NoteWave
NoteWave Logo
Back to Home

Privacy Policy

Last updated: August 8, 2025

GDPR, POPIA & CCPA Compliant

Privacy Overview

NoteWave, a product of Blaze AI Solutions, is committed to protecting your privacy and handling your personal data with the highest level of care and security. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered meeting transcription services.

We comply with applicable privacy laws including the European Union's General Data Protection Regulation (GDPR),South Africa's Protection of Personal Information Act (POPIA), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations worldwide.

By accessing or using NoteWave, you confirm that you are at least 16 years of age or have the consent of a parent or legal guardian.

Your Privacy Rights

You have the right to access, correct, delete, or port your data. You can also restrict processing and withdraw consent at any time.

Your Privacy Rights

Under applicable privacy laws, you have the following rights:

Right to Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data

Right to Portability

Export your data in a machine-readable format

Right to Object

Object to processing for direct marketing

Right to Withdraw Consent

Withdraw consent for data processing

Data Rights & Access

Users may request to access, update, or delete their personal data by contacting our support team via the information on our contact page.

We honor all data subject access rights in accordance with applicable privacy laws such as GDPR, CCPA, and others.

How to Exercise Your Rights

Contact our privacy team at contact@blazesolutions.ai or use the contact information provided at the end of this policy. We will respond to your request within 30 days.

Data We Collect

Account Information

  • Name, email address, and contact information
  • Account credentials and authentication data
  • Billing and payment information (processed by LemonSqueezy)
  • Profile preferences, settings, and user configurations
  • OAuth data from Google, Microsoft, GitHub integrations

Meeting & Audio Data

  • Audio recordings uploaded or recorded through our service
  • Meeting metadata (date, duration, participant information)
  • Generated transcripts, summaries, and AI insights
  • User annotations, comments, edits, and action items
  • Meeting platform integration data (Zoom, Teams, etc.)
  • Speaker identification and diarization data

Technical Information

  • Device information (type, operating system, browser version)
  • IP address and approximate geographic location
  • Usage analytics, feature usage, and app performance data
  • Cookies, local storage, and similar tracking technologies
  • Error logs and diagnostic information

Communication Data

  • Customer support requests and interactions
  • Feedback, survey responses, and user research data
  • Marketing communication preferences and engagement
  • Team collaboration and sharing activities

Zoom Integration Data

  • Meeting metadata (start/end time, participants, meeting IDs)
  • Cloud recording files and associated transcripts
  • User email address associated with Zoom login (for identification purposes)
  • Zoom account information and OAuth authentication tokens
  • Recording processing status and webhook event data

Important: This data is processed securely and used solely for transcription, speaker identification, and meeting summarization features. We do not collect data from participants under the age of 16, nor do we target our services toward children or educational institutions serving minors.

3
How We Use Your Data

Core Service Provision

  • Processing audio recordings to generate accurate transcripts
  • Creating AI-powered meeting summaries, action items, and insights
  • Providing real-time transcription during live meetings
  • Storing, organizing, and managing your transcripts and data
  • Enabling collaboration, sharing, and team features
  • Supporting integrations with meeting platforms and tools

Account & Business Operations

  • Creating and maintaining your user account
  • Processing payments and managing subscriptions
  • Providing customer support and technical assistance
  • Sending important service notifications and updates
  • Managing team accounts and permissions

Service Improvement & AI Development

  • Improving transcription accuracy and AI model performance
  • Developing new features and functionality
  • Analyzing usage patterns to enhance user experience
  • Conducting research and development (using anonymized data)
  • Training language models for better multi-language support

Security & Legal Compliance

  • Enhancing security and preventing fraud or abuse
  • Complying with legal obligations and regulations
  • Responding to legal requests and court orders
  • Enforcing our Terms of Service and protecting rights
  • Investigating security incidents and policy violations

Data Security & Protection

We implement comprehensive, enterprise-grade security measures to protect your data:

Encryption Standards

  • TLS 1.3 for data in transit
  • AES-256 for data at rest
  • • Encrypted database storage (where supported by provider)

Infrastructure Security

  • • SOC 2 or ISO 27001 controls by our infrastructure providers (where applicable)
  • • Automated backups and disaster recovery
  • • 24/7 monitoring and intrusion detection
  • • Regular security audits and penetration testing

Access Controls

  • • Multi-factor authentication (MFA)
  • • Role-based access control (RBAC)
  • • Regular access reviews and audits
  • • Employee security training

Incident Response

  • • 24/7 security operations center
  • • Automated threat detection
  • • Incident response procedures
  • • Breach notification protocols

Data Sharing & Transfers

We Do NOT Sell Your Data

NoteWave never sells, rents, or trades your personal information to third parties.

We only share user data with our trusted service providers to deliver NoteWave’s functionality. These providers process data in accordance with their own privacy and security standards. We may share data only in the following limited circumstances:

Trusted Service Providers

  • LemonSqueezy: Payment processing and subscription management
  • Supabase: Secure, scalable database storage and authentication
  • Vercel: Frontend hosting and delivery
  • Fly.io: Backend Python hosting for processing services
  • ElevenLabs: Transcription processing services
  • OpenAI/Azure: AI model processing for summaries and enhancements (if enabled)
  • Zoom / Microsoft Teams: Meeting platform integrations and recording access (when connected by user)

Legal Requirements

When required by law, court order, or government regulation

Business Transfers

In case of merger, acquisition, or sale of assets (with user notification)

With Your Consent

Any other sharing requires your explicit consent

International Transfers

Data may be processed outside your country. We use Standard Contractual Clauses (SCCs) and ensure adequate protection levels for international transfers.

Data Breach Notification

If we become aware of a personal data breach that is likely to result in a risk to users' rights or freedoms, we will notify affected users and relevant supervisory authorities without undue delay and, where feasible, within 72 hours of becoming aware of the breach.

Children and Minors

We do not knowingly collect personal information from children under 16. If we learn we have collected information from a child under 16, we will take reasonable steps to delete it as soon as possible. If you believe a user is under the minimum age, please contact us at contact@blazesolutions.ai.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and post the updated policy on this page. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

Data Retention

We retain data only as long as necessary for business and legal purposes:

Account Data

Retained until account deletion + 30 days for processing

Audio Files

Automatically deleted unless explicitly saved by user

Transcripts

Retained until user deletion or account termination

Analytics Data

Stored for 24 months (anonymized after 12 months)

User Control: You can request deletion of your data at any time through account settings or by contacting our privacy team.

Cookies & Tracking

We use cookies and similar technologies to enhance your experience:

Essential Cookies

Login sessions, authentication, security (Required)

Analytics Cookies

Usage metrics, performance optimization (Optional)

Marketing Cookies

Advertising, remarketing campaigns (Optional)

You can manage cookie preferences through your browser settings or our consent banner. Disabling essential cookies may affect service functionality.

Contact Our Privacy Team

Privacy Department & Data Protection Officer

Blaze AI Solutions

NoteWave Development Team

📧 contact@blazesolutions.ai

Response Time: We aim to respond to privacy requests within 30 days.

Global Privacy Compliance

This Privacy Policy complies with GDPR (EU), POPIA (South Africa), CCPA (California), PIPEDA (Canada), and other international privacy laws and best practices.

I Understand and Agree

By creating an account or using NoteWave, you confirm that you have read and agree to this Privacy Policy and our Terms of Service, and that you are 16 years or older.