Privacy Policy — Kiingo AI for Zoom

Kiingo, LLC ("Kiingo," "we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, store, and protect personal information and business data when you use the Kiingo AI for Zoom application and related services (collectively, the "Application").

By using the Application or authorizing a connection to your Zoom account, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

This Privacy Policy applies to all users of the Application, including individuals who connect the Application to their Zoom accounts and their authorized users.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide to us, including:

Account information: name, email address, company name, phone number, and other contact details provided during registration or through communications with us;
Communication data: information contained in messages you send to us, including support requests, feedback, and correspondence;
Payment information: billing details processed through our third-party payment processor (we do not store full payment card numbers on our servers).

1.2 Zoom Data Accessed Through the Application

When you authorize the Application to connect to your Zoom account via Zoom's OAuth 2.0 framework, we access and process the following categories of data from your Zoom account ("Zoom Data"):

Meeting Recordings and Transcripts

Audio recordings of meetings;
Video recordings of meetings;
Cloud recording files and associated metadata;
Automated and manual transcription data;
Speaker identification and attribution within transcripts.

Meeting Metadata

Meeting titles, descriptions, and agendas;
Meeting IDs, passwords (hashed), and join URLs;
Scheduled start and end times, actual duration;
Meeting type (instant, scheduled, recurring);
Host and co-host information.

Participant Data

Participant names and email addresses;
Join and leave times;
Attendance records and duration of participation;
Participant roles (host, co-host, attendee);
Device and connection information of participants (as provided by Zoom).

Chat Messages

In-meeting chat messages;
Zoom Team Chat messages (where separately authorized);
Shared files and links within chat.

1.3 Data Accuracy Disclaimer

Kiingo relies on the accuracy, completeness, and timeliness of data provided by your Zoom account and Zoom's APIs. We do not independently verify the accuracy of Zoom Data received through the Application. Automated transcription is inherently imperfect and may contain errors, omissions, or misattributions. Kiingo is not responsible for any errors, inaccuracies, omissions, or inconsistencies in your source data or in automated transcriptions, nor for any consequences arising from the processing of inaccurate source data.

1.4 Automatically Collected Information

When you interact with the Application, we automatically collect certain technical information:

Device and browser data: device type, operating system, browser type and version, screen resolution, and language preferences;
Usage data: features accessed, actions taken within the Application, timestamps, frequency of use, and interaction patterns;
Log data: IP addresses, access times, pages viewed, error logs, and referring URLs;
Cookies and similar technologies: as described in our Cookie Policy.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing and Operating the Application

Connecting to and syncing data from your Zoom account;
Processing meeting recordings and generating automated transcriptions;
Analyzing transcripts and meeting data to deliver AI-powered summaries, action items, insights, and recommendations;
Automating follow-up tasks, scheduling, and workflow triggers based on meeting content;
Displaying dashboards, visualizations, and analytical outputs;
Authenticating users and managing account access.

2.2 Improving the Application

Analyzing usage patterns to enhance functionality and user experience;
Identifying and resolving bugs, errors, and performance issues;
Training and improving our AI and machine learning models (using aggregated, de-identified data only, unless you provide explicit consent for identifiable data use);
Conducting research and development for new features.

2.3 Communications

Sending transactional messages related to your account and use of the Application;
Responding to your inquiries and support requests;
Sending service announcements, updates, and security alerts;
Sending marketing communications (only with your consent, and you may opt out at any time).

2.4 Legal and Compliance

Complying with applicable laws, regulations, and legal processes;
Enforcing our Terms of Use and other agreements;
Protecting the rights, property, and safety of Kiingo, our users, and the public;
Detecting, preventing, and addressing fraud, security breaches, and technical issues.

3. Your Responsibilities as Data Controller

When you connect your Zoom account to the Application, you act as the data controller for the personal information of individuals whose data is contained in your Zoom account (including meeting participants, attendees, employees, and contractors). As data controller, you are responsible for:

Ensuring you have a lawful basis to collect, store, and share the personal information contained in your Zoom Data, including with Kiingo through the Application;
Obtaining all necessary consents from meeting participants for recording, transcription, and AI processing of their communications, to the extent required by applicable law, including two-party consent jurisdictions;
Providing all required privacy notices to meeting participants and data subjects informing them that their personal information and meeting content may be processed by third-party service providers, including Kiingo;
Complying with all applicable data protection, privacy, employment, and communications laws in connection with the data you make available through the Application;
Responding to data subject rights requests related to the personal information you control, and notifying Kiingo promptly if such requests require action on Kiingo's part;
Ensuring that your use of the Application's outputs and AI-generated insights complies with applicable laws, including any restrictions on automated decision-making that may affect individuals' rights.

Kiingo acts as a data processor with respect to Zoom Data containing personal information and processes such data only in accordance with this Privacy Policy and our Terms of Use. For enterprise customers requiring a formal Data Processing Addendum (DPA), please contact us at privacy@kiingo.com.

4. Legal Bases for Processing

We process your information based on the following legal grounds:

Contractual necessity: processing required to perform our obligations under the Terms of Use;
Consent: where you have provided affirmative consent, such as for marketing communications or optional data processing;
Legitimate interests: processing necessary for our legitimate business interests, such as improving the Application, ensuring security, and preventing fraud, balanced against your privacy rights;
Legal obligations: processing required to comply with applicable laws and regulations.

5. How We Share Your Information

We do not sell your personal information or Zoom Data. We share information only in the following circumstances:

5.1 Service Providers

We engage trusted third-party service providers who perform services on our behalf, including cloud hosting, data analytics, payment processing, email delivery, and customer support. These providers are contractually obligated to use your information only for the purposes of providing services to Kiingo and are bound by confidentiality obligations.

5.2 Zoom

We interact with Zoom's APIs to access and sync your Zoom Data. Data transmitted to and from Zoom is subject to Zoom's Privacy Policy. Our Application complies with Zoom's developer platform policies, including Zoom's data handling, security, and privacy requirements for applications listed on the Zoom App Marketplace.

5.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, including in response to subpoenas, court orders, or law enforcement requests.

5.4 Protection of Rights

We may disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government request.

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will provide notice before your information becomes subject to a different privacy policy.

5.6 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5.7 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. Such data is not subject to the restrictions of this Privacy Policy.

6. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:

Encryption of data in transit (TLS/SSL) and at rest (AES-256);
Access controls and authentication mechanisms, including role-based access;
Regular security assessments, vulnerability scanning, and penetration testing;
Employee security training and confidentiality agreements;
Incident response procedures and breach notification protocols;
Secure software development practices.

While we strive to protect your information, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security, and you acknowledge and accept this inherent risk. Kiingo shall not be liable for any unauthorized access, data breach, or security incident that results from: (a) your failure to maintain the security of your account credentials; (b) a security breach or vulnerability in Zoom or any other Third-Party Service; or (c) circumstances beyond Kiingo's reasonable control. Our liability in connection with any data security matter is subject to the limitations set forth in our Terms of Use.

7. Data Retention

We retain your information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

Account information: retained for the duration of your account and for a reasonable period thereafter to comply with legal obligations and resolve disputes;
Zoom Data (recordings, transcripts, chat): retained only for as long as your Application connection is active and for a reasonable period after disconnection to facilitate potential reconnection, after which it is deleted or anonymized;
Meeting metadata and analytics: retained for up to twenty-four (24) months for analytics and reporting purposes;
Usage data and logs: retained for up to twenty-four (24) months for analytics and security purposes;
Legal compliance data: retained as required by applicable laws and regulations.

When data is no longer needed, we securely delete or anonymize it using commercially reasonable methods.

8. Sensitive Personal Information

Under the California Privacy Rights Act (CPRA) and other applicable privacy laws, certain categories of personal information are classified as "Sensitive Personal Information" and are subject to additional protections. The Application may process the following types of Sensitive Personal Information from your Zoom Data:

Contents of communications: meeting recordings, transcripts, and chat messages constitute the contents of private communications between meeting participants;
Biometric-adjacent data: voice patterns and facial imagery present in audio and video recordings (note: we do not use this data for biometric identification purposes);
Login credentials: account credentials used to access the Application (stored in hashed form only).

We process Sensitive Personal Information solely for the purposes of providing and improving the Application as described in this Privacy Policy. We do not use Sensitive Personal Information for purposes beyond what is necessary to deliver the Application's features, and we do not use it to infer characteristics about individuals. You have the right to limit our use and disclosure of your Sensitive Personal Information to only those purposes necessary to provide the Application. To exercise this right, contact us at privacy@kiingo.com.

9. Automated Decision-Making and AI Processing

The Application uses artificial intelligence, machine learning, and automated speech recognition technologies to analyze your Zoom Data and generate outputs. We want to be transparent about how these technologies are used:

Purpose: AI processing is used to transcribe meeting audio, identify speakers, generate meeting summaries, extract action items, produce insights, and automate follow-up workflows;
Human oversight: The Application's AI-generated outputs are designed to assist and inform your decision-making, not to replace it. No fully automated decisions with legal or similarly significant effects on individuals are made by the Application without human review;
Accuracy limitations: AI-generated outputs, including transcriptions and summaries, may be inaccurate, incomplete, or contain misattributions. You should independently verify all outputs before relying on them for business, legal, or personnel decisions;
No profiling for adverse decisions: We do not use automated processing of your data to make decisions that produce legal effects or similarly significant effects on individuals (such as employment decisions or performance evaluations).

If you have questions about how AI is used in the Application, please contact us at privacy@kiingo.com.

10. Your Rights and Choices

10.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act:

Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes of collection, and the categories of third parties with whom we share your personal information.
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions (such as legal compliance requirements).
Right to Correct: You have the right to request correction of inaccurate personal information.
Right to Opt Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising purposes. If this practice changes, we will provide a mechanism for you to opt out.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of Sensitive Personal Information (as described in Section 8) to purposes necessary to provide the Application.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

To exercise these rights, contact us at privacy@kiingo.com. We will verify your identity before processing your request and respond within forty-five (45) days.

10.2 General Rights (All Users)

Regardless of your location, you may:

Access your data: request a copy of the personal information we hold about you;
Correct your data: request that we update inaccurate or incomplete information;
Delete your data: request deletion of your personal information, subject to legal retention requirements;
Data portability: request a copy of your data in a structured, commonly used, and machine-readable format (such as CSV or JSON), to the extent technically feasible;
Revoke Zoom access: disconnect the Application from your Zoom account at any time through the Zoom App Marketplace or your Zoom account settings;
Opt out of marketing: unsubscribe from marketing emails using the link in any marketing message or by contacting us;
Manage cookies: adjust your cookie preferences as described in our Cookie Policy.

10.3 Authorized Agents

You may designate an authorized agent to make privacy requests on your behalf. We may require verification that you authorized the agent and may require the agent to provide proof of their authority.

11. Children's Privacy

The Application is not directed to individuals under the age of sixteen (16), and we do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will take prompt steps to delete that information. If you believe a child has provided us with personal information, please contact us at privacy@kiingo.com.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction. By using the Application, you consent to the transfer of your information to the United States and other countries where Kiingo and its service providers operate. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

13. Third-Party Links and Services

The Application may contain links to third-party websites or integrate with third-party services. This Privacy Policy applies only to the Application and does not govern third-party websites or services. We encourage you to review the privacy policies of any third-party services you access through the Application. Kiingo is not responsible for the privacy practices of third parties.

14. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. At this time, there is no uniform standard for interpreting DNT signals. We currently do not respond to DNT signals, but we will reevaluate this practice as standards develop.

15. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you in accordance with applicable laws and regulations. Notification may be provided via email, through the Application, or by other means as required by law. We will also notify relevant regulatory authorities as required.

16. Zoom Platform Compliance

The Application is developed and operated in compliance with Zoom's developer platform requirements, including Zoom's policies regarding data access, data storage, data security, and user privacy for applications listed on the Zoom App Marketplace. We adhere to Zoom's requirements for handling Zoom Data, including:

Accessing only the Zoom Data scopes that are necessary for the Application's functionality;
Storing Zoom Data securely and in accordance with Zoom's data handling guidelines;
Deleting Zoom Data promptly when a user disconnects the Application or when required by Zoom;
Complying with Zoom's requirements regarding the use of recording and transcription data;
Undergoing security reviews and assessments as required by Zoom's developer program.

For more information about how Zoom handles data, please refer to Zoom's Privacy Policy.

17. Limitation of Liability

To the maximum extent permitted by applicable law, Kiingo's liability for any claims arising from or related to this Privacy Policy, our data practices, or any data breach or security incident shall be subject to the limitations of liability set forth in our Terms of Use, including the liability cap, the exclusion of consequential damages, and the assumption of risk provisions. By using the Application, you agree that the limitations of liability in the Terms of Use apply equally to any privacy-related claims.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will post the updated Privacy Policy on this page with a revised "Last Updated" date. For material changes, we will provide additional notice through the Application or via email. Your continued use of the Application after any changes constitutes your acceptance of the updated Privacy Policy.

19. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company: Kiingo, LLC
Privacy inquiries: privacy@kiingo.com
General inquiries: legal@kiingo.com
Website: www.kiingo.com

For privacy-related requests, we aim to respond within forty-five (45) days of receiving your verified request.