Preskoči na glavni sadržaj
&Sageio

Pravne informacije

Pravila privatnosti

Posljednje ažuriranje: · v2026-06-12c

Ovaj je dokument mjerodavan na engleskom.

Language. This document is available in English and in Chinese. For consumers in Taiwan, the Chinese version prevails; otherwise, in case of discrepancy, the English version prevails.

1. What we collect

Account data. Name, email, and authentication metadata provided when you create a Sageio account or sign in via an identity provider.

Billing data. Handled by our Merchant of Record (Lemon Squeezy). We receive non-sensitive metadata such as plan, status, billing country, and the last four digits of your card. We do not store full payment card numbers.

Meeting content. Audio captured during meetings, the speech-to-text transcript derived from that audio, translations into your selected target languages, and speaker labels detected from the meeting interface, and AI-generated summaries and action items derived from the transcript.

Contact and newsletter data. The name, email address, and message you submit through our contact form, and the email address you submit when subscribing to our newsletter.

Usage data. Request timestamps, IP address, browser user agent, and feature usage counters. Retained for security, abuse prevention, and product analytics.

Roles.Where meeting content is processed within a business customer's workspace, that customer is the data controller and Sageio processes the content as a processor under our Data Processing Agreement. This policy describes the processing for which Sageio itself is the controller: account, billing, website, communications, security and abuse prevention, and — for individual (non-workspace) users — the provision of the service itself.

2. How we use your data

We use the data we collect to (a) provide the service you requested, (b) bill you for paid plans, (c) communicate about your account, (d) improve and secure the product, and (e) comply with our legal obligations.

Meeting transcripts are processed in real time to produce translations. We do not train machine-learning models on customer meeting content, and our vendors are contractually restricted from doing so.

Legal bases. We rely on the performance of our contract with you (Art. 6(1)(b) GDPR) for items (a)–(c); on our legitimate interests in improving and securing the product (Art. 6(1)(f)) for item (d); and on our legal obligations (Art. 6(1)(c)) for item (e). Where we ask for your consent — for example, for the newsletter — you may withdraw it at any time.

Special categories of data. Sageio does not seek to collect special categories of personal data (such as data about health, religion, political opinions, trade-union membership, or sexual orientation), and our service does not identify anyone by their voice: speaker labels come from the meeting interface, and we create no voiceprints or biometric templates. Because meetings can touch on anything, transcripts may incidentally contain such data. Where a business workspace is concerned, the customer is responsible under our DPA for an appropriate legal basis, including any notices to and consents from meeting participants. Where Sageio acts as controller for individual users, we ask for your explicit consent to process special categories incidentally contained in your meeting content when you first enable transcription; we use that content only to provide the service.

3. Sub-processors

We rely on the following third parties to deliver Sageio. Each receives only the minimum data necessary for its role.

  • Clerk — authentication and identity.
  • Deepgram — real-time speech-to-text transcription.
  • OpenAI — real-time speech-to-text transcription (default engine for new workspaces) and transcription of uploaded audio files.
  • DeepL — translation of interim transcript segments and final translation for selected target languages.
  • Google (Gemini) — translation refinement of finalized transcript segments; AI-generated summaries and action items.
  • Amazon Web Services (AWS) — cloud hosting, object storage (audio and transcript exports), and encryption key management (KMS).
  • Neon — managed PostgreSQL hosting for application data and transcripts.
  • Vercel — application hosting and edge compute.
  • Resend — transactional, meeting-summary, and newsletter email delivery.
  • Plausible — cookieless, privacy-respecting website analytics.

Separately, Lemon Squeezy (a Stripe company) handles checkout, payments, tax, and invoicing as Merchant of Record. For those purposes it determines its own means of processing and acts as an independent data controller — your purchase data is governed by its own privacy policy, not by this sub-processor list.

The canonical, always-current sub-processor list — with purpose and processing location for each — is published at sageio.net/subprocessors. The list above reflects the production processors in use today.

4. Data retention

Account data is retained while your account is active. You may request deletion of your account and associated data at any time by writing to privacy@sageio.net; we complete verified deletion requests within 30 days. Billing records are retained for up to seven years where tax law requires.

Meeting transcripts are retained until you delete them or until your account is deleted. Audio recordings are not stored; only the derived text is persisted. Deleting a meeting does not recall summary emails already delivered to their recipients.

Contact-form submissions — the name, email address, and message you provide — are automatically deleted 24 months after submission. The IP address recorded with a submission is kept for abuse prevention only and is cleared after 90 days. Newsletter data is kept while you are subscribed and removed from our mailing list when you unsubscribe. All of the above can also be deleted earlier on request to the address in Section 10.

Residual copies in routine encrypted backups and server logs are purged on a rolling schedule of no more than 30 days and are not used for any other purpose.

5. International data transfers

Sageio is operated by 好客網路股份有限公司 (Unified Business No. 29041135), an entity registered in Taiwan, and processes data in Singapore (primary database region) and other regions where our sub-processors operate. Where data originates from jurisdictions that restrict cross-border transfers (such as the EEA and the UK), we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses and the UK Addendum.

Business customers can put these safeguards on a contractual footing by executing our Data Processing Agreement, which incorporates the SCCs (Module Two) and the UK Addendum.

Users located in the PRC. The Service is not directed at individuals located in the PRC. If you access the Service from within the PRC on your own initiative, your personal data will be transferred to and processed in Taiwan, Singapore, and the other locations described in this Section, under this Privacy Policy and the safeguards described above. We maintain no establishment or representative in the PRC.

6. Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. EU and UK residents have these rights under the GDPR; we voluntarily extend equivalent rights to all users, including California residents.

To exercise these rights, contact us using the address in Section 10. We will respond within the timeframes required by applicable law.

You may also lodge a complaint with your local data-protection supervisory authority. Users in Taiwan additionally have the rights set out in the Personal Data Protection Act. We do not make automated decisions about you that produce legal or similarly significant effects.

7. Cookies and analytics

We use essential cookies for authentication and session management. Aggregate, anonymized usage statistics are collected via a privacy-respecting analytics provider (Plausible) that sets no cookies and stores nothing on your device; we rely on our legitimate interest in understanding site usage as the legal basis for this measurement. Your IP address is used only transiently to compute the statistics, hashed with a salt that rotates daily, and never stored in raw form. No cross-site tracking takes place and no individual profile is built. You may object to this measurement at any time (Art. 21 GDPR) by writing to privacy@sageio.net. We do not place advertising trackers on Sageio properties.

8. Children

Sageio is intended for use by businesses and is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to the address on file at least 14 days before they take effect, except where a shorter notice period is required by law.

10. Contact us

Questions about this policy or our handling of your data may be sent to privacy@sageio.net, or by post to 好客網路股份有限公司 (Unified Business No. 29041135), No. 205, Hulin Street, Xinyi District, Taipei City, Taiwan (臺北市信義區虎林街205號).