Privacy Policy

1. Information We Collect

1.1 Account Information

When you create an account or sign in, we collect:

• Email address and name via our authentication provider (WorkOS)
• User ID assigned by our authentication system

1.2 Device Information

When you use Tempo, we collect:

• A hashed device identifier combining your machine fingerprint with an app installation ID, used to enforce single-device access
• Device registration timestamp and last seen timestamp
• Operating system, architecture, and app version at the time of account activation

1.3 Task and Project Data (Local Only)

Tempo stores the following data exclusively on your local machine:

• Task descriptions, statuses, and execution history
• Project metadata (name, directory, configuration)
• Agent run logs and completion results
• Application settings and preferences
• API keys you configure for code execution

This data is never uploaded to our servers or any third party.

1.4 Google Calendar Data

When you connect Tempo to your Google Calendar, we collect:

• Calendar event titles for meetings you designate for capture
• Event times (start and end times)
• Attendees (names and email addresses listed on the event)
• Meeting URLs (e.g., Zoom or Google Meet join links attached to the event)

We collect this data solely to identify and join meetings on your behalf for transcript capture. We do not access calendar events that you have not designated for Tempo meeting capture.

1.5 Meeting Data

If you use Tempo’s meeting capture features:

• Meeting metadata: title, participants, duration, meeting provider (e.g., Zoom, Google Meet, Microsoft Teams, Webex)
• Transcripts: speaker-diarized text generated from meeting audio
• Analysis results: AI-generated summaries, insights, action items, and feature requests derived from transcripts

Meeting capture data and transcripts are stored in our cloud database (Supabase). Analysis results are stored locally on your machine.

1.6 Access Codes

If you redeem an access code to activate Tempo, we store the code, associated email, redemption status, and device claim metadata.

1.7 Information We Do NOT Collect

• We do not use analytics services (no Google Analytics, Mixpanel, Segment, or similar)
• We do not use crash reporting services (no Sentry or similar)
• We do not track your behavior, clicks, or usage patterns
• We do not collect payment or financial information
• We do not upload your tasks, projects, or code to any server

2. How We Use Your Information

We use the information we collect to:

• Provide and operate the Tempo application
• Authenticate your identity and manage your account
• Enforce device access controls (single-device policy)
• Read your Google Calendar events to identify meetings you have designated for capture
• Join meetings and capture transcripts to generate project notes and action items
• Generate AI-powered analysis of meeting transcripts (summaries, insights, action items)
• Gate access to the application via access codes

We do not use your data for advertising, marketing profiling, or any purpose unrelated to providing Tempo’s core functionality.

3. Google API Services Compliance

Tempo’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only access Google Calendar data necessary to provide Tempo’s meeting capture functionality
• We do not use Google API data for serving advertisements
• We do not transfer Google API data to third parties except as necessary to provide and improve the meeting capture service, comply with applicable laws, or as part of a merger/acquisition with adequate data protection
• We do not use Google API data for purposes unrelated to the features described in this policy
• A human can review your Google API data only with your affirmative consent, for security purposes, to comply with applicable law, or when aggregated and anonymized for internal operations

4. Third-Party Services

Tempo integrates with the following third-party services, each with their own privacy policies:

4.1 WorkOS (Authentication)

We use WorkOS AuthKit for user authentication. When you sign in, your email and name are processed by WorkOS. See the WorkOS Privacy Policy.

4.2 Supabase (Cloud Database)

We use Supabase to store user account data, device registrations, meeting data, and access codes. Data is protected by Row Level Security policies. See the Supabase Privacy Policy.

4.3 Anthropic (AI Analysis)

Meeting transcripts are sent to Anthropic’s Claude API for analysis (summarization, insight extraction). Transcripts are processed according to Anthropic’s data usage policies. See the Anthropic Privacy Policy.

4.4 Recall.ai (Meeting Capture)

If you use meeting capture, Recall.ai provides meeting recording and transcription bots for supported platforms (Zoom, Google Meet, Microsoft Teams, Webex). See the Recall.ai Privacy Policy.

4.5 Deepgram (Speech-to-Text)

Meeting audio may be processed through Deepgram’s speech-to-text service for real-time transcription. See the Deepgram Privacy Policy.

4.6 Google (Calendar Integration)

We use Google Calendar APIs to read event details for meetings you designate for capture. Our use of Google data is governed by Section 3 of this policy. See the Google Privacy Policy.

5. Data Storage and Security

5.1 Local Data

Tasks, projects, execution history, application settings, and API keys are stored locally on your machine in the application data directory. This data remains under your control and is not transmitted to any server.

5.2 Cloud Data

Account information, device registrations, meeting transcripts, and access codes are stored in our Supabase database with Row Level Security policies. Data is encrypted in transit (TLS) and at rest.

5.3 Authentication Tokens

Access tokens, refresh tokens, and session tokens are stored locally using Electron’s secure storage mechanisms. Tokens are short-lived and automatically refreshed.

5.4 Local Logs

Tempo writes diagnostic logs to a local file that is automatically overwritten each session (approximately 20-minute retention). These logs are never uploaded.

6. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We share data only with the third-party service providers listed in Section 4, solely to operate the features described in this policy.

7. Data Retention

• Account data: retained while your account is active
• Device data: retained while your account is active
• Meeting data: retained in our database until you request deletion
• Google Calendar data: used transiently to schedule meeting capture; not stored beyond what is necessary for the meeting record
• Local data: retained on your machine until you delete the application data or uninstall Tempo
• Logs: automatically overwritten each application session

8. Your Rights and Data Deletion

You may:

• Access your account data by contacting us at the email address below
• Delete your local data at any time by removing the Tempo application data directory
• Request deletion of your cloud-stored data (account, device, and meeting data) by emailing us at the address below — we will process deletion requests within 30 days
• Revoke Google Calendar access at any time through your Google Account permissions — this immediately stops Tempo from accessing your calendar data
• Revoke meeting capture by removing the meeting agent from your calendar invitations

To request data deletion, email us with the subject line “Data Deletion Request” and include your account email address. We will confirm deletion within 30 days.

9. Children’s Privacy

Tempo is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last Updated” date at the top of this policy.

11. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at antoine@buildtempo.ai.