Privacy policy

1. Introduction

1.1 About This Policy

This Privacy Policy explains how SafeMeet (“we,” “our,” or “us”) collects, processes, manages, and protects your personal data. It applies to all users of our services, including our chat, meeting, and storage (drive) features.

1.2 What This Policy Covers

This policy covers:

The types of personal data we collect.
The purposes and legal bases for processing your data.
Your data protection rights and how to exercise them.
How we share, store, and protect your information.
Region-specific privacy disclosures as required by law.

1.3 Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. When we do, we will revise the “Last Updated” date at the top of this page and notify you as required by law.

2. Legal Basis for Processing Personal Data

We are a U.S.-based company providing chat, meeting, and cloud storage services to users globally. We process personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the UK GDPR, and similar privacy laws in other jurisdictions.

We only process your personal data when we have a lawful basis for doing so. The specific legal basis we rely on may vary depending on the nature of the services you use and the jurisdiction in which you reside.

2.1 Contract Performance

We process your personal data when necessary to perform our contractual obligations to you. This includes enabling the following core services:

Chats: Sending and receiving messages, sharing media, and managing chat rooms.
Meetings: Creating and managing meetings, enabling features such as screen sharing and recording.
Storage (Drive): Uploading, storing, and sharing your files and documents in the cloud.

Without this processing, we would not be able to provide these services.

2.2 Legitimate Interests

We process personal data when it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. These interests include:

Ensuring the security, integrity, and availability of our platform.
Preventing misuse, abuse, and fraud.
Providing customer support and resolving user-reported issues.
Analyzing usage trends to improve product functionality and experience.
Sending essential service-related communications (not marketing).

2.3 Consent

We rely on your consent to process personal data for optional features that are not essential to delivering our core services. These include:

Cookies and tracking technologies: Used for personalization, analytics, and advertising. You can manage your preferences at any time using our cookie settings tool.
Marketing communications: If you opt in to receive newsletters or promotional messages.
Third-party integrations: When you choose to connect our services with external tools (e.g., calendar apps or cloud platforms).

You may withdraw your consent at any time through your account settings or the cookie preferences tool. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

2.4 Legal Obligations

We may process your personal data to comply with applicable laws and regulations. This includes:

Responding to lawful requests from public authorities.
Meeting tax, accounting, and regulatory compliance requirements.
Detecting and reporting unlawful activity, such as fraud or abuse.

2.5 Vital Interests

In limited cases, we may process your personal data to protect vital interests — such as in emergencies where someone's health or safety is at risk or to prevent serious harm.

Note on Region-Specific Disclosures
If you are located in a region with specific legal rights (e.g., the EU/EEA, UK, California, Brazil, or China), please refer to Section 3: Your Rights and Choices for more information about your rights under local law.

3. Your Rights and Choices

We are committed to helping you exercise meaningful control over your personal data. Depending on your location and the laws that apply, you may have specific rights under data protection regulations such as the General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA/CPRA), Brazil’s LGPD, China’s PIPL, and similar laws in other jurisdictions.

3.1 Your Core Rights

Where applicable, you may have the following rights regarding your personal data:

Right of Access – Request a copy of the personal data we hold about you.
Right to Rectification – Request that inaccurate or incomplete data be corrected.
Right to Erasure ("Right to Be Forgotten") – Request deletion of your personal data.
Right to Restrict Processing – Request limited use of your data under specific circumstances.
Right to Object to Processing – Object to data processing based on our legitimate interests, direct marketing, or for other specific purposes.
Right to Data Portability – Request a portable version of your personal data.
Right to Withdraw Consent – Withdraw your consent at any time if processing is based on consent.
Right to Lodge a Complaint:
If you believe your data rights have been violated, you have the right to lodge a complaint with your local data protection authority. Depending on your region, you can contact the following:

GDPR (EU/EEA/UK): Your local Data Protection Authority (DPA) or the Information Commissioner’s Office (ICO) in the UK.

CCPA (California): The California Attorney General’s office.

LGPD (Brazil): The National Data Protection Authority (ANPD).

PIPL (China): Relevant regulatory authorities in China.

3.2 Region-Specific Rights and Disclosures

European Union (EU), European Economic Area (EEA), and United Kingdom (UK)

Under the EU GDPR, UK GDPR, and applicable laws in the EEA, you are entitled to all the rights listed above. Additionally:

You have the right to object to automated decision-making and profiling.
You can expect a response to your data rights request within one month.
You may escalate any concerns to your national Data Protection Authority or the UK Information Commissioner’s Office (ICO).

California (United States)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have the right to:

Know what personal information we collect and how we use or disclose it.
Request deletion or correction of your personal information.
Opt out of the "sale" or "sharing" of personal information (if applicable).
Limit the use of sensitive personal information.
Appoint an authorized agent to make requests on your behalf.

We do not sell your personal information as defined under California law.

Brazil

Under the Lei Geral de Proteção de Dados (LGPD), you may also:

Confirm whether your personal data is being processed.
Request correction, anonymization, blocking, or deletion of unnecessary or excessive data.
Receive information about third parties with whom your data is shared.

China

Under the Personal Information Protection Law (PIPL), users located in China have the right to:

Access and request copies of personal data.
Correct or delete data under specific conditions.
Withdraw consent for optional data processing.
Request an explanation of how your data is processed.

3.3 How to Exercise and Verify Your Rights
You can exercise your privacy rights by contacting us at [email protected] or, where available, through your SafeMeet account settings. We offer several options to manage your data, including:

Access Your Data: Request a copy of the personal data we hold about you.
Correct Your Data: Request corrections to any inaccurate or incomplete information.
Delete Your Data: Request deletion of your personal data.
Transfer Your Data: Request that your personal data be transferred to you or another service in a portable format.

For certain requests, such as accessing, deleting, or transferring your data, we may need to verify your identity to ensure that your request is legitimate and to protect your information from unauthorized access.

We will respond to valid requests within the timeframe required by applicable laws. If we need more time to process your request, we will notify you and provide an explanation for the delay.

4. What Data We Collect

When you use SafeMeet — including our chat, meeting, and cloud storage features — we collect personal data to operate, maintain, and improve the platform. The data we collect includes:

4.1 Information You Provide to Us

We collect data you choose to share directly with us, such as:

Account information: name, email address, password, and optional phone number or profile details.
Chats and meetings: messages, in-meeting chat, shared files, reactions, and audio/video recordings (if enabled).
File uploads: documents, file names, folder structures, and metadata (e.g., size, timestamps).
Support interactions: any messages you send to our team, including your contact information and the content of your message.

You choose how much information to share with us, but certain features may not work without some data.

4.2 Information Collected Automatically

We automatically collect technical data when you interact with SafeMeet, such as:

Device and usage data: IP address, browser type, operating system, device identifiers, screen resolution, and connection data.
Log data: access times, pages viewed, features used, and performance logs.
Location data: We may collect approximate location based on your IP address to help with language settings, regulatory compliance, fraud detection, and regional service availability. We do not collect precise GPS data or actively track your location through device-level geolocation services.
Cookies and similar technologies: We use these to improve service performance, detect issues, and help keep the platform secure. (See Section 10 for more information).

4.3 Information from Third Parties and Other Sources

We may receive personal data from third parties and other sources, including:

SSO providers: Your name, email, and profile image when logging in via Google or Microsoft.
Third-party integrations: Data needed for services you link with SafeMeet (e.g., calendars, cloud storage).
Enterprise accounts: Your organization may provide user details if you're on a business plan.
Marketing and analytics providers: Non-identifiable data to improve services and communication.
Public sources and user interactions: We may collect publicly available data or info from user interactions to enhance features, identify preferences, or verify identity for fraud prevention.

We only use this data as permitted by law and in accordance with your privacy preferences.

5. How We Use Your Data

We use the personal data we collect to operate, maintain, and improve SafeMeet’s services. Our processing activities are guided by legitimate business needs, contractual requirements, legal obligations, and — where applicable — your consent.

We do not use your personal data for targeted advertising or social profiling.

5.1 To Provide and Improve Services

We use your data to:

Create and manage your SafeMeet account.
Facilitate chats, video/audio meetings, file sharing, and storage.
Ensure reliable access to your documents and meeting content.
Monitor service usage to improve performance and usability.
Fix bugs, troubleshoot issues, and test new features.

This includes analytics to help us improve our platform and understand how users interact with specific features.

5.2 Communication and Support

We use your contact information to:

Send service-related communications (e.g., billing updates, product changes, system alerts).
Respond to customer support inquiries or requests for assistance.
Provide onboarding support and usage guidance.

You can turn off most messages in your settings, except for important ones like account updates or legal notices.

5.3 Security and Fraud Prevention

To protect SafeMeet and our users, we process data to:

Detect and prevent suspicious or unauthorized activity.
Protect against account misuse, spam, and abuse.
Investigate reported violations of our Terms of Service or policies.
Monitor infrastructure for stability and malicious behavior.

5.4 Legal Compliance

We may process your data as required to:

Fulfill our legal obligations under applicable data protection, tax, and regulatory laws.
Respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Protect the rights, safety, or property of SafeMeet, its users, or others.

5.5 With Your Consent (Optional Features)

We only process certain types of data with your explicit consent. This applies to:

Cookies and tracking technologies used for analytics, personalization, and marketing.
Email marketing or promotional content, if you sign up to receive it.
Third-party app integrations, such as calendar or file-sharing tools, that you choose to connect to your SafeMeet account.

You can withdraw your consent at any time via your account settings or cookie preferences. Withdrawing consent does not affect the lawfulness of data processed before the withdrawal.

For more information on your rights, including how to access, correct, delete, or restrict your personal data, please refer to Section 3.1 Your Core Rights.

6. How We Share Your Data

We do not sell your personal data. However, we may share your data with third parties under specific circumstances, as described below:

6.1 With Service Providers

We share personal data with trusted third-party service providers who help us operate and maintain SafeMeet. These providers are contractually bound to use your data only for the services they provide to us and must protect it appropriately. This includes:

Cloud hosting and infrastructure.
Analytics and performance monitoring.
Email and communication tools.
Customer support platforms.
Payment processing (for any future premium plans or upgrades, if applicable).

6.2 Within Our Corporate Group

If SafeMeet is part of a larger corporate family or group of affiliated entities, we may share data within that group where necessary to:

Provide technical support.
Facilitate service operations across regions.
Ensure consistency of user experience and data protection standards.

All affiliated entities follow the same privacy practices and safeguards described in this policy.

6.3 Third-Party Integrations

If you choose to integrate SafeMeet with third-party services or apps (e.g., calendars, storage, communication tools), we may share necessary data to enable those integrations. These integrations are entirely optional and controlled by you, meaning you can disconnect them at any time via your account settings.

We do not share your data with third parties for advertising purposes or cross-service profiling.

6.4 In Legal or Regulatory Situations

We may disclose personal data when required to do so by law, or in response to valid legal requests, including:

Court orders, subpoenas, or government investigations.
Enforcing our Terms of Service or protecting our rights.
Preventing or investigating fraud, security issues, or abuse.
Protecting the safety of users or the public.

Where legally permitted, we will notify users of such disclosures.

6.5 Business Transfers

If SafeMeet is involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of that transaction. We will take steps to ensure your privacy rights remain protected during such changes.

7. International Data Transfers

As a U.S.-based company, SafeMeet stores and processes personal data in the United States and in other countries where we or our service providers operate. This means your personal data may be transferred to, stored in, or accessed from jurisdictions outside of your home country or region.

We take appropriate steps to ensure that such transfers are compliant with applicable data protection laws and that your data remains protected.

7.1 Transfers from the EEA, UK, and Switzerland

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we rely on one or more of the following legal mechanisms to lawfully transfer your data:

Standard Contractual Clauses (SCCs) approved by the European Commission.
UK Addendum to the SCCs, where applicable.
Adequacy decisions for countries recognized as providing an adequate level of data protection.
Other legally permissible transfer mechanisms.

We also implement appropriate technical and organizational measures to safeguard your personal data.

7.2 Transfers from Other Regions

For users in other jurisdictions with data transfer or localization requirements (such as Brazil under the LGPD or China under the PIPL), we comply with local laws by:

Using contractual safeguards.
Obtaining any required regulatory approvals.
Providing transparency and rights in line with local privacy laws.

7.3 Safeguards and Your Rights

Regardless of where your data is processed, we apply a consistent level of data protection. This includes:

Limiting access to personal data on a need-to-know basis.
Encrypting data during transmission and at rest.
Conducting regular audits and due diligence on our service providers.
Providing rights and choices consistent with applicable laws.

8. Data Retention

8.1 How Long We Keep Your Data

We retain your personal data only as long as necessary to deliver our services and meet legal or business obligations.

Account Information is kept while your account is active. After deletion, it’s removed within 30 days unless legally required otherwise.
Chat, Meeting, and Drive Data are retained based on your use. You can delete this data manually; otherwise, it is kept for service functionality and removed within 30 days of deletion.
Analytics and System Logs may be retained in anonymized form for longer periods for security and performance improvement.

8.2 Criteria for Retention Periods

We consider the following factors to determine how long we keep your data:

The type of data and its sensitivity.
Whether we need it for legal, tax, or regulatory reasons.
Whether you’ve deleted your account or specific data.
Whether the data is still needed to prevent fraud or abuse.

9. Security Measures

We implement technical and organizational safeguards to protect your personal data against unauthorized access, loss, misuse, or alteration.

9.1 How We Protect Your Data

Encryption: All data is encrypted in transit (TLS) and at rest using industry standards.
Access Controls: Only authorized personnel and service providers can access your data, based on strict access permissions and authentication.
System Monitoring & Audits: We regularly monitor our systems, perform security testing, and engage external experts to assess vulnerabilities.
Secure Infrastructure: Our services run on trusted cloud platforms with strong physical and network security.

9.2 Incident Response

We maintain an incident response plan to address potential data breaches. If a breach affecting your personal data occurs, we will notify you and relevant authorities in accordance with applicable laws.

9.3 Your Responsibility

To help keep your data secure:

Use strong, unique passwords.
Enable two-factor authentication if available.
Stay alert for suspicious emails or links.

If you suspect unauthorized access to your account, please contact us immediately at [email protected].

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to deliver and improve our services, personalize your experience, analyze usage, and support security features.

10.1 Types of Cookies We Use

Type of Cookie	Purpose	Example
Essential Cookies	Required for core functionality such as login, session management, and security.	Authentication cookies, session IDs.
Functional Cookies	Remember your preferences and settings, like language or UI configurations.	Language preference, theme settings.

10.2 How Long Cookies Last

Session Cookies: These expire when you close your browser.
Persistent Cookies: These stay on your device for a set period or until you delete them. Lifespans vary by purpose and provider, usually between 30 days to 2 years.

10.3 Managing Your Cookie Preferences

You can manage your cookie settings in the following ways:

Browser Controls: Most web browsers let you block or delete cookies through their settings. Refer to your browser’s help section for details.
Cookie Banner: Where required by law (e.g. in the EU/UK), you’ll see a cookie banner on your first visit that allows you to accept or reject non-essential cookies.
Third-Party Opt-Outs: You can also opt out of certain third-party cookies (e.g., from Google or Facebook) via their own privacy controls.

11. Children’s Privacy

Our Service is not for children under 13. We do not knowingly collect personal information from anyone under 13. If you are a parent or guardian and think your child has shared personal data with us, please contact us right away. If we find that we've collected personal data from a child under 13 without permission, we will delete it as soon as possible.

For users aged 13 to 18, we may limit how we collect, use, and store their data. This could mean some features of the Service may not be available to them.

If we need consent to process your personal data and your country requires parental consent for children, we may ask your parent or guardian for permission before collecting or using your data.

12. How to Contact Us

For any privacy-related questions or concerns, you can email us at [email protected].