Privacy Policy
Effective date: May 30, 2026 · Last updated: 2026-06-03
SitRep provides a meeting-intelligence and task-automation service that connects to your meeting and productivity tools to capture meeting context and turn it into summaries and action items. This policy explains what data we collect, why, how we use and share it, and the choices you have. We do not sell your personal information, and we do not use your meeting content to train our own models.
1. Information we collect
Account & identity. Name, email, and authentication credentials, collected via our authentication provider (Clerk).
Connected-service data (via OAuth). With your explicit authorization, we access only the scopes you grant from Zoom (meeting metadata and, where authorized, recordings/transcripts), Google Calendar, Google Docs/Drive, Slack, Notion, and Linear. We store the OAuth tokens needed to maintain these connections.
Meeting content. Meeting metadata, transcripts, summaries, and derived action items from meetings you choose to process.
Operational data. Logs and technical metadata needed to operate, secure, and debug the service.
2. How we use information
To provide the core service (capturing meetings and generating summaries and tasks), maintain authorized integrations, secure and improve the service, and communicate with you.
3. How we share information (sub-processors)
We share data only with providers who process it on our behalf, and with the third-party services you explicitly connect:
| Sub-processor | Purpose |
|---|---|
| Clerk | Authentication & user management |
| Supabase | Primary database (PostgreSQL) |
| Amazon Web Services (AWS) | Backend hosting / compute |
| Vercel | Frontend hosting |
| Recall.ai | Meeting capture / transcription |
| OpenAI / Anthropic | Summarization & AI processing |
| Resend | Transactional email (invitations) |
| Calendar / Docs integration (your choice) | |
| Zoom | Meeting source (your choice) |
| Slack, Notion, Linear | Productivity integrations (your choice) |
4. Zoom data
When you connect Zoom, SitRep accesses meeting information under the scopes you approve and uses it solely to provide the meeting-intelligence features you request. We retain Zoom-derived data only as long as needed to provide the service or as you direct, and delete it on request or on disconnection of the integration. We do not sell Zoom data and do not use it for advertising.
5. Google API Services User Data
SitRep uses Google APIs to authenticate users and, with user consent, access Google Calendar information necessary to provide requested application functionality.
The use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
SitRep does not sell Google user data to third parties. Google user data is not used for advertising purposes and is only accessed and processed to provide features explicitly requested by the user.
Users may revoke SitRep's access to their Google account at any time through their Google Account permissions settings.
6. Data retention
We retain data while your account is active and the data is needed to provide the service. You can delete meetings, tasks, and integrations at any time; disconnecting an integration revokes and deletes the associated tokens. On account closure we delete or de-identify your personal data within 30 days, except where retention is required by law.
7. Your rights & choices
You may request access, correction, or deletion of your personal data, and may disconnect any integration at any time. Depending on your location (e.g. GDPR/UK, CCPA/CPRA), you may have additional rights, which we honor for verified requests.
8. Security
We protect data with encryption in transit (TLS) and at rest, least-privilege OAuth scopes, role-based access control, server-side secret management, and continuous security testing.
9. International transfers
Data may be processed in the United States and other countries where our sub-processors operate, subject to appropriate safeguards where required.
10. Children's privacy
SitRep is not directed to children under 16 and we do not knowingly collect their data.
11. Changes & contact
We may update this policy; material changes will be communicated and reflected in the “Last updated” date above. Questions or requests: privacy@joinsitrep.com.