

Personal information you disclose to us

We collect personal information that you voluntarily provide when you register on the Services, express interest in obtaining information about us or our products and Services, participate in activities on the Services, or otherwise contact us. The personal information we collect may include:

• Names
• Email addresses
• Job titles
• Contact or authentication data

Sensitive information. We do not process sensitive information.

Payment data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number and the associated security code. All payment data is stored by Stripe — you may review their privacy notice at stripe.com/privacy.

Social media login data. We may provide you the option to register using your existing social media account details. If you choose to register this way, we collect the information described in "How do we handle your social logins?" below.

All personal information you provide must be true, complete, and accurate, and you must notify us of any changes.

Information automatically collected

This information does not reveal your specific identity but may include device and usage information collected to maintain the security and operation of our Services and for internal analytics and reporting. The information we collect includes:

• Log and usage data. Service-related, diagnostic, usage, and performance information our servers automatically collect — including your IP address, device information, browser type and settings, activity in the Services (date/time stamps, pages and files viewed, searches, features used), and device event information such as system activity and error reports.
• Device data. Information about the computer, phone, tablet, or other device you use to access the Services — which may include your IP address (or proxy server), device and application identifiers, location, browser type, hardware model, ISP and/or mobile carrier, operating system, and system configuration.

02How do we process your information?

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To facilitate account creation and authentication and otherwise manage user accounts.
• To deliver and facilitate delivery of services to the user.
• To respond to user inquiries and offer support.
• To request feedback and to contact you about your use of our Services.
• To protect our Services, including fraud monitoring and prevention.
• To identify usage trends so we can understand how the Services are used and improve them.
• To save or protect an individual's vital interest, such as to prevent harm.

03What legal bases do we rely on to process your information?

For EU and UK users, we may rely on the following legal bases:

• Consent — where you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
• Performance of a contract — where necessary to fulfill our contractual obligations to you, or at your request prior to entering into a contract.
• Legitimate interests — where reasonably necessary to achieve our legitimate business interests, provided those interests do not outweigh your rights and freedoms.
• Legal obligations — where necessary for compliance with our legal obligations.
• Vital interests — where necessary to protect your vital interests or those of a third party.

For Canadian users, we may process your information with your express or implied consent, which you can withdraw at any time. In some exceptional cases we may process your information without consent where permitted by applicable law — for example, for investigations, fraud detection and prevention, business transactions, insurance claims, or compliance with court orders; where information was produced by an individual in the course of their employment, business, or profession and collection is consistent with the purposes for which it was produced; where collection is solely for journalistic, artistic, or literary purposes; or where the information is publicly available and specified by the regulations.

04When and with whom do we share your personal information?

Vendors, consultants, and other third-party service providers. We may share your data with third parties who perform services for us and require access to do that work. We have contracts in place designed to safeguard your personal information. The categories of third parties we may share personal information with are:

• Cloud computing services
• Data storage service providers
• User account registration & authentication services
• Payment processors

We may also need to share your personal information in the following situation:

• Business transfers — in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

05How do we handle different kinds of data?

5A · How do we handle your social logins?

Where you register or log in using third-party social media account details, we receive certain profile information from your social media provider — often including your name, email address, friends list, and profile picture, plus other information you choose to make public. We use the information we receive only for the purposes described in this notice or otherwise made clear to you. We do not control, and are not responsible for, other uses of your personal information by your third-party social media provider, and recommend you review their privacy notice.

5B · How do we handle Google data?

Google Calendar data is accessed to populate meeting participant profiles and future calendar events. Meeting profiles are used to assist in preparing for meetings and in generating summaries from meeting transcripts. The data is accessed, used, stored, and shared only as required to provide the service this privacy policy covers. Epicbrief's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5C · Sharing and use of data

At Epicbrief, we prioritize your privacy and strive to be transparent about our data practices. This section outlines how we handle data we receive after you authorize our app — including calendar event participant names and surnames, and calendar meeting transcriptions — to enhance our services and provide you with innovative features.

5C.1 · How we use your data. We analyze data — which encompasses participant names, surnames, and calendar meeting transcriptions — to offer personalized services, improve existing features, and develop new functionality tailored to your needs.

5C.2 · How we share your data.

• With AI models — to facilitate the processing and improvement of our services, your data is shared with AI models. This sharing is essential for the development and enhancement of the features we provide.
• No third-party sharing for marketing — your data is not shared with third parties for their marketing purposes without your explicit consent.

5C.3 · Your control over data.

• Opt-out options — you can opt out of or restrict the sharing of your data for specific uses by adjusting your account settings or contacting support.
• Access and correction — at any time you can access, correct, or update your data through your account settings or by contacting customer support.

Should you have any inquiries or concerns about how we handle your data, please contact us at legal@epicbrief.com.

06Is your information transferred internationally?

Your data will be stored and processed in Europe. We take all necessary measures to protect your personal information in accordance with this privacy notice and applicable law.

07How long do we keep your information?

We keep your personal information only for as long as necessary for the purposes set out here, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it — or, if that is not possible (for example, because it is stored in backup archives), securely store it and isolate it from further processing until deletion is possible.

08How do we keep your information safe?

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Transmission of personal information to and from our Services is at your own risk; you should only access the Services within a secure environment.

09Do we collect information from minors?

By using the Services, you represent that you are at least 18, or that you are the parent or guardian of such a minor and consent to the minor's use of the Services. If we learn that personal information from users under 18 has been collected, we will deactivate the account and take reasonable measures to promptly delete such data. If you become aware of any data we may have collected from children under 18, please contact us at legal@epicbrief.com.

10What are your privacy rights?

In some regions you have certain rights under applicable data protection laws. These may include the right to request access and obtain a copy of your personal information, to request rectification or erasure, to restrict processing, and (if applicable) to data portability. In certain circumstances you may also object to the processing of your personal information. To make such a request, contact us using the details in "How can you contact us?" below.

If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority — contact details are available via the European Commission. If you are located in Switzerland, contact details for the data protection authorities are available via the FDPIC.

Withdrawing your consent. If we are relying on your consent, you have the right to withdraw it at any time by contacting us. This will not affect the lawfulness of processing before withdrawal, nor processing conducted in reliance on lawful grounds other than consent.

Account information. If you wish to review or change the information in your account or terminate it, you can log in to your account settings to update it, or contact us using the information provided. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases — though we may retain some information to prevent fraud, troubleshoot problems, assist investigations, enforce our legal terms, and/or comply with applicable legal requirements. Questions about your privacy rights can be sent to legal@epicbrief.com.

11Controls for do-not-track features

Most web browsers and some mobile operating systems and applications include a Do-Not-Track ("DNT") feature you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked. If a standard is adopted that we must follow in the future, we will inform you in a revised version of this notice.

12Do California residents have specific privacy rights?

California Civil Code Section 1798.83, the "Shine The Light" law, permits California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes, and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. To make such a request, submit it in writing using the contact information below.

If you are under 18, reside in California, and have a registered account, you have the right to request removal of unwanted data that you publicly post on the Services. To request removal, contact us using the information below and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Services, though the data may not be completely removed from all our systems (e.g., backups).

13Do we make updates to this notice?

The updated version will be indicated by an updated "Revised" date and will be effective as soon as it is accessible. If we make material changes, we may notify you either by prominently posting a notice or by directly sending you a notification. We encourage you to review this notice frequently to stay informed of how we protect your information.

14How can you contact us about this notice?

If you have questions or comments about this notice, you may email us at legal@epicbrief.com.

15How can you review, update, or delete the data we collect from you?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact us at legal@epicbrief.com.

Last updated · December 1, 2025