Indigo Logo
LabsResearchInsightsLog In

Privacy Policy

Indigo AI, Inc.

Last Updated: February 6, 2025

1. Introduction

Indigo AI, Inc. ("Indigo," "we," "us," or "our") provides an AI-powered meeting intelligence platform that extracts actionable insights from your meetings and conversations. This Privacy Policy describes how we collect, use, share, and protect your information when you use our website, desktop application, command-line tools, API integrations, and related services (collectively, the "Service").

By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

Account Information

  • Name, email address, and profile details provided during registration
  • Authentication credentials managed through our identity provider
  • Account preferences and settings
  • Subscription and billing information

Meeting Data

  • Meeting recordings and audio files
  • Meeting transcripts generated from recordings
  • Meeting metadata, including title, description, date, time, duration, and URL
  • Participant information, including names, email addresses, and roles
  • Calendar event details from connected calendar accounts

AI-Extracted Signals

  • Decisions, action items, accomplishments, and key facts identified from your meetings
  • Direct quotes and citations attributed to meeting participants
  • Speaker attribution and contextual information
  • Relationships between people, teams, projects, and initiatives referenced in meetings

Chat & Interaction Data

  • Messages and queries submitted through our conversational AI features
  • AI-generated responses and insights provided to you

Usage & Technical Data

  • Device information, browser type, and operating system
  • Log data, including access times and pages viewed
  • Product usage patterns and feature interactions
  • Error reports and performance data

Payment Information

Billing details are collected and processed by our payment processor, Stripe. We do not directly store your full credit card number.

3. How We Collect Information

  • Directly from you when you create an account, configure settings, or interact with the Service
  • Automatically when our meeting bot joins your meetings to record and transcribe, or when you use the Service
  • From third-party integrations you connect, such as Google Calendar, Slack, Zoom, or email
  • From AI processing when our models analyze your meeting content to extract signals and insights

4. How We Use Your Information

We use the information we collect to:

  • Record, transcribe, and analyze your meetings
  • Extract actionable signals such as decisions, action items, and key facts
  • Provide AI-powered insights and conversational features
  • Maintain and improve the Service's functionality and performance
  • Manage your account, process payments, and communicate with you about the Service
  • Send transactional emails related to your account or activity
  • Monitor for errors, security issues, and abuse
  • Comply with legal obligations

5. AI & Automated Processing

Indigo uses large language models and other AI technologies to process your meeting recordings, transcripts, and related data. This processing is used to:

  • Generate transcripts from audio recordings
  • Extract signals (decisions, actions, accomplishments, key facts) from meeting content
  • Provide conversational AI features and meeting summaries
  • Build and maintain a taxonomy of people, teams, projects, and initiatives referenced across your meetings

Your data is used for per-user inference only. We do not use your meeting content, transcripts, or extracted signals to train or fine-tune AI models. Your data is processed solely to deliver insights back to you and your organization.

6. Google User Data Access and Usage

Our application may access Google user data, but only the information that is specifically authorized by you and required to perform the functions you have enabled within our services. The access includes:

  • Google Sheets (spreadsheets.readonly) – To allow users to import spreadsheets and perform AI-powered actions using the data in context while asking questions.
  • Google Drive (drive.file) – To enable users to import files from Google Drive if they do not have spreadsheets.
  • Google Calendar (calendar.readonly) – To allow users to select a calendar for the AI bot so it can join events and generate transcripts with AI insights.
  • Google Calendar Events (calendar.events.readonly) – To fetch upcoming events from the selected calendar and enable the AI bot to join and provide relevant insights.
  • User Profile (openid, userinfo.email, userinfo.profile) – To authenticate users and personalize their experience within the application.

We do not store, share, or use your Google data for any purposes beyond the described functionalities. Your data remains secure and is accessed only with your explicit consent. Compliance with Google's Limited Use Policy: Indigo app adheres to the Google API Services User Data Policy, including the Limited Use requirements. For more details, visit Google API Services User Data Policy.

7. Information Sharing & Third-Party Services

We do not sell your personal information. We share information only in the following circumstances:

Service Providers (Sub-Processors)

We use third-party service providers to operate the Service. These providers process data on our behalf under contractual obligations to protect your information:

ProviderPurpose
Recall.aiMeeting recording and transcription
Amazon Web Services (S3)Cloud storage for recordings and files
OpenAIAI-powered meeting analysis and insights
AnthropicAI-powered meeting analysis and insights
DeepgramSpeech-to-text processing
ClerkUser authentication and identity management
StripePayment and subscription processing
SendGridTransactional email delivery
MongoDB AtlasDatabase hosting
SentryError tracking and performance monitoring
Customer.ioProduct analytics

Other Disclosures

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, safety, or property of Indigo, our users, or the public.

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

8. Data Storage & Security

We implement technical and organizational measures to protect your information, including:

  • Encryption at rest and in transit for stored data and network communications
  • AES-256-GCM encryption for API keys and sensitive credentials
  • Field-level encryption for sensitive data stored in our database
  • Multi-tenant data isolation ensuring that your data is accessible only to authorized users within your organization, enforced automatically at the query layer
  • Webhook signature verification for third-party integrations

Meeting recordings and files are stored in encrypted cloud storage (AWS S3). Database records are hosted on MongoDB Atlas with access controls and encryption.

While we take reasonable steps to protect your information, no system is completely secure. We cannot guarantee absolute security.

9. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Meeting recordings and transcripts are retained for the duration of your account unless you request earlier deletion
  • Extracted signals and insights are retained for the duration of your account
  • Account information is retained until you delete your account
  • Payment records are retained as required by applicable tax and financial regulations
  • Usage and technical data may be retained in aggregated or anonymized form for analytics purposes

Upon account deletion, we will delete or anonymize your personal data within a reasonable timeframe, except where retention is required by law.

10. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access — Request a copy of the personal information we hold about you
  • Correction — Request correction of inaccurate or incomplete information
  • Deletion — Request deletion of your personal information, subject to legal retention requirements
  • Data Portability — Request your data in a structured, commonly used format
  • Opt-Out of Analytics — You may opt out of product analytics tracking by contacting us
  • Withdraw Consent — Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at the address provided below. We will respond within the timeframe required by applicable law.

11. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Categories of Personal Information Collected

  • Identifiers (name, email address, account ID)
  • Commercial information (subscription and payment history)
  • Internet or electronic network activity (usage data, log data)
  • Audio and electronic information (meeting recordings, transcripts)
  • Professional or employment-related information (as referenced in meeting content)
  • Inferences drawn from the above (AI-extracted signals and insights)

Your CCPA Rights

  • Right to Know — You may request the categories and specific pieces of personal information we have collected about you
  • Right to Delete — You may request deletion of your personal information
  • Right to Opt-Out of Sale — We do not sell your personal information
  • Right to Non-Discrimination — We will not discriminate against you for exercising your rights

To submit a request, contact us using the information in Section 15 below.

12. International Users

If you are located outside the United States, please note that your information is transferred to and processed in the United States, where our servers and service providers are located.

Legal Basis for Processing (EEA/UK)

  • Performance of a contract — To provide the Service you have requested
  • Legitimate interests — To operate, improve, and secure the Service
  • Consent — Where you have provided explicit consent for specific processing activities

Data Transfers

We transfer data outside the EEA/UK using appropriate safeguards, including standard contractual clauses approved by the European Commission or equivalent mechanisms.

Additional Rights for EEA/UK Residents

  • Right to restrict processing
  • Right to object to processing based on legitimate interests
  • Right to lodge a complaint with your local data protection authority

13. Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a notice within the Service prior to the changes taking effect. The "Last Updated" date at the top of this policy indicates when it was most recently revised.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Indigo AI, Inc.

Email: privacy@getindigo.ai

Website: https://getindigo.ai