Privacy Policy

Welcome to Onsa.ai, operated by Empatika Labs,Inc. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at [email protected].

This Privacy Policy applies to all information collected through our platform, website, and/or any related services, sales, marketing, or events (we refer to them collectively in this privacy policy as the "Services").

Information We Collect

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and services, participate in activities on the Services, or otherwise contact us.

Zoom Data Collection

For Onsa.ai users integrating the Zoom App, we utilize Zoom OAuth scopes to securely access and manage the following information:

• Meeting Information: We retrieve basic details—such as meeting ID, title, start time, and participant names—to display in the Onsa.ai side panel and facilitate real-time transcription and post-meeting follow-ups.
• Transcript Generation: Upon the host’s request, our bot joins the meeting to capture audio for real-time transcription. The resulting transcript is stored and shared only with participants who have opted in.
• User Profile Information: We fetch limited profile data (e.g., Zoom user ID, name, and Zoom Access Token) to verify your account and allow the bot to join meetings in accordance with Zoom’s rules and permissions.

Legal Basis for Processing

We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, including:

• Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose.
• Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services.
• Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests.

How We Use Your Information

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.

• Internal record keeping. We may use your information for our internal record keeping purposes (Performance of a Contract).
• Improving our products and services. We may use your information to understand and analyze the usage trends and preferences of our users to make improvements to our Services (Legitimate Interests).
• Providing detailed call analysis, including transcripts, AI-generated analysis, and recommendations. We use your audio files and related data to provide you with the core functionalities of our Services (Performance of a Contract).
• Marketing and promotional communications. With your consent, we may use the personal information you send to us for our marketing purposes. You can opt-out of our marketing emails at any time (Consent).

Use of Zoom Data

The data collected from Zoom enables us to:

• Display and manage meeting details (e.g., title, ID, participants) within the Onsa.ai in-meeting panel, giving hosts and participants clear context during the call.
• Provide real-time transcripts through the Onsa.ai bot, facilitating more focused and productive sales conversations.
• Send participants and hosts post-meeting resources, such as summaries and transcripts, to streamline follow-ups and maintain accurate records.
• Confirm user permissions (e.g., the ability to start recordings) according to Zoom account features and limitations.

Security of Your Information

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. These measures include:

• Encryption of sensitive data during transmission and storage using industry-standard protocols.
• Access controls to restrict access to data to authorized personnel only.
• Regular security audits and updates to our systems.
• Incident response plans to handle potential data breaches.

Cookies and Other Tracking Technologies

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

Third-Party Services

We integrate with the following third-party services to enhance our platform:

• Google Analytics: Used for tracking website traffic and user behavior.
• Sentry.io: Used for error tracking and monitoring.
• Google Cloud Platform: Used for hosting and processing audio files.
• SendGrid: Used for sending transactional emails.
• Stripe: Used for processing payments.

We share data with these services only as necessary to provide and improve our Services. We ensure that all third-party services adhere to strict data protection standards.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law. Specific retention periods are determined based on the type of data and the legal requirements.

Links to Other Websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

For data obtained through Zoom services, we apply the following additional security measures:

• Data Access Control: Access to data collected via Zoom is strictly confined to the specified purposes and is accessible only by authorized Mindshare personnel.
• Secure Data Transactions: All data exchanges with Zoom are encrypted, ensuring the security and privacy of your data.
• Compliance with Zoom’s Policies: We adhere strictly to Zoom's policies regarding API services and user data handling to ensure high standards of data privacy and security.

Controlling Your Personal Information

You may choose to restrict the collection or use of your personal information in the following ways:

• Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes.
• If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us.

Consent for Zoom Data: You can manage the integration with Zoom services directly through your Zoom Client settings. This control includes the ability to disconnect your Zoom account, which ceases our access to access your profile and other Zoom-related data.

We will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

GDPR Compliance

For users within the European Union, Onsa.ai complies with the General Data Protection Regulation (GDPR). This includes the following rights:

• The right to access - You have the right to request copies of your personal data from Onsa.ai.
• The right to rectification - You have the right to request that Onsa.ai correct any information you believe is inaccurate or incomplete.
• The right to data portability - You have the right to request that data collected be transferred to another organization, or directly to you, under certain conditions.
• The right to data portability (Zoom): You have the right to request that data collected via Zoom integration be transferred to another organization, or directly to you, under certain conditions.
• The right to erasure - You have the right to request that Onsa.ai erase your personal data, under certain conditions.
• The right to restrict processing - You have the right to request that Onsa.ai restrict the processing of your personal data, under certain conditions.
• The right to object to processing - You have the right to object to Onsa.ai’s processing of your personal data.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.

Children’s Privacy

Onsa.ai does not knowingly collect personal information from children under the age of 13. If you are under the age of 13, please do not submit any personal information through our platform. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this policy by instructing their children never to provide personal information through our platform without their permission.