Scriptal
Scriptal

Privacy Policy

Last updated: 4/29/2026

We take your privacy seriously. This policy explains what data we collect, how we use it, and how we protect it.

What We Collect

Account Info

Email, name, company name (optional), and encrypted password. If you use Google sign-in, we get your email and profile info from Google.

Your Transcripts

The meeting transcripts you upload. We store and analyze them with AI to give you insights.

Usage Data

Pages you visit, features you use, search queries, timestamps. Plus technical stuff like IP address, browser type, and device info.

Payment Info

Handled by Stripe. We never see your full card details, just last 4 digits, expiration, brand, and transaction history.

How We Use It

  • • Provide and improve the service
  • • Process your transcripts with AI and generate insights
  • • Enable semantic search across your data
  • • Send service notifications and email reports
  • • Process payments and manage subscriptions
  • • Respond to support requests
  • • Monitor for abuse or violations
  • • Comply with legal requirements

AI Processing

We use Anthropic (Claude) and OpenAI to analyze your transcripts. Parts of your transcripts are sent to these services for processing.

We don't use your data to train AI models. We don't share it with AI providers for any purpose other than delivering the analysis.

Data Storage

Your data lives on Supabase (PostgreSQL) servers. Encryption in transit (HTTPS) and at rest is the default. Access is governed by per-customer credentials and database-level controls.

Sub-processors

We use a small number of trusted third-party services to deliver the work. Each is a sub-processor with access to a defined slice of customer data. We do not sell your data to anyone, and we will not use it for any purpose other than running the service.

  • Anthropic: Claude API for transcript analysis
  • OpenAI: embeddings, semantic search, and analysis fallback
  • Supabase: database, authentication, file storage
  • Vercel: hosting and edge functions
  • Stripe: billing and payment processing
  • MailerLite: email lists and marketing emails
  • AWS SES: transactional and marketing email delivery

If we add or change a sub-processor in a way that affects your data, we'll update this list. Email hello@scriptal.io for the current list at any time.

Other Sharing

Beyond the sub-processors above, we only share data in two cases:

  • Legal Requirements: When required by law or court order
  • Business Transfers: In a merger, acquisition, or sale, where successor obligations would apply

Data Retention

When a project completes, you receive a full export of your data (raw JSON, CSVs, report PDFs). We keep your data while your account or project is active. You can request deletion at any time by emailing hello@scriptal.io. We delete within 30 days, unless legally required to retain. Backups may persist for up to 90 days.

Your Rights

Access & Export

You receive a full export at the end of any analysis project (raw JSON, CSVs, report PDFs). At any other time, request an export by emailing hello@scriptal.io.

Deletion

Request deletion of your data at any time by emailing hello@scriptal.io. We act on deletion requests within 30 days. Backups may persist for up to 90 days.

Email Preferences

Manage email report preferences in settings. You can't opt out of service-related emails (payment confirmations, security alerts).

Cookies

We use cookies to maintain your session and remember preferences. Disable them in your browser if you want, but some features might break.

International Transfers

Your data might be processed in countries other than yours. We ensure appropriate safeguards are in place.

Kids

Service is not for anyone under 18. If we find out a child gave us their info, we'll delete it immediately.

Changes to This Policy

We might update this policy. If we make big changes, we'll email you. Continuing to use the service means you accept the changes.

Contact

Questions about privacy? Email us at hello@scriptal.io or visit our contact page.