The Meeting Intel Engine™The Meeting Intel Engine™
Back to Home

Privacy Policy

Last updated: December 3, 2025

1. Introduction

ControlTheRoom.ai® ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our AI-powered sales meeting intelligence platform (the "Service").

This Privacy Policy complies with:

  • General Data Protection Regulation (GDPR) - EU
  • California Consumer Privacy Act (CCPA) - California, USA
  • California Privacy Rights Act (CPRA) - California, USA
  • Other applicable data protection laws

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, and authentication credentials via Manus OAuth
  • Meeting Brief Data: Company names, industry information, attendee names and titles, LinkedIn profiles, meeting context, special factors, research requests
  • Contact Form Data: Name, email, and message content when you contact us
  • Chat Messages: Conversations with our AI sales coach
  • Payment Information: Billing details processed by third-party payment processors (we do not store credit card numbers)

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on platform, clicks, interactions
  • Device Information: Browser type, operating system, device type, IP address, user agent
  • Cookies and Tracking: Session cookies for authentication, preference cookies, analytics cookies
  • Log Data: Access times, error logs, performance metrics

2.3 Information from Third Parties

  • OAuth Providers: Basic profile information from Manus OAuth (name, email, login method)
  • Public Data Sources: Company information, news articles, financial data, social media profiles (LinkedIn) used to generate meeting intelligence
  • AI Service Providers: Data processed by our AI infrastructure partners (see Section 6)

2A. User-Generated Content Disclaimer

⚠️ IMPORTANT: Your Responsibility for Uploaded Content

You are solely responsible for the content you upload to our Service, including meeting transcripts, company information, and attendee data. We do not review, verify, or validate user-uploaded content before processing.

2A.1 Prohibited Content

You must NOT upload content that:

  • Is protected by non-disclosure agreements (NDAs) or confidentiality obligations
  • Contains material non-public information (MNPI) as defined by securities law
  • Is protected by attorney-client privilege or work product doctrine
  • Contains trade secrets or confidential business information belonging to third parties
  • Violates any legal or contractual restrictions on disclosure

2A.2 No Liability for User Content

We are not responsible for:

  • Verifying that you have the legal right to share uploaded content
  • Monitoring or detecting confidential or NDA-protected information in your uploads
  • Claims, damages, or legal consequences arising from your upload of restricted content
  • Third-party claims for breach of confidentiality or NDA violations

2A.3 Data Processing

Content you upload (including transcripts) may be:

  • Processed by our AI systems to generate meeting intelligence
  • Stored on our servers and third-party cloud infrastructure
  • Transmitted to AI service providers (OpenAI, Anthropic, etc.) for processing
  • Retained according to our data retention policies (see Section 9)

If you upload confidential content by mistake, immediately contact us at [email protected] to request deletion. However, we cannot guarantee complete removal if the content has already been processed by third-party AI providers.

3. How We Use Your Information

3.1 Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide the Service you signed up for
  • Legitimate Interests: To improve our Service, prevent fraud, ensure security
  • Consent: For marketing communications (you can withdraw consent anytime)
  • Legal Obligations: To comply with laws, regulations, and legal processes

3.2 Purposes of Processing

We use your information to:

  • Generate AI-powered meeting intelligence and sales insights
  • Provide, maintain, and improve our Service
  • Authenticate your identity and manage your account
  • Process payments and subscriptions
  • Send service-related notifications (account updates, security alerts)
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve features and user experience
  • Detect, prevent, and address fraud, security issues, and technical problems
  • Comply with legal obligations and enforce our Terms of Service
  • Send marketing communications (only with your consent - you can opt out anytime)

4. AI Data Processing

🤖 How We Use AI

We use artificial intelligence (AI) and large language models (LLMs) to analyze publicly available information and generate meeting briefs. Here's what you should know:

  • We DO NOT use your data to train AI models. Your meeting briefs and chat messages are not used to improve third-party AI models.
  • We DO process your data through AI services (OpenAI, Anthropic, etc.) to generate insights for you.
  • AI-generated content may be inaccurate. We are not responsible for errors in AI-generated insights.
  • Your data is encrypted in transit when sent to AI service providers.

5. Data Sharing and Disclosure

5.1 We Share Your Data With:

  • Service Providers: Third-party vendors who help us operate the Service (hosting, analytics, payment processing, AI infrastructure)
  • AI Service Providers: OpenAI, Anthropic, and other AI platforms that process your data to generate insights (see Section 6 for full list)
  • Legal Authorities: When required by law, court order, or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)

5.2 We DO NOT:

  • Sell your personal data to third parties
  • Share your data for third-party marketing purposes
  • Use your data to train AI models for other companies
  • Share your meeting briefs or chat messages with other users

6. Third-Party Service Providers

We work with the following categories of third-party processors:

CategoryPurposeExamples
AI InfrastructureGenerate meeting intelligenceOpenAI, Anthropic, Manus AI
Cloud HostingStore data and run serversAWS, Manus Cloud
AuthenticationUser login and identityManus OAuth
Payment ProcessingHandle subscriptionsStripe, Lemon Squeezy
AnalyticsUnderstand usage patternsManus Analytics
Email DeliverySend notificationsSendGrid, AWS SES

All third-party processors are contractually required to protect your data and use it only for the purposes we specify.

7. Data Retention

We retain your personal data for as long as necessary to provide the Service and comply with legal obligations:

  • Account Data: Retained while your account is active, deleted within 30 days of account deletion
  • Meeting Briefs: Retained while your account is active, deleted when you delete them or your account
  • Chat Messages: Retained for 90 days, then automatically deleted
  • Usage Logs: Retained for 12 months for security and analytics
  • Payment Records: Retained for 7 years to comply with tax and accounting laws
  • Marketing Consent: Retained until you withdraw consent or delete your account

You can request deletion of your data at any time through your Account Settings.

8. Your Privacy Rights

8.1 GDPR Rights (EU Residents)

If you are in the European Union, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Delete your personal data
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Export your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for marketing or other processing
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

8.2 CCPA/CPRA Rights (California Residents)

If you are a California resident, you have the following rights:

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt-out of the "sale" or "sharing" of personal information (we do not sell your data)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use of Sensitive Personal Information: Limit use of sensitive data
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

8.3 How to Exercise Your Rights

To exercise any of these rights:

9. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements (DPAs) with all third-party processors
  • Encryption in transit and at rest
  • Compliance with GDPR and other applicable data protection laws

10. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Secure authentication via OAuth 2.0
  • Regular security audits and penetration testing
  • Access controls and role-based permissions
  • Secure cloud infrastructure (AWS, Manus Cloud)
  • Incident response and breach notification procedures

However, no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

  • Essential Cookies: Required for authentication and core functionality (cannot be disabled)
  • Preference Cookies: Remember your settings (theme, language)
  • Analytics Cookies: Help us understand how you use the Service

11.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using the Service.

12. Children's Privacy

Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at [email protected].

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or platform notification at least 30 days before they take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

The "Last updated" date at the top of this page indicates when the Privacy Policy was last revised.

14. Contact Us

If you have questions about this Privacy Policy or want to exercise your privacy rights, please contact us:

Privacy Team: [email protected]
General Support: [email protected]
Website: controltheroom.ai

15. Data Protection Officer (DPO)

For GDPR-related inquiries, you can contact our Data Protection Officer at:

Email: [email protected]

🔒 Your Data, Your Control

We are committed to transparency and giving you control over your personal data. You can:

  • Access and download all your data anytime
  • Delete your account and all associated data
  • Opt-out of marketing communications
  • Request corrections to inaccurate data

🍪 We Use Cookies

We use essential cookies to make our site work. With your consent, we may also use analytics cookies to improve your experience. You can customize your preferences or accept all cookies. Learn more in our Privacy Policy