Privacy Policy
Effective Date: April 22, 2026 · Version 2.0.0-beta.1 · Undrift LLC, Louisville, KY
Plain language summary. Undrift is designed with privacy at its core. Your audio is never recorded or transmitted. Your meeting content is not stored. We do not sell your data. This policy explains exactly what we collect, why, and how you can control it. This summary is a plain-English overview — the full policy below is what legally applies.
1. Who We Are
Undrift LLC ("Undrift," "we," "us," or "our") is a software company based in Louisville, Kentucky, United States. We operate the Undrift web application and related services ("Service"), an AI-powered meeting facilitation tool.
This Privacy Policy explains how we collect, use, store, and share information when you use our Service, and describes the rights and choices available to you. It applies to all users, including beta participants.
If you have questions about this policy or our data practices, contact us at hello@undrift.io.
2. Information We Collect
We collect only what is necessary to provide and improve the Service.
| Data / Category | Details |
|---|---|
| Account Information | If you register for an account or beta access, we collect your name and email address to manage access and communicate with you about the Service. |
| Agenda & Session Input | Text you enter as your meeting agenda (via Build Form, Upload, or Paste & Parse). This content is processed in memory during your session and is not stored by Undrift after your session ends. |
| Speech Transcripts | The Service converts your speech to text locally in your browser using your device's built-in speech recognition. Audio is never transmitted to Undrift. Only text segments are sent for AI analysis, as described in Section 4. |
| Feedback Form Data | When you submit feedback via the in-app form, we collect your name, email address, feedback type and priority, summary, description, steps to reproduce (for bugs), and your browser and OS information. Stored securely under the undrift.io domain. |
| Usage & Technical Data | Our hosting infrastructure may collect basic technical data such as browser type, device type, pages visited, session duration, and error logs. This data is aggregated and anonymized, used solely to monitor service health and performance. |
| Communications | If you contact us by email, we retain the content of that communication and your contact details in order to respond to you. |
What we do not collect: We do not collect, record, or store audio from your microphone. We do not retain meeting transcripts or session content after your session ends. We do not build profiles of individual users based on meeting content. We do not use cookies for advertising or tracking purposes.
3. How We Use Your Information
We use the information we collect to provide the Service; manage your account and beta access; improve the Service through aggregated, anonymized usage analysis and feedback review; communicate with you in response to support requests or questions; ensure security and prevent abuse; and comply with legal obligations.
We do not use your information for advertising, profiling, or any purpose not listed above. We do not sell your personal information to any third party.
4. AI Processing & Third-Party Services
4.1 Speech Processing (Local)
Speech-to-text conversion occurs entirely within your browser using your device's built-in speech recognition capabilities (Web Speech API). Audio from your microphone is processed locally on your device and is never transmitted to Undrift or any third party.
4.2 AI Analysis (Server-Side Proxy)
To provide drift detection, redirect suggestions, and meeting scoring, segments of your text transcript are transmitted from your browser to Undrift's secure server-side proxy. The proxy forwards these text segments to a third-party AI processing provider for analysis. These transmissions contain only text, occur over encrypted connections (HTTPS/TLS), and are not used to train AI models on your content. Undrift does not store transmitted segments beyond the duration of your active session.
4.3 Hosting & Infrastructure
The Service is hosted on a third-party cloud infrastructure provider that may process basic technical data (such as IP addresses and request logs) as part of delivering the Service. We select infrastructure providers that maintain appropriate security certifications and data handling standards.
4.4 Feedback Pipeline
Feedback submitted through the in-app feedback form is transmitted to and stored in a secure third-party productivity and storage platform operating under the undrift.io domain. This data is accessible only to Undrift team members and is used solely for product improvement purposes.
4.5 No Data Selling or Broker Sharing
We do not sell, rent, or trade your personal information to any third party. We do not share your data with data brokers or advertising networks.
5. Data Retention
We retain your information only as long as necessary for the purposes described in this policy or as required by applicable law.
| Data / Category | Retention |
|---|---|
| Session Content (transcripts, agenda, reports) | Not retained. Processed in memory during your session only. Deleted when your session ends. |
| Account / Beta Access Information | Retained for the duration of your account or beta participation, plus a reasonable period thereafter for recordkeeping. Deleted upon verified deletion request. |
| Feedback Form Submissions | Retained for product improvement purposes unless you request deletion. |
| Usage & Technical Logs | Typically retained for 30–90 days by our infrastructure provider, then automatically purged. |
| Email Communications | Retained as long as reasonably necessary to resolve your inquiry and maintain support records. |
6. Data Security
We take reasonable technical and organizational measures to protect your information against unauthorized access, loss, misuse, or disclosure. These measures include:
- All data transmissions between your browser and our servers are encrypted using HTTPS/TLS.
- AI analysis transmissions are routed through a server-side proxy — your API interactions are never exposed directly to the browser.
- Feedback data is stored in a secured, access-controlled workspace environment.
- We limit access to personal information to team members who need it to operate and improve the Service.
No method of transmission or storage is 100% secure. If you believe your information has been compromised, contact us immediately at hello@undrift.io.
7. Cookies & Tracking Technologies
Undrift does not use cookies for advertising, tracking, or profiling purposes. The Service may use limited session-level browser storage (such as localStorage) solely to maintain your active session state and theme preference within your browser tab. This data is local to your browser, is not transmitted to Undrift, and is cleared when your session ends or your browser tab is closed.
Our hosting infrastructure provider may set technical cookies necessary for security and performance monitoring. We do not use third-party analytics platforms, advertising pixels, or social media tracking tags.
8. Your Rights & Choices
Depending on your location, you may have certain rights regarding your personal information. Undrift is committed to honoring these rights regardless of where you are located.
| Right | Description |
|---|---|
| Access | You may request a copy of the personal information we hold about you. |
| Correction | You may request that we correct inaccurate or incomplete information. |
| Deletion | You may request deletion of your personal information. Note that session content is already deleted automatically at session end. |
| Objection | You may object to certain uses of your information, including any direct marketing (though we do not currently conduct direct marketing). |
| Data Portability | You may request your personal information in a commonly used, machine-readable format. |
| Withdraw Consent | Where we rely on your consent to process information, you may withdraw that consent at any time. |
To exercise any of these rights, contact us at hello@undrift.io. We will respond to verified requests within 30 days and will not discriminate against you for exercising your privacy rights.
9. Children's Privacy
The Service is not directed to children under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected information from a minor, please contact us at hello@undrift.io and we will promptly delete it.
10. International Users
Undrift LLC is based in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.
By using the Service, you consent to the transfer of your information to the United States as described in this policy. We take steps to ensure that international transfers of personal data are handled in accordance with applicable legal requirements. If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with specific data protection laws, you may have additional rights. Contact us at hello@undrift.io with any questions.
11. California Privacy Rights
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, delete, and opt out of the sale of personal information. Undrift does not sell personal information. To exercise your California privacy rights, contact us at hello@undrift.io.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will post the updated policy with a new effective date at undrift.io/privacy and notify registered users and active beta participants via email at least 14 days before the changes take effect.
Your continued use of the Service after the effective date of any updated policy constitutes your acceptance of the changes.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: