Privacy Policy

1. Intro

Supercompany AS ("we," "us," or "our"), the owner of Trale.ai, is committed to protecting your privacy. This privacy policy explains how we collect, process, and protect your personal data when you use our service ("Trale" or the "Service").

We adhere to the Norwegian Data Protection Act and the EU General Data Protection Regulation (GDPR). If you have any questions, please contact us at contact@trale.ai.

2. Data We Collect and Why

We process personal data to provide and improve Trale, as described below:

When You Use the Service

• Personal Identification Information: Name and email address (for account creation and communication).
• Video and audio recordings: We capture both video and audio of all virtual meetings for transcription and summarization. Recordings are retained for 7 days, then permanently deleted.
• Meeting Notes and Transcription: Summarized meeting content, which may include personal data.
• CRM Integration Data: Data synced from CRM systems, such as contact information, to give improved meeting summaries and insights.
• Google and Microsoft Data (if connected):

Profile information: Name and email address.

Calendar events: Meeting details (event name, participants, date, time and URL) for scheduling and insights.

Supercompany also processes personal data for which the customer is the data controller. In such cases, Supercompany acts as a data processor. This is regulated in a data processing agreement, which is part of the Customer Agreement in Terms and Conditions.

Website Usage

When you visit our website (trale.ai), we collect:

• Browser type and version.
• Access times and pages visited.

This data is used for analytics, improving our website, and ensuring security.

3. Use and Sharing of Google Data

Trale integrates with Google API Services to enhance user experience by syncing meeting data and providing insights.

Our use and transfer of Google user data comply with the Google API Services User Data Policy, including the Limited Use requirements.

How We Use Google Data

If users connect their Google account, Trale accesses:

• Profile Information (name and email) for authentication
• Calendar events (event name, participants, date, time, and meeting links) to generate meeting summaries.

We do not access, modify, or store email content, drive files, or any other Google data beyond what is necessary for meeting transcription.

How We Share Google Data

• Trale does not sell, share, or transfer Google user data for advertising or marketing purposes.
• Google data is only processed within Trale's secure environment and may be shared with trusted sub-processors solely for delivering the Service. A full list of sub-processors is available at the bottom of this page.
• Users can disconnect their Google integration at any time, and their Google-related data will be deleted immediately.

User Control Over Google Data

• Users can manage or revoke Trale's access to their Google data via the Google Account permissions page.
• Upon account deletion or disconnection, all Google-related data is permanently erased from Trale's systems.

4. Retention of Data

We retain personal data as follows:

• Meeting Recordings: Retained for 7 days, then permanently deleted.
• Meeting Summaries: Retained until the customer deletes their account or requests deletion.
• Website Data: Retained for up to 30 days for security and analytics.
• Google and Microsoft Data: Deleted upon account deletion or disconnection.

5. Data Residency and Transfers

All meeting data and transcriptions are processed and stored exclusively within the EU/EEA. Trale does not transfer meeting data outside the EU/EEA at any time.

6. Sub-Processors

We utilize trusted partners to deliver our Service. A full overview of our Sub-Processors is documented at the bottom of this page.

7. Security Measures

We take the following measures to protect your data:

• Encryption: All data is encrypted at rest with AES-256 and in transit via TLS.
• Access Control: Only authorized personnel can access your data.
• Monitoring: Regular security audits and vulnerability scans.
• Incident Response: Any data breaches will be reported to authorities and affected users within 72 hours.

8. Your Rights

As a data subject, you have the following rights:

1. Access: Request a copy of the personal data we process about you.
2. Correction: Request corrections to inaccurate or incomplete data.
3. Deletion: Request deletion of your data (with some legal exceptions, such as accounting records).
4. Data Portability: Receive your data in a structured, machine-readable format.
5. Withdraw Consent: Revoke consent for data processing at any time (if consent is the legal basis).

To exercise your rights, contact us at contact@trale.ai

9. Cookies and Tracking

We use cookies to enhance your experience:

• Necessary Cookies: Enable core functionality of the Service.
• Analytics Cookies: Monitor and improve website performance.

You can disable cookies through your browser settings, though some features may be affected.

10. Changes to This Policy

We may update this privacy policy periodically. Updates will be communicated through our website, and the effective date will be updated.

11. Contact Us

If you have questions or concerns about this policy, please contact us:

• Email: contact@trale.ai
• Support: support@trale.ai

12. Sub-Processors Overview

Below is a list of the sub-processors we use to deliver our services. These companies have been carefully selected and are bound by data processing agreements that ensure your data is handled with the appropriate level of security and in compliance with relevant regulations.