Privacy Policy

Last updated: March 2026

This Privacy Policy describes how contextprompt ("we," "us," or "our") collects, uses, stores, and shares information when you use our website at contextprompt.app and our SaaS platform (collectively, the "Service"). By using the Service, you agree to the practices described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you sign in via Google OAuth, we receive your Google profile information (name, email, and profile picture) as authorized by your Google account settings.

1.2 Meeting Recordings and Transcripts

When you use the Service to record a meeting, our AI bot joins your meeting on supported platforms (Zoom, Google Meet, Slack Huddles, Microsoft Teams) and captures audio. This audio is processed into text transcripts. Both the audio recording and the resulting transcript are stored on our servers for processing and later retrieval by you.

1.3 Repository Metadata

When you connect code repositories to contextprompt, we collect and process repository metadata including file names, directory structures, exported function and class signatures, and file contents within your configured token budget. We do not clone or store complete copies of your repositories. Repository data is used solely to provide context-aware coding task extraction.

1.4 Extracted Tasks and Analysis

We store the structured coding tasks extracted from your meeting transcripts and repository context. This includes task descriptions, priorities, relevant file references, and implementation suggestions generated by our AI analysis.

1.5 Payment Information

If you subscribe to a paid plan, payment details (credit card number, billing address) are collected and processed directly by Stripe, our payment processor. We do not store your full credit card number on our servers. We retain only a reference to your Stripe customer ID, subscription status, and billing history.

1.6 Usage Data

We automatically collect information about how you interact with the Service, including recording durations, number of meetings processed, feature usage, browser type, operating system, IP address, and access timestamps.

1.7 Cookies and Local Storage

We use cookies and browser local storage to maintain your authentication session and store user preferences. We do not use third-party tracking cookies or advertising cookies.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service, including joining meetings, transcribing audio, scanning repositories, and extracting coding tasks.
• Authenticate your identity and manage your account.
• Process payments and manage your subscription.
• Enforce usage limits associated with your plan (Free: 1 hour/month, Pro: 15 hours/month of recording time).
• Communicate with you about the Service, including responding to support requests and sending service-related notifications.
• Monitor and analyze usage trends to improve the Service.
• Detect, prevent, and address technical issues, fraud, or abuse.

3. Third-Party Services

We rely on the following third-party services to operate contextprompt. Each processes your data according to their own privacy policies:

3.1 Recall.ai

We use Recall.ai to deploy recording bots to your meetings on Zoom, Google Meet, Slack, and Microsoft Teams. Recall.ai receives meeting URLs and captures audio from those meetings on our behalf. Audio data is transmitted to our servers for processing. Recall.ai's handling of data is governed by their privacy policy and our data processing agreement with them.

3.2 Anthropic (Claude API)

Meeting transcripts and repository metadata are sent to the Anthropic Claude API for AI-powered analysis and task extraction. Anthropic processes this data according to their API terms of service and does not use API inputs or outputs to train their models. Data sent to Anthropic includes transcript text, repository file structures, and code snippets relevant to the extracted tasks.

3.3 Stripe

We use Stripe for payment processing. Stripe collects and processes your payment information directly. We never receive or store your full credit card details. Stripe's handling of payment data is governed by the Stripe Privacy Policy.

3.4 Google OAuth

If you choose to sign in with Google, we use Google OAuth 2.0 for authentication. We receive your basic profile information (name, email, profile picture) from Google. We do not access your Google Drive, Calendar, Gmail, or any other Google services beyond authentication.

4. Data Retention

We retain your data as follows:

• Account information: Retained for as long as your account is active. Upon account deletion, your personal information is removed within 30 days.
• Meeting recordings and transcripts: Stored for the lifetime of your account. You may delete individual meetings and their associated data at any time from your dashboard.
• Extracted tasks: Stored for the lifetime of your account or until you delete the associated meeting.
• Repository metadata: Processed in real-time during task extraction. Repository maps are cached temporarily and refreshed on each new meeting analysis. You may disconnect repositories at any time.
• Payment records: Billing history is retained for up to 7 years as required for tax and accounting purposes.
• Usage logs: Retained for up to 12 months for analytics and debugging purposes, then anonymized or deleted.

5. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption of data in transit using TLS 1.2 or higher.
• Encryption of sensitive data at rest.
• Secure authentication using hashed passwords and JWT tokens with limited lifetimes.
• Access controls limiting employee access to production data on a need-to-know basis.
• Regular security reviews of our infrastructure and dependencies.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: You may request a copy of the personal data we hold about you.
• Correction: You may request that we correct inaccurate or incomplete data.
• Deletion: You may request deletion of your account and associated data. You can also delete individual meetings from your dashboard.
• Portability: You may request a machine-readable export of your data.
• Objection: You may object to certain types of processing of your personal data.
• Restriction: You may request that we restrict processing of your personal data in certain circumstances.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

7. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate. By using the Service, you consent to the transfer of your data to these jurisdictions. We ensure that appropriate safeguards are in place for any international data transfers.

8. Children's Privacy

The Service is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

• Email: [email protected]
• Website: contextprompt.app