Superminde LogoSuperminde

    Privacy Policy

    How we protect and handle your data

    Last updated: August 25, 2025

    Our Commitment to Privacy

    At Superminde, we believe privacy is a fundamental right. We're committed to transparency about how we collect, use, and protect your data. This policy explains our practices and your rights regarding your personal information.

    Information We Collect

    • Account information when you sign up for Superminde
    • Meeting metadata (topic, date, duration) from connected platforms
    • Meeting recordings and transcripts you choose to sync
    • Usage data to improve our services
    • Communication data when you contact our support team

    How We Use Your Information

    • Provide and maintain our AI-powered task extraction services
    • Analyze meeting content to generate actionable insights
    • Send notifications about tasks and deadlines
    • Improve our product experience and service quality
    • Provide customer support and respond to inquiries

    Data Security & Privacy

    • All data is encrypted in transit and at rest using AES-256 encryption
    • Enterprise-grade security infrastructure with comprehensive access controls
    • Audit logging for all data access and user actions
    • Regular security assessments and monitoring
    • Full compliance with GDPR, CCPA, and other privacy regulations

    Your Rights & Control

    • Access, modify, or delete your personal data at any time
    • Control which meetings are processed by our AI
    • Export your data in standard formats
    • Opt out of data processing for product improvement
    • Request complete data deletion from our systems

    Google User Data

    When you choose to connect Google Calendar, Superminde requests the minimum necessary access to your Google data. We only request the following scope:

    • https://www.googleapis.com/auth/calendar.readonly — used to read your calendar events so we can display them and help you extract action items related to meetings.

    Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising or for training generalized AI models. Human access to Google user data is prohibited except when required for security, compliance, or to resolve a user-requested issue.

    What we access

    • Calendar event metadata (titles, times, attendees, and meeting links) from your primary calendar
    • OAuth tokens necessary to securely access your calendar on your behalf

    How we use Google data

    • To fetch and display your upcoming events inside Superminde
    • To associate meetings with transcripts you choose to process, in order to generate action items for you
    • To provide and improve these features for your account; not for advertising or unrelated purposes

    Sharing and disclosure of Google data

    • We do not sell or rent Google user data.
    • We do not share Google user data with third parties except to our service providers acting as data processors who enable our product (for example, Supabase for secure hosting and storage). These providers are bound by confidentiality and data processing agreements and may not use your data for their own purposes.
    • We do not transfer Google user data to any other app or service except as necessary to provide Superminde’s functionality to you.

    Retention and deletion

    • OAuth tokens are stored securely to maintain your connection and are revoked when you disconnect Google Calendar.
    • Calendar events are fetched on demand and are not permanently stored unless required for a feature you explicitly use.
    • You may request deletion of all data, and we will delete it within 30 days.

    Revoking access

    • You can disconnect Google Calendar from within Superminde at any time.
    • You can also revoke Superminde’s access directly in your Google Account at myaccount.google.com/permissions.

    Data Retention

    We retain your data only as long as necessary to provide our services. You can request deletion of your data at any time, and we'll process your request within 30 days.

    Third-Party Services

    We use trusted service providers solely to operate and improve Superminde. They act as data processors and may only process your data on our instructions:

    • Supabase — authentication, database, and secure serverless functions
    • Cloud hosting provider — infrastructure to run our application

    We do not allow these providers to use your data for their own marketing or advertising purposes.

    Updates to This Policy

    We may update this privacy policy from time to time. We'll notify you of any material changes via email or through our platform.

    Questions About Privacy?

    We're here to help. Contact our privacy team with any questions or concerns.

    Contact Legal ContactBack to Dashboard

    Legal Address:

    131 Continental Dr, Suite 305

    Newark, DE 19713

    United States