What Information Do We Collect?

We collect information necessary to provide and improve our Services. This includes:

• Personal Information: When you register or are added to a Birdy account, often via Microsoft Teams authentication, we collect identifiers like your Name, Email Address, and Microsoft Teams User ID. We may also collect your Company Name and Job Title. If you contact us directly, we will collect information provided in your communications.
• Microsoft Teams Integration Data: To function within Microsoft Teams, Birdy accesses necessary data, including your Teams User ID, name, email, team/channel information where Birdy is installed, and meeting participant details for notifications and context. We only request the minimum permissions required for Birdy to operate.
• Jira Integration Data: If you choose to connect Birdy to Jira, we access data you explicitly link, such as issue IDs and summaries, to enrich your meeting agendas and summaries. We securely store authentication tokens using industry-standard encryption and only use them for this purpose as directed by you.
• User-Generated Content: We collect all text, responses, links, and other inputs you and your team provide during the pre-meeting async collaboration phase. This content is essential for Birdy's core functionality.
• AI-Generated Data: We store the agendas, summaries, and action items created by our AI based on your User-Generated Content, as these form part of the service record for your team.
• Usage Data: We collect information about your interactions with our Services, including IP addresses, browser types, operating systems, referring URLs, page views, feature usage, and clickstream data. This helps us understand service performance and improve user experience.
• Cookies and Tracking Technologies: We use cookies and similar technologies on our website and potentially within parts of our application to enhance your experience, analyze usage, and support service delivery. You can control cookie preferences through your browser settings.

How We Use Your Information

We use your information for the following purposes:

• To Provide and Maintain Services: To operate, maintain, and improve our Services. This includes processing your inputs via AI to generate agendas and summaries, facilitating meetings, and enabling integrations with Microsoft Teams and Jira.
• To Communicate with You: Primarily via Microsoft Teams notifications for service operation (e.g., pre-meeting prompts, summary availability) and via email for support requests, account management, updates, newsletters, and marketing materials. You can opt out of non-essential communications.
• To Analyze and Improve: We analyze usage data (often in aggregated and anonymized form) to understand how our Services are used, identify trends, and enhance user experience and service performance.
• To Ensure Security: To monitor for and prevent security incidents and fraudulent activity.
• To Comply with Legal Obligations: We may process your information to comply with applicable laws, regulations, and legal processes or respond to valid requests by public authorities.

AI and Your Data

Transparency about our AI processing is critical.

• Purpose: Our AI processes User-Generated Content exclusively to create agendas, summaries, and action items for your specific meetings and team.
• AI Processing: We utilize Google Gemini and OpenAI ChatGPT as sub-processors for AI tasks. We have a Data Processing Agreement (DPA) in place with the respective LLM providers.
• Data Training: We do not use your specific User-Generated Content or AI-Generated Data to train our global AI models or any third-party AI models. We configure our usage with Google Gemini and OpenAI ChatGPT to prohibit them from using your data for their training purposes.
• Anonymized Improvement: We may use fully anonymized and aggregated data (e.g., feature usage frequency, average meeting time reduction) to monitor and improve our service. This data cannot be linked back to any individual user or company.

Information Sharing and Disclosure

We do not sell your personal information. We only share your information in the following circumstances:

• Within Your Team: Information (like inputs and summaries) is inherently shared with participants of the meetings you use Birdy for.
• Service Providers (Sub-processors): We share information only when necessary with trusted third-party service providers who perform services on our behalf. These include:
  • Cloud Hosting Providers: Amazon AWS to host our service and data.
  • AI Platform Providers: Google Gemini and OpenAI ChatGPT for AI processing.

  We maintain Data Processing Agreements (DPAs) with these providers, ensuring they adhere to high standards of data protection and confidentiality.

• Integrations: When you connect Birdy to third-party services like Jira, data is shared as necessary to facilitate that integration, based on your actions and permissions.
• Legal Requirements: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, or to investigate fraud.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, subject to standard confidentiality agreements.

Data Storage, Security, and Retention

• Data Storage: Your data is primarily stored and processed on secure servers located in the United States, leveraging the infrastructure of our hosting provider, Amazon AWS.
• Data Security: We implement robust technical and organizational security measures designed to protect your information from unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS 1.2+) and at rest (AES-256), strict access controls, and regular security reviews. We leverage the security infrastructure of Microsoft Azure. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
• Data Retention: We retain your information only for as long as necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements.
• User-Generated Content and AI-Generated Data are retained for 12 months after creation, unless deleted earlier by you or an administrator, or requested via our support channels.
• User account information is retained as long as the account is active and for 90 days thereafter for operational purposes, unless deletion is requested.

Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information. These can include the right to:

• Access your personal information.
• Correct inaccurate personal information.
• Delete your personal information (Right to Erasure).
• Restrict the processing of your personal information.
• Receive your personal information in a portable format.
• Object to the processing of your personal information.

To exercise these rights, please contact us at support@meetbirdy.ai. We will respond to your requests within 30 days or as otherwise required by applicable law.

Children's Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

Microsoft Teams Context

Birdy operates as an application within the Microsoft Teams ecosystem. Your use of Microsoft Teams itself is also governed by Microsoft's privacy policies. We are responsible only for the data Birdy directly collects and processes as described in this policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Effective Date" at the top. We encourage you to review this Privacy Policy periodically.