Privacy Policy

Last updated: 7th July 2025

Introduction

SENTIENT MIND LTD ("we," "our," or "us") operates the Orbit application (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service.

Information We Collect

Personal Information

  • Account Information: Email address, full name, company name
  • Profile Information: Avatar image, industry, profession, preferences
  • Authentication Data: Login credentials, session tokens

Voice and Audio Data

  • Audio Recordings: Voice recordings you create using the app
  • Transcription Data: Text transcriptions generated from your audio recordings
  • Recording Metadata: Timestamps, duration, tags, customer associations

Technical Information

  • Device Information: Device type, operating system, unique device identifiers
  • Usage Data: App interactions, feature usage, crash reports
  • Performance Data: Audio quality metrics, processing times

How We Use Your Information

Primary Uses

  • Service Provision: Process audio recordings and provide transcriptions
  • Account Management: Create and manage your user account
  • Data Synchronization: Sync your data across devices
  • Customer Support: Respond to your inquiries and provide assistance

Service Improvement

  • Analytics: Understand how our Service is used to improve functionality
  • Performance Optimization: Enhance audio processing and transcription accuracy
  • Feature Development: Develop new features based on usage patterns

Communications

  • Service Updates: Notify you about important changes to our Service
  • Support Communications: Respond to your requests and provide assistance
  • Security Notifications: Alert you about security-related matters

Data Processing and Storage

Audio Processing

  • Cloud Processing: Audio recordings may be processed using cloud-based transcription services
  • Encryption: All audio data is encrypted during transmission and storage

Data Storage

  • Secure Cloud Storage: Your data is stored on secure, encrypted cloud servers
  • Geographic Location: Data is stored in the US and the EU
  • Backup Systems: Regular backups ensure data availability and security

Data Sharing and Disclosure

Third-Party Services

We may share your information with trusted third-party service providers who assist us in operating our Service:

  • Cloud Infrastructure: [e.g., Supabase, AWS, or other hosting providers]
  • Analytics Services: [e.g., PostHog, Mixpanel, or other analytics providers]
  • Customer Support: [e.g., Intercom, Zendesk, or other support tools]

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Your Rights and Choices

Access and Control

  • Data Access: Request access to your personal data
  • Data Correction: Update or correct inaccurate information
  • Data Deletion: Request deletion of your account and associated data
  • Data Export: Export your recordings and transcriptions

Privacy Controls

  • Recording Management: Delete individual recordings and transcriptions
  • Sharing Settings: Control how your data is shared within teams
  • Notification Preferences: Manage email and push notification settings

Account Management

  • Account Deletion: Permanently delete your account and all associated data

Data Security

Security Measures

  • Encryption: All data is encrypted in transit and at rest
  • Access Controls: Strict access controls limit who can access your data
  • Regular Audits: Regular security audits and vulnerability assessments
  • Incident Response: Established procedures for handling security incidents

Your Responsibility

  • Account Security: Keep your login credentials secure
  • Device Security: Secure your device with appropriate locks and passwords
  • Network Security: Use secure networks when accessing the Service

Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your personal information in accordance with applicable data protection laws.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us.

Legal Basis for Processing (EU Users)

For users in the European Union, we process your personal data under the following legal bases:

  • Contract Performance: To provide the Service you've requested
  • Legitimate Interests: To improve our Service and provide customer support
  • Consent: For marketing communications and optional features
  • Legal Obligation: To comply with applicable laws and regulations

Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Zoom Integration Addendum

Last updated: 7 July 2025

Sentient Mind Ltd ("Sentient Mind", "we", "our") offers an optional Zoom Integration for its Orbit Scribe product ("Orbit") that lets you pull your cloud meetings into Orbit for transcription and summarisation. This addendum describes, in plain English, how that integration handles your data. It complements—does not replace—our main Privacy Policy.

1 Permissions we request from Zoom

  • cloud_recording:read:list_recording_files – list the files that belong to each completed cloud recording so we can choose the audio track.
  • cloud_recording:read:recording – download the selected audio (M4A) and any Zoom-generated transcript (VTT).
  • user:read:user – know which Zoom user connected, show "Connected as ..." and route the recording to the right Orbit workspace.

2 Data we import & why

TypeExamplePurpose
Cloud-recording audio (M4A)meeting_abc123.m4aConvert speech to text when a Zoom transcript is unavailable or you prefer Orbit’s pipeline
Transcript file (VTT)meeting_abc123.vttCreate searchable transcript and AI summaries
Meeting metadataID, topic, host email, start/end timeDisplay recordings accurately in Orbit

We do not access Zoom chat, video tracks, or participant lists.

3 How long we keep Zoom data

  • Default – no longer than 12 months after import.
  • Free / Pro plans – shorter default windows (3 / 6 months).
  • Enterprise – you set the window or request on-demand deletion.

You can also delete any individual recording at any time from within Orbit.

When you disconnect Orbit from Zoom, we revoke all OAuth tokens immediately and erase associated Zoom data within 10 days.

4 Where the data lives & how we protect it

  • Cloud region – EU-West-2
  • Encryption – TLS 1.2+ in transit; AES-256 at rest.
  • Access control – employee access is role-based and limited to those who need it.
  • Secure development – automated dependency scanning, static analysis, and third-party security reviews.
  • Incident response – we’ll notify affected customers within 48 hours of any confirmed data breach.

5 Trusted service providers (sub-processors)

ProviderRoleOptional?
Supabase (AWS EU-West-2)Database & encrypted object storageNo
Cloudflare Workers + WhisperSpeech-to-text when Zoom transcript is absentYes – controlled by user setting
OpenAIGenerate document-style summaries from transcriptsYes – transcript-only data, controlled by user setting

We regularly review these vendors for security & privacy compliance. If we change the list, we’ll update this page and, where required, notify admins in advance.

6 Your choices & rights

  • Disconnect Zoom at any time from Settings → Integrations. We revoke tokens instantly and purge Zoom data within 10 days.
  • Delete or download any recording from its menu in Orbit.
  • Ask us anything – email support@orbitscribe.ai to access, correct, or erase your personal data.

Questions? Email support@orbitscribe.ai and we’ll respond promptly.