Privacy Policy

Effective Date: June 6, 2026

Core Principle: Your vault is yours. We encrypt your data, you own the keys, and you can take it with you if you leave.

1. Information We Collect

1.1 Information You Provide

Account Information: Email, name, phone number, company name.
Payment Information: Processed by Stripe. We don't store credit card numbers.
Vault Data: Meeting transcripts, contacts, notes, briefs, market reports. Encrypted with your 12-word recovery seed.
Voice Notes: Temporary audio files transcribed via OpenAI Whisper, then deleted within 24 hours.

1.2 Information We Collect Automatically

Usage Data: Features used, queries made, SKU purchases (analytics via PostHog).
Device Information: IP address, browser type, operating system.
Cookies: Session cookies for authentication. No third-party tracking pixels.

1.3 Information from Third Parties

CRM Data: If you connect Salesforce/HubSpot, we sync contacts and meeting records (encrypted in your vault).
Calendar Data: If you connect Google Calendar, we read meeting times and attendees (never shared).
Enrichment Data: Contact details from Apollo.io, stored in your vault.

2. How We Use Your Information

2.1 Core Services

Generate Pre-Meeting Briefs, Voice Intel Drops, Market Reports
Transcribe voice notes and meeting recordings
Enrich contact information
Send weekly market intelligence briefs (Pro tier)
Sync data with your CRM (if enabled)

2.2 Product Improvement

Analyze usage patterns to improve features
Identify bugs and performance issues
Train internal models (NOT on your vault data without explicit consent)

2.3 Communications

Send service notifications (meeting briefs, alerts)
Send billing and account updates
Send product announcements (opt-out available)

3. Data Encryption & Ownership

Your vault is encrypted with a 12-word recovery seed generated at signup. We cannot decrypt your vault without your seed.

3.1 Encryption Standards

At Rest: AES-256 encryption for all vault data in Pinecone.
In Transit: TLS 1.3 for all API communications.
Recovery Seed: BIP-39 12-word mnemonic (industry-standard for crypto wallets).

3.2 Data Ownership

You own your vault data. Meeting transcripts, contacts, notes, and briefs belong to you, not your employer.
Career Portability: Export your vault at any time. Download a JSON archive or migrate to a new SEDC account.
Right to Deletion: Delete your account and vault data permanently within 30 days of request.

4. Data Sharing & Disclosure

4.1 We DO Share Data With:

Service Providers: Pinecone (vector DB), OpenAI (GPT-4o, Whisper), Twilio (SMS), Stripe (payments), Apollo (enrichment). All under strict data processing agreements.
Your CRM: If you enable CRM write-back, we sync meeting notes and contacts to Salesforce/HubSpot.

4.2 We DO NOT Share Data With:

Your Employer: Unless you're on an Enterprise plan with admin-level provisioning, your employer cannot access your vault.
Advertisers: We don't sell your data. Ever.
Third-Party Analytics: No Google Analytics, Facebook Pixel, or similar trackers.

4.3 Legal Disclosures

We may disclose your information if required by law (subpoena, court order) or to protect our rights, but we'll notify you unless legally prohibited.

5. Data Retention

Active Accounts: Vault data retained indefinitely while your account is active.
Deleted Accounts: Vault data deleted within 30 days of account deletion request.
Voice Notes: Temporary audio files deleted within 24 hours after transcription.
Usage Analytics: Aggregated, anonymized data retained for product improvement.

6. Your Rights

6.1 Access & Export

Download your vault data at any time via the dashboard or API.

6.2 Correction

Edit or delete vault entries (meetings, contacts, notes) directly in the app.

6.3 Deletion

Delete your account and vault data permanently. Email [email protected] with subject line "Delete My Account".

6.4 Portability

Export your vault in JSON format. Use your 12-word seed to migrate to another SEDC account or MCP-compatible service.

6.5 Opt-Out

Opt out of product announcements via email footer link. Service notifications (meeting briefs, billing alerts) cannot be disabled without closing your account.

7. Children's Privacy

SEDC is not intended for users under 18. We do not knowingly collect data from children. If you believe we've collected data from a minor, contact us immediately.

8. International Data Transfers

Your data is stored in U.S.-based data centers (Pinecone, Fly.io). If you're outside the U.S., your data is transferred and processed in the U.S. under standard contractual clauses (GDPR-compliant).

9. Changes to This Policy

We'll notify you of material changes via email or in-app notification. Continued use after changes constitutes acceptance.

10. Contact Us

Questions or concerns about this Privacy Policy? Contact us:

Email: [email protected]
Support: [email protected]
Mail: EA LLC, [Address TBD]

Remember: Your vault is yours. We encrypt it, you own the keys, and you can take it with you. That's the SEDC promise.

← Back to Home