Audio recordings — meeting audio captured by the Meetlens Chrome extension. The extension records the audio stream of the meeting tab and, when you grant microphone permission, your microphone; the two streams are mixed locally and uploaded to Meetlens.
Extension-side data — your Meetlens auth token, current recording state, and UI preferences, stored locally by the extension in chrome.storage.local on your device.
Meeting metadata from the extension — start/stop timestamps, the meeting URL, and the detected platform (Google Meet, Zoom, Microsoft Teams, Yandex Telemost), used to label the recording on your Meetlens account.
Transcripts — text generated from your audio.
AI reports — summaries, decisions, tasks generated from transcripts.
Account data — email address, password hash, subscription status.
Usage data — meeting timestamps, duration, template choices.
We do not collect payment card data — payments are handled by our payment processor.
02
Why we collect it
Audio and transcripts — core service: generating reports.
AI reports — delivering summaries and insights to you.
Email — account access, product notifications.
Usage data — product improvement, bug fixing.
We do not use your meeting content to train AI models.
03
Where data is stored
Your data is stored on secure cloud infrastructure.
Audio files and reports are encrypted at rest.
All transfers are encrypted via HTTPS (TLS 1.2+).
04
Who we share data with
The extension transmits data only to the Meetlens backend at https://app.meetlens.ai. It does not contact any analytics, advertising, or other third-party service.
We work with a limited set of trusted service providers to deliver the service. All providers are contractually prohibited from retaining your data after processing or using it to train AI models.
AI processing providers — transcription and AI report generation. Your audio and transcript data is processed and immediately discarded after the result is returned. No data retention, no model training.
Cloud infrastructure provider — secure hosting and encrypted storage of your account data, recordings, and reports.
Payment processor — handles subscription payments. We never see or store your card details.
Email delivery provider — transactional emails only (verification, password reset). No marketing use.
A full list of subprocessors is available upon request at privacy@meetlens.ai.
We do not sell your data to third parties. We do not use your data for advertising.
05
Lawful basis for processing (GDPR Art. 6)
Account creation and authentication — contractual necessity (Art. 6(1)(b)).
Audio recording, transcription, and AI report generation — contractual necessity (Art. 6(1)(b)).
Meetings — kept until you delete them or your account.
Account data — kept until you delete your account.
After account deletion, all data is permanently removed within 30 days.
07
Your rights (GDPR)
If you are in the European Union, EEA, or United Kingdom, you have the right to:
Access — request a copy of your data (Settings → Export data).
Delete — delete individual meetings or your entire account (Settings → Delete account).
Correct — update your account information in Settings.
Portability — export your meetings and reports in JSON format.
Object — opt out of any non-essential processing.
To exercise these rights, use the in-app controls in Settings, or contact privacy@meetlens.ai.
08
Cookies
We use only essential cookies required for authentication and session management.
We do not use advertising or tracking cookies.
09
Security
All data in transit is encrypted via HTTPS.
Data is encrypted at rest.
Access to your data is isolated — no other user can access your meetings.
API keys and secrets are never stored in code.
10
Children
Meetlens is not intended for users under 16.
We do not knowingly collect data from minors.
11
Changes to this policy
We will notify you by email at least 14 days before making material changes to this policy.
12
The Meetlens Chrome Extension
The Meetlens Recorder extension has a single purpose: to capture the audio of meetings on supported video-conferencing sites in Chrome and upload the recording to the user's Meetlens account. All transcription and AI processing happen on the Meetlens web service, not in the extension.
Sites where the extension's content script runs (to detect that a meeting is active): meet.google.com, any *.zoom.us subdomain, telemost.yandex.ru, telemost.yandex.com, teams.microsoft.com, teams.live.com, and app.meetlens.ai. The content script does not read page content beyond what is needed to detect the presence and lifecycle of a meeting.
Network destinations the extension communicates with: only https://app.meetlens.ai (the Meetlens backend). The extension does not contact any other server, analytics provider, advertising network, or third-party service.
Audio captured by the extension: (a) the audio stream of the active meeting tab via chrome.tabCapture, and (b) if you explicitly grant microphone permission, your microphone audio via navigator.mediaDevices.getUserMedia. The two streams are mixed locally in an offscreen document and uploaded to your Meetlens account. If you deny or disable microphone access, only tab audio is recorded.
Other data the extension accesses in your browser: the URL and basic lifecycle state of the meeting tab (to detect start/stop of the call), and your Meetlens auth token, which the extension stores locally in chrome.storage.local to sign API requests.
Data the extension does NOT access: browsing history, the content of tabs other than the active meeting tab, form inputs, passwords, cookies of third-party sites, or any page content outside the meeting sites listed above.
Local data retention: data stored by the extension in chrome.storage.local is cleared when you disconnect the extension, sign out, or uninstall it.
13
Extension permissions
tabCapture — to capture the audio stream of the current meeting tab so it can be recorded and uploaded to Meetlens for processing.
activeTab — to detect, only when you interact with the extension, whether the current tab is a supported meeting site.
storage — to store your Meetlens auth token, recording state, and UI preferences locally in chrome.storage.local. This data is not transmitted anywhere except to the Meetlens backend as part of authenticated API requests.
offscreen — to run a hidden document that performs audio recording, because Manifest V3 service workers cannot directly use MediaRecorder or getUserMedia.
sidePanel — to render the Meetlens recorder controls as a Chrome side panel next to the meeting.
scripting — to inject a small content script on supported meeting sites so the extension can detect when a meeting is active.
alarms — to schedule a periodic heartbeat that keeps the recording worker alive during a call, and a periodic health check of your Meetlens auth token. Not used for notifications, advertising, user-facing scheduling, or tracking.
Microphone access via getUserMedia — requested only when you enable microphone recording in the extension UI. The prompt is shown inside a nonce-protected extension-origin iframe (mic-permission.html) to prevent silent permission probing by third-party sites.
Host permissions — https://app.meetlens.ai/* only. Required so the extension can send audio chunks, meeting metadata, and authenticated API calls to the Meetlens backend. Meeting sites (Google Meet, Zoom, Microsoft Teams, Yandex Telemost) are covered by content_scripts and do not require broad host permissions.
14
Chrome Web Store Limited Use disclosure
Meetlens' use of information received from the Meetlens Chrome extension adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements.
We do not sell user data.
We do not use user data for advertising or to create user profiles for advertising purposes.
We do not use user data to train generalized AI or machine-learning models.
We do not transfer user data to third parties except as strictly necessary to provide the service, as described in section 4 of this policy, or where required by law.
A human may review user data only (a) with the user's explicit consent for support purposes, (b) where strictly necessary to fix a specific bug affecting that user, or (c) where required by law.