Product – Mac and Windows Desktop App

This Privacy Notice applies to JotMe Limited’s processing of personal information on our Mac and Windows Desktop App, as well as other online and offline offerings (collectively, the “Services”).

1. Introduction

We are committed to safeguarding the privacy of users who access our Services through the Mac and Windows desktop applications. This Privacy Policy outlines how we collect, use, and protect your personal data. If you use our Services to record meetings or conversations that involve other individuals, it is your responsibility to obtain consent from those individuals when required by applicable laws. JotMe does not assume liability for users’ failure to comply with legal obligations regarding consent for recording.

2. Information We Collect

We collect information to deliver and improve our Services. This may include: User Information, Email address, first language, meeting IDs, captions, speaker names, audio recordings, and language preferences for transcription and translation services.

3. How We Use Information

We use the collected information to:

- Authenticate users and personalize their experience.

- Process and display live translations, transcriptions, and provide real-time answers to user queries via the Ask feature during recordings.

- Improve and maintain the performance and reliability of our Services.

4. Data Sharing and Disclosure

We do not share your personal data with third parties, except:

- When required by law or legal process.

- To protect the rights, safety, and integrity of our users and our Services.

5. Data Security

We implement industry-standard security measures, including encryption and secure servers, to protect your data from unauthorized access, loss, or misuse.

6. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. In the event of significant changes, we will notify users appropriately.

7. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:
hey@jotme.io

Data – Trust & Security

At JotMe, we believe transparency and trust are essential. We process personal information responsibly, protect it with industry-standard security practices, and give our users control over their data.

Data Controller

JotMe Limited is the data controller for all personal information processed through our services.

Company name: JotMe Limited

Registered address: 124 City Road, London, England, EC1V 2NX

Email: hey@jotme.io

As a UK-headquartered company, we operate under the UK Data Protection Act and the EU General Data Protection Regulation (GDPR). You can read the full regulation here.

GDPR Compliance

We align our practices with the principles of GDPR:

- Lawfulness, fairness, transparency: We only process data with user consent and explain how data is used in our Privacy Policy.

- Data minimization: We collect only what is required (e.g., meeting audio/text, user account details).

- Storage limitation: Data is retained only as long as necessary (see Retention Policy below).

- Integrity & confidentiality: All data is encrypted in transit and at rest, with strict access controls.

- User rights: Users can request access, correction, deletion, or export of their data at any time.

We do not use customer meeting content for background model training unless explicitly consented to by the user.

Data Retention Policy

Currently, JotMe retains user data until a deletion request is made. Users may delete individual meeting records at any time from within the product if you are subscribed to a paid plan, or request full account deletion (including all associated data). Once a deletion request is received, all data is permanently removed from our systems and backups within 90 days.

We are planning to introduce automatic retention schedules in the future, based on factors such as subscription plan and duration of account inactivity. Users will be notified by email before any such changes are applied to their accounts.

These practices are aligned with GDPR’s principle of “storage limitation,” ensuring data is not kept longer than necessary for the purposes for which it was collected.

Security Measures

We protect user data with strong technical and organizational safeguards:

- Encryption: All data is encrypted both in transit (TLS) and at rest.

- Access control: Data access is restricted to authorized staff for support and operations.

- Monitoring: Systems are monitored to detect unauthorized access and abuse.

- Sub-processors: We carefully select third-party providers with strong security credentials (e.g., AWS, OpenAI), which themselves maintain certifications such as ISO 27001 or SOC 2.

Your Rights

As a user, you have the following rights under GDPR:

- Access: Request a copy of the data we hold about you

- Correction: Update or amend inaccurate information

- Deletion: Permanently delete your data and account

- Export: Receive your data in a portable format