Privacy Policy
Last updated: June 27, 2025
Privacy Overview
NoteWave, a product of Blaze AI Solutions, is committed to protecting your privacy and handling your personal data with the highest level of care and security. This Privacy Policy explains how we collect, use, store, and protect your information when you use our AI-powered meeting transcription services.
We comply with applicable privacy laws including the European Union's General Data Protection Regulation (GDPR),South Africa's Protection of Personal Information Act (POPIA), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations worldwide.
Your Privacy Rights
You have the right to access, correct, delete, or port your data. You can also restrict processing and withdraw consent at any time.
Your Privacy Rights
Under applicable privacy laws, you have the following rights:
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your personal data
Right to Portability
Export your data in a machine-readable format
Right to Object
Object to processing for direct marketing
Right to Withdraw Consent
Withdraw consent for data processing
Data Rights & Access
Users may request to access, update, or delete their personal data by contacting our support team via the information on our contact page.
We honor all data subject access rights in accordance with applicable privacy laws such as GDPR, CCPA, and others.
How to Exercise Your Rights
Contact our privacy team at contact@blazesolutions.ai or use the contact information provided at the end of this policy. We will respond to your request within 30 days.
Data We Collect
Account Information
- Name, email address, and contact information
- Account credentials and authentication data
- Billing and payment information (processed by LemonSqueezy)
- Profile preferences, settings, and user configurations
- OAuth data from Google, Microsoft, GitHub integrations
Meeting & Audio Data
- Audio recordings uploaded or recorded through our service
- Meeting metadata (date, duration, participant information)
- Generated transcripts, summaries, and AI insights
- User annotations, comments, edits, and action items
- Meeting platform integration data (Zoom, Teams, etc.)
- Speaker identification and diarization data
Technical Information
- Device information (type, operating system, browser version)
- IP address and approximate geographic location
- Usage analytics, feature usage, and app performance data
- Cookies, local storage, and similar tracking technologies
- Error logs and diagnostic information
Communication Data
- Customer support requests and interactions
- Feedback, survey responses, and user research data
- Marketing communication preferences and engagement
- Team collaboration and sharing activities
Zoom Integration Data
- Meeting metadata (start/end time, participants, meeting IDs)
- Cloud recording files and associated transcripts
- User email address associated with Zoom login (for identification purposes)
- Zoom account information and OAuth authentication tokens
- Recording processing status and webhook event data
Important: This data is processed securely and used solely for transcription, speaker identification, and meeting summarization features. We do not collect data from participants under the age of 16, nor do we target our services toward children or educational institutions serving minors.
3How We Use Your Data
Core Service Provision
- Processing audio recordings to generate accurate transcripts
- Creating AI-powered meeting summaries, action items, and insights
- Providing real-time transcription during live meetings
- Storing, organizing, and managing your transcripts and data
- Enabling collaboration, sharing, and team features
- Supporting integrations with meeting platforms and tools
Account & Business Operations
- Creating and maintaining your user account
- Processing payments and managing subscriptions
- Providing customer support and technical assistance
- Sending important service notifications and updates
- Managing team accounts and permissions
Service Improvement & AI Development
- Improving transcription accuracy and AI model performance
- Developing new features and functionality
- Analyzing usage patterns to enhance user experience
- Conducting research and development (using anonymized data)
- Training language models for better multi-language support
Security & Legal Compliance
- Enhancing security and preventing fraud or abuse
- Complying with legal obligations and regulations
- Responding to legal requests and court orders
- Enforcing our Terms of Service and protecting rights
- Investigating security incidents and policy violations
Data Security & Protection
We implement comprehensive, enterprise-grade security measures to protect your data:
Encryption Standards
- • TLS 1.3 for data in transit
- • AES-256 for data at rest
- • End-to-end encryption for sensitive content
- • Encrypted database storage
Infrastructure Security
- • SOC 2 Type II compliant servers
- • Automated backups and disaster recovery
- • 24/7 monitoring and intrusion detection
- • Regular security audits and penetration testing
Access Controls
- • Multi-factor authentication (MFA)
- • Role-based access control (RBAC)
- • Regular access reviews and audits
- • Employee security training
Incident Response
- • 24/7 security operations center
- • Automated threat detection
- • Incident response procedures
- • Breach notification protocols
Data Sharing & Transfers
We Do NOT Sell Your Data
NoteWave never sells, rents, or trades your personal information to third parties.
We may share data only in the following limited circumstances:
Trusted Service Providers
- LemonSqueezy: Payment processing and subscription management
- Supabase: Database hosting and authentication services
- OpenAI/Azure: AI model processing for transcription and summaries
- Assembly AI: Alternative transcription services
- Google Cloud: Infrastructure and AI services
- Zoom: Meeting platform integration and recording access (when connected by user)
Legal Requirements
When required by law, court order, or government regulation
Business Transfers
In case of merger, acquisition, or sale of assets (with user notification)
With Your Consent
Any other sharing requires your explicit consent
International Transfers
Data may be processed outside your country. We use Standard Contractual Clauses (SCCs) and ensure adequate protection levels for international transfers.
Data Retention
We retain data only as long as necessary for business and legal purposes:
Account Data
Retained until account deletion + 30 days for processing
Audio Files
Automatically deleted unless explicitly saved by user
Transcripts
Retained until user deletion or account termination
Analytics Data
Stored for 24 months (anonymized after 12 months)
User Control: You can request deletion of your data at any time through account settings or by contacting our privacy team.
Cookies & Tracking
We use cookies and similar technologies to enhance your experience:
Essential Cookies
Login sessions, authentication, security (Required)
Analytics Cookies
Usage metrics, performance optimization (Optional)
Marketing Cookies
Advertising, remarketing campaigns (Optional)
You can manage cookie preferences through your browser settings or our consent banner. Disabling essential cookies may affect service functionality.
Contact Our Privacy Team
Privacy Department & Data Protection Officer
Blaze AI Solutions
NoteWave Development Team
Response Time: We aim to respond to privacy requests within 30 days.
Global Privacy Compliance
This Privacy Policy complies with GDPR (EU), POPIA (South Africa), CCPA (California), PIPEDA (Canada), and other international privacy laws and best practices.
By using NoteWave, you acknowledge that you have read and understand this Privacy Policy.