Privacy Policy

We Give a Dam About Your Privacy

Last updated 10 March 2026

The short version: Beaver AI is built from the ground up to be private by design. We do not record audio. We do not use your data to train AI models. Your meeting content belongs to you — full stop.

1. What Data We Collect

Account information. When you sign up, we collect your name and email address. This is used to identify your account and send you transactional emails (such as password resets).

Meeting captions. Beaver reads text captions directly from your meeting platform (Google Meet, Microsoft Teams). These captions are text only — no audio is ever captured. Captions are stored so we can generate summaries and make your transcript available to you.

Calendar metadata. If you connect Google Calendar, we access event titles, times, and video conference links (read-only) to enable automatic join. We do not read meeting notes, attendee emails, or any other calendar fields. See section 2 for our specific commitments regarding Google user data.

Usage data. We collect basic, anonymised usage metrics (e.g. page visits, feature interactions) to understand how Beaver is being used and to improve the product. This data cannot be linked back to individual users.

2. Google User Data

Beaver AI's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, data obtained via Google APIs is:

  • Used only to provide the service. Google Calendar data is used solely to identify upcoming meetings and auto-join them on your behalf. It is not used for advertising, profiling, or any purpose unrelated to the Beaver AI service.
  • Never transferred to third parties. We do not sell, share, or transfer Google user data to any third party, except as necessary to operate the service (e.g. storing tokens securely in our database) or as required by law.
  • Never used to train AI models. Google user data is not used to develop, improve, or train generalised AI or machine learning models.
  • Accessible and deletable by you. You can disconnect Google Calendar at any time from your account settings, which immediately revokes our access and deletes your stored tokens.

We request only the minimum OAuth scopes necessary: read-only access to your calendar events (calendar.readonly).

3. What We Do Not Do

We do not record audio — ever. Beaver works entirely from text captions.

We do not use your meeting content to train AI models, ours or anyone else's.

We do not sell your data to third parties.

We do not read, store, or share your meeting content with anyone other than you and your designated team members.

We do not retain calendar data beyond what is needed to schedule the bot to join.

4. How We Use Your Data

We use your data solely to deliver and improve the Beaver AI service. Specifically:

  • To authenticate you and manage your account.
  • To join your meetings and capture captions.
  • To generate AI meeting summaries and action items using third-party AI models (see section 5).
  • To display your meeting history, transcripts, and summaries within the app.
  • To send essential service communications (e.g. billing receipts, security alerts).

5. Third-Party Processors

We use a small number of trusted sub-processors to operate the service. Each is contractually bound to protect your data and may only use it to provide services to us:

  • Anthropic — AI model provider. Meeting transcript text is sent to generate summaries and action items. Anthropic's API data processing agreement prohibits using API inputs to train models. No audio, video, or identifying metadata is sent.
  • Stripe — Payment processing. Billing information is handled directly by Stripe; we do not store raw card data.
  • Google — OAuth authentication and, if you opt in, Google Calendar access. Data use is governed by Google's own privacy policy and our commitments in section 2.
  • Microsoft — OAuth authentication (Microsoft 365 sign-in). Data use is governed by Microsoft's privacy policy.

We do not sell, rent, or share your data with any other third party for their own purposes.

6. Data Security

We take reasonable technical and organisational measures to protect your data:

  • All data is transmitted over TLS (HTTPS) — plain HTTP connections are rejected.
  • Data is stored on encrypted volumes. OAuth tokens (including Google Calendar tokens) are stored encrypted at rest in our database.
  • Access to production systems is restricted to authorised personnel and protected by multi-factor authentication.
  • We use Sentry for error monitoring, which captures anonymised stack traces only — no meeting content is included in error reports.

If you discover a security issue, please email [email protected] and we will respond promptly.

7. Data Retention

Your meeting transcripts and summaries are retained for as long as your account is active. You can delete individual meetings — or your entire account — at any time from your profile settings, and your data will be permanently removed within 30 days.

8. Your Rights

You have the right to access, correct, export, or delete your data at any time. To exercise these rights, email us at [email protected] or manage your data directly through your account settings.

9. Changes to This Policy

If we make material changes to how we collect or use your data — including changes to how we handle Google user data — we will notify you by email at least 7 days before the changes take effect. We will also update the "Last updated" date at the top of this page. Continued use of the service after the effective date constitutes acceptance of the revised policy.

10. Contact

Questions about this policy? Email us at [email protected] or use our contact form.