1. What we collect
Account data. Name, email, and authentication metadata provided when you create a Sageio account or sign in via an identity provider.
Billing data. Handled by our Merchant of Record (Lemon Squeezy). We receive non-sensitive metadata such as plan, status, billing country, and the last four digits of your card. We do not store full payment card numbers.
Meeting content. Audio captured during meetings, the speech-to-text transcript derived from that audio, translations into your selected target languages, and speaker labels detected from the meeting interface.
Usage data. Request timestamps, IP address, browser user agent, and feature usage counters. Retained for security, abuse prevention, and product analytics.
2. How we use your data
We use the data we collect to (a) provide the service you requested, (b) bill you for paid plans, (c) communicate about your account, (d) improve and secure the product, and (e) comply with our legal obligations.
Meeting transcripts are processed in real time to produce translations. We do not train machine-learning models on customer meeting content without explicit, opt-in consent.
3. Sub-processors
We rely on the following third parties to deliver Sageio. Each receives only the minimum data necessary for its role.
- Lemon Squeezy — payments and subscription management (Merchant of Record).
- Clerk — authentication and identity.
- Deepgram — real-time speech-to-text transcription.
- DeepL — translation of interim transcript segments.
- Google (Gemini) — translation refinement of finalized transcript segments.
- Neon — managed PostgreSQL hosting for application data and transcripts.
- Vercel — application hosting, edge compute, and analytics.
[Placeholder] A full sub-processor list with contractual links will be maintained at a public URL before launch.
4. Data retention
Account data is retained while your account is active and for a reasonable period afterwards to handle billing reconciliation and legal requirements.
Meeting transcripts are retained until you delete them or until your account is deleted. Workspace administrators may configure a shorter retention window. Audio recordings are not stored; only the derived text is persisted.
5. International data transfers
Sageio is operated by an entity registered in Samoa and processes data in Singapore (primary database region) and other regions where our sub-processors operate. Where data is transferred from regions with data localization requirements (e.g. the European Economic Area), we rely on appropriate safeguards such as Standard Contractual Clauses.
6. Your rights
Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. EU and UK residents have these rights under the GDPR; California residents have analogous rights under the CCPA / CPRA.
To exercise these rights, contact us using the address in Section 10. We will respond within the timeframes required by applicable law.
7. Cookies and analytics
We use essential cookies for authentication and session management. Aggregate, anonymized usage statistics are collected via a privacy-respecting analytics provider that does not use third-party tracking cookies. We do not place advertising trackers on Sageio properties.
8. Children
Sageio is intended for use by businesses and is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.
9. Changes to this policy
We may update this policy from time to time. Material changes will be communicated by email to the address on file at least 14 days before they take effect, except where a shorter notice period is required by law.
10. Contact us
Questions about this policy or our handling of your data may be sent to privacy@sageio.net. [Placeholder mailing address pending entity registration confirmation.]