This Privacy Policy explains how Veeboo (“we”, “us”, “our”) collects, uses, shares and safeguards personal information when you use MeetPanda (the “Service”), including our website at https://meetpanda.in/, our browser extensions, meeting add-ins, and integrations with Google and Microsoft services. By using the Service, you agree to this Policy.

This Policy covers:

• Account and profile information
• Calendar and email metadata retrieved via user-authorized integrations (Google Calendar, Outlook/Microsoft 365)
• Meeting recordings (audio/video), transcripts, and AI-generated analytics
• Usage and device information collected through cookies and similar technologies.

• “Personal Data” means any information relating to an identified or identifiable individual.
• “Meeting Data” means recordings, transcripts, summaries, notes, action items, speakers, timestamps, and derived analytics generated from meetings you host or join via the Service.
• “Integrations” means optional connections you authorize between the Service and third-party platforms (e.g., Google, Microsoft).
• “Processing” means any operation performed on Personal Data (collection, storage, use, sharing, deletion, etc.).

• Account & Profile Data

  Name, email address, password/hash or single sign-on identifiers, workspace/organization affiliation, role, preferences, and communications with support.

• Calendar & Email Metadata (via Integrations)

  If you connect Google Calendar or Microsoft Outlook, we access event metadata strictly to provide scheduling and meeting join functionality and insights. This may include event title, description, start/end time, organizer, attendees, conferencing links, and location. We do not read your email content unless you separately authorize a feature that explicitly requires it.

• Meeting Data

  If you enable recording or transcription, we collect audio/video streams, transcripts, speaker labels, timestamps, and AI-generated artifacts (e.g., topics, keywords, summaries, sentiment, action items). You are responsible for complying with applicable laws and obtaining all necessary notices and consents from participants before recording.

• Usage Data & Cookies

  IP address, device and browser characteristics, pages visited, referring/exit pages, session diagnostics, crash logs, and cookie identifiers. Cookies may be essential (authentication, security), functional (preferences), or analytics. You can control cookies via your browser settings; essential cookies are required for core functionality.

• Performance of a contract (to provide the Service you request).
• Legitimate interests (e.g., securing and improving the Service, preventing abuse).
• Consent (e.g., optional recording, marketing communications, certain analytics).
• Compliance with legal obligations.

• Provide and maintain the Service, including recording, transcription, and AI analytics you request.
• Connect and sync with Integrations to schedule, join, and analyze meetings.
• Generate summaries, insights, and productivity metrics from Meeting Data.
• Provide customer support; communicate about changes, security alerts, and updates.
• Monitor, prevent, and detect fraud, abuse, and security incidents.
• Improve and develop features, models, and quality (including aggregate or de-identified analyses).
• Comply with applicable laws and enforce our terms.

We may use our own or third-party AI and cloud providers to transcribe and analyze Meeting Data. Unless explicitly stated otherwise, providers process data under our instructions and are contractually prohibited from using your data to train their foundation models. We do not sell Personal Data. If we ever rely on a provider that proposes to use data for training, we will seek your explicit opt-in consent.

• Google: Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We only request the minimum scopes necessary (e.g., read-only calendar access to list/join events). We will not transfer Google user data to third parties except as necessary to provide the Service, comply with law, or with your explicit consent.
• Microsoft: For Microsoft (Outlook/Graph) integrations, we request the minimum scopes required to provide the features you enable. Data is used solely to deliver those features and not for advertising. You can disconnect Integrations at any time from your account settings; this will stop new data flows but will not automatically delete previously retrieved data (see “Your Choices” and “Retention”).

We share Personal Data with:

• Service providers and subprocessors (cloud hosting, storage, analytics, support) bound by data protection agreements.
• Enterprise admins where your account is provisioned by your employer.
• Legal authorities when required by law.
• Parties to a business transaction (merger, acquisition) subject to appropriate safeguards. We do not sell Personal Data.

We employ safeguards including encryption in transit (TLS), encryption at rest for recordings and transcripts, access controls, least-privilege, audit logging, and vulnerability management. No system is 100% secure; we encourage strong authentication and responsible sharing.

Account data persists while your account is active. By default, Meeting Data is retained for the period you select in settings (e.g., until deleted or for a retention window specified by your organization). You may delete recordings, transcripts, and analytics at any time from within the Service. We may retain limited logs and backups for a short period for security and continuity, after which data is deleted or irreversibly de-identified unless we must retain it to comply with legal obligations or resolve disputes.

We may process and store data in data centers located inside or outside India. Where required, we implement appropriate safeguards (e.g., SCCs for EEA/UK data) and conduct transfer impact assessments.

We share Personal Data with:

• Access, correction, deletion, and portability of your Personal Data.
• Withdraw consent for processing that relies on consent.
• Object to or restrict processing in certain circumstances.
• Opt out of marketing emails via the unsubscribe link.
• Disconnect Integrations at any time; you can also request deletion of previously synchronized data. EU/UK residents: You may lodge a complaint with your data protection authority. California residents: You have rights under the CCPA/CPRA, including the right to know, delete, and opt out of “sale”/“sharing” (we do not sell Personal Data). India (DPDP Act): You may request access, correction, and erasure; you may also contact our grievance officer (see Contact Us). We will honor applicable rights subject to verification and exemptions. Requests: Contact us at admin@veeboo.in. We will verify your identity and respond within statutory timelines.

The Service is not directed to children under 13 (or older age as required by local law). We do not knowingly collect data from children. If you believe a child has provided Personal Data, contact us to delete it.

You are responsible for notifying participants and obtaining any legally required consent before recording or transcribing meetings. Where available, we provide features such as consent prompts and join notifications, but you remain the controller of participant communications and permissions. If a participant requests deletion of their personal information contained in Meeting Data, and you forward the request to us, we will assist in fulfilling it to the extent required by law and our role as processor/service provider.

When you use personal or workspace accounts, Veeboo is generally the controller of your Account Data. For Meeting Data processed on behalf of organizations, we act as a processor/service provider under a data processing agreement (DPA) with your organization’s controller. Contact your admin for organization-specific requests.

We may update this Policy from time to time. We will notify you of material changes by email or in-product notice and update the “Last updated” date above. Continued use of the Service after changes indicates acceptance.

If you are an EEA/UK resident, you may contact your local supervisory authority. If you are in India, you may contact the DPDP Data Protection Board for unresolved complaints.