Privacy Policy

Introduction

At AgendaForge, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our meeting preparation workspace service ("Service"). We are committed to protecting your personal information and your right to privacy.

By using AgendaForge, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our service.

Information We Collect

Personal Information You Provide

We collect information you provide directly to us, including:

• Account Information: Name, email address, phone number, company name, and job title when you create an account
• Profile Data: Profile picture, bio, preferences, and other information you choose to provide
• Payment Information: Billing address, payment method details, and transaction history for subscription services
• Meeting Content: Meeting agendas, briefs, preparation materials, documents, and other content you create or upload
• Communication Data: Messages, feedback, support requests, and other communications with us
• Survey Responses: Information provided in surveys, feedback forms, or research studies
• Event Information: Details about meetings, participants, and related organizational data
• Integration Data: Information from connected third-party services like calendars and CRM systems

Information Collected Automatically

When you use our Service, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
• Usage Analytics: Pages visited, features used, time spent, click patterns, and user interactions
• Performance Data: Load times, errors, crashes, and other technical performance metrics
• Location Data: General geographic location based on IP address (not precise location)
• Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies
• Log Files: Server logs including access times, pages viewed, and system activity

Information from Third Parties

We may receive information about you from third-party sources:

• Calendar Integrations: Meeting schedules, attendee lists, and event details from connected calendar services
• CRM Systems: Contact information and relationship data from integrated customer relationship management tools
• Single Sign-On: Profile information from SSO providers when you use enterprise authentication
• Public Sources: Publicly available information to verify business details and prevent fraud

How We Use Your Information

We use the information we collect for various legitimate business purposes:

Service Provision and Improvement

• Provide, maintain, and improve our meeting preparation services and features
• Process transactions, manage subscriptions, and handle billing
• Customize and personalize your experience based on usage patterns
• Develop new features, products, and services based on user needs

Communication and Support

• Send technical notices, updates, security alerts, and administrative messages
• Respond to your comments, questions, and customer service requests
• Provide onboarding assistance and user training resources
• Send marketing communications about new features and services (with consent)

Analytics and Research

• Monitor and analyze trends, usage patterns, and service effectiveness
• Conduct research to improve meeting productivity and user experience
• Generate aggregated, anonymized insights about platform usage
• Measure the success of marketing campaigns and feature adoption

Security and Compliance

• Detect, investigate, and prevent fraudulent transactions and abuse
• Protect against security threats and unauthorized access
• Comply with legal obligations and regulatory requirements
• Enforce our terms of service and other policies

Information Sharing and Disclosure

We may share your information in the following limited circumstances:

With Your Explicit Consent

We may share your information when you give us explicit, informed consent to do so, such as when integrating with third-party services or sharing meeting content with external participants.

Service Providers and Partners

We work with trusted third-party service providers who perform services on our behalf:

• Cloud Infrastructure: Hosting, storage, and computing services
• Payment Processing: Secure payment handling and subscription management
• Analytics Services: Usage analytics and performance monitoring
• Customer Support: Help desk and communication tools
• Email Services: Transactional and marketing email delivery
• Security Services: Fraud detection and security monitoring

These providers are contractually bound to protect your information and use it only for specified purposes.

Team and Organization Sharing

Within your organization or team workspace, certain information may be shared with other authorized users according to your account settings and permissions.

Legal Requirements and Protection

We may disclose information when required by law or when we believe disclosure is necessary to:

• Comply with legal obligations, court orders, or government requests
• Protect our rights, property, or safety, or that of our users
• Investigate potential violations of our terms of service
• Prevent fraud, abuse, or other harmful activities

Business Transfers

Information may be transferred in connection with a merger, acquisition, bankruptcy, or sale of assets. We will provide notice and ensure continued protection of your information.

Data Security and Protection

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

• Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256
• Access Controls: Multi-factor authentication and role-based access permissions
• Network Security: Firewalls, intrusion detection, and regular security monitoring
• Secure Infrastructure: SOC 2 Type II compliant cloud hosting with regular audits

Operational Safeguards

• Employee Training: Regular security awareness and data protection training
• Background Checks: Screening of personnel with access to sensitive systems
• Incident Response: Established procedures for security breach detection and response
• Regular Audits: Third-party security assessments and penetration testing

Data Minimization

We collect and retain only the information necessary to provide our services effectively. Personal data is automatically purged according to our retention schedules.

Important: While we implement industry-standard security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information using best practices.

Data Retention and Deletion

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy:

Account Data

Personal account information is retained while your account is active and for up to 3 years after account deletion to comply with legal obligations and resolve disputes.

Meeting Content

Meeting briefs, agendas, and preparation materials are retained according to your account settings. You can delete this content at any time, and it will be permanently removed within 30 days.

Usage Analytics

Aggregated, anonymized usage data may be retained indefinitely for product improvement and research purposes. This data cannot be linked back to individual users.

Legal Compliance

Some information may be retained longer when required by law, such as financial records for tax purposes or data subject to litigation holds.

Automated Deletion

We have implemented automated systems to delete personal data according to our retention schedules, ensuring compliance with data protection regulations.

Your Privacy Rights and Choices

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

Access and Portability

• Right to Access: Request a copy of the personal information we hold about you
• Data Portability: Receive your data in a structured, machine-readable format
• Account Dashboard: View and manage your information through your account settings

Correction and Updates

• Right to Rectification: Request correction of inaccurate or incomplete information
• Profile Management: Update your account information and preferences at any time
• Data Accuracy: We will verify and correct information upon request

Deletion and Erasure

• Right to Deletion: Request deletion of your personal information under certain circumstances
• Account Closure: Delete your entire account and associated data
• Selective Deletion: Remove specific pieces of content or information

Processing Controls

• Right to Object: Object to certain types of data processing
• Processing Restriction: Request limitation of how we process your information
• Consent Withdrawal: Withdraw consent for optional data processing activities

Communication Preferences

• Marketing Opt-out: Unsubscribe from marketing communications at any time
• Notification Settings: Control which service notifications you receive
• Cookie Management: Adjust cookie preferences through our cookie banner

To exercise these rights, please contact us using the information provided at the end of this policy. We will respond to your request within 30 days and may require identity verification.

International Data Transfers

AgendaForge operates globally, and your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws:

Transfer Safeguards

• Adequacy Decisions: Transfers to countries with adequate data protection as determined by relevant authorities
• Standard Contractual Clauses: Use of approved contractual terms for international transfers
• Certification Programs: Participation in recognized privacy frameworks and certifications
• Binding Corporate Rules: Internal policies ensuring consistent data protection standards

Data Localization

For enterprise customers with specific data residency requirements, we offer options to store data in specific geographic regions. Contact our sales team for more information about data localization options.

Children's Privacy Protection

AgendaForge is designed for business and professional use and is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child under 16, please contact us immediately.

Third-Party Services and Links

Our Service may contain links to third-party websites, applications, or services that are not owned or controlled by AgendaForge. This Privacy Policy does not apply to these third-party services.

We encourage you to review the privacy policies of any third-party services you access through our platform. We are not responsible for the privacy practices of these external services.

Integrated Services

When you connect third-party services (such as calendar or CRM systems) to AgendaForge, those integrations are governed by both our privacy policy and the privacy policies of the integrated services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• Update the "Last updated" date at the top of this policy
• Notify you via email for significant changes that affect your rights
• Post a notice on our website highlighting important updates
• Provide in-app notifications for material changes to data processing

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Service after changes become effective constitutes acceptance of the updated policy.