Privacy Policy

Fireflies.ai Corp. Privacy Policy

Last Updated: May 03, 2024

This Privacy Policy (the “Privacy Policy”) serves to inform you of our policies and procedures regarding the collection, use and disclosure of the information we receive when you access and use the website (the “Site”), services, software, mobile applications, content, and all other products and services (all of the foregoing collectively, the “Services”) owned, controlled or offered, directly or indirectly, by Fireflies.ai Corp. (together with its subsidiaries and affiliates, “Fireflies.ai”, “we,” “our” or “us”). Fireflies.ai believes that the privacy of its users is paramount and strives to use Personal Information (as defined below) only in ways outlined in this Privacy Policy. The Privacy Policy is incorporated by reference into our Terms of Service, currently available at https://fireflies.ai/terms-of-service.pdf (the “ Terms of Service”) and our Data Processing Terms available at https://Fireflies.ai/data_processing_terms.pdf. Any terms used herein and not defined will have the meanings given to them in the Terms of** Service as the context requires. By using the Services, you hereby warrant and represent that you have read, understand and agree to this Privacy Policy and the Terms of Service and that you are over 18 years of age. PLEASE DO NOT USE, INSTALL OR ACCESS THE SERVICES IF YOU DO NOT AGREE TO THIS PRIVACY POLICY.

1. What We Mean by Personal Information

For purposes of this Privacy Policy, “Personal Information” means any information from or about a person that either identifies that person directly or that makes that person identifiable when it is combined with other information from or about that person from any source.

2. Information We Collect Information You Provide To Us

When you use the Services or otherwise communicate with us, we collect information that you provide to us directly. For example, we collect information in the following circumstances: you (i) use our mobile apps or visit the Site, (ii) register for the Services or create an account or profile or accept the creation of an account or profile on your behalf (an “Account”), (iii) access the Services through social networking sites or third party services, (iv) subscribe to newsletters; (v) purchase a product or service on the Site or in our mobile apps; (vi) invite others to use or join the Services, “share” the Services on social networking sites or perform other similar actions; (vii) request technical support; (viii) otherwise use our mobile apps or online Services where Personal Information is required for such use and/or participation, (ix) when you sign up for an automated email or other communication, and (x) when you contact us via the Site or when you otherwise communicate with us. You can choose not to provide information that is requested of you by us; however, this may limit your ability to use or access the Services.

The information you provide to us directly may include, without limitation, the following information that may, alone or in combination with other data, constitute Personal Information:

• Information you provide in connection with registering an Account, including your name, company name, e-mail, physical address, phone number, calendar data, meeting data, derivatives of such data, and any other information you decide to provide;
• Information you provide in order to authenticate an Account, including your Account name, password, and any other information you decide to provide;
• Information you provide in connection with completing a transaction or purchase using the Services;
• Information you provide in connection with using the Services, including your name, company name, email address, physical address, phone number, and any other information you decide to provide;
• Information you provide via email, through the “Contact” section on the Site or by using the contact details listed on various parts of the Site, including your name, company name, e-mail address, physical address, phone number, and any other information you decide to provide;
• Information you provide in order to subscribe to our newsletters and updates, including your email address, the topic for which you wish to receive updates, or any other information you decide to provide us with. You may always unsubscribe from these emails by following the instructions included;
• If you are one of our customers, suppliers or prospects, we may process limited Personal Information in the course of our business relation with you, for example when you place an order, request a demo or vice versa. Such Personal Information may include your name, company, title, e-mail address, phone number, address, order details, and where applicable and relevant, credit registrations and credit limits;
• Transaction and limited (non-PCI) payment data;
• Any other information you may want to share with us, such as Personal Information related to recruitment / job applications.

Moreover, if you contact us, a record of such correspondence may be kept.

Additionally, if another user refers you to us by providing us with your e-mail address, we may send you a message. However, we will use your e-mail address only to send such other user’s messages unless you otherwise affirmatively provide your information to us.

Automatically Collected Information

Most of the data we collect in and through the Site and the Services is technical in nature and is collected and processed automatically through so-called application programming interfaces, software development kits, cookies and similar software-based technologies. Alone or in combination with other data, such automatically collected data may constitute Personal Information. The data we may collect by automated means may include, without limitation:

• Device data: including, but not limited to, data on device advertising IDs and similar hardware qualifiers, and precise location data.
• Usage data: including, but not limited to, search terms entered and pages viewed.
• Network and internet information: including, but not limited to, URLs, Internet Protocol addresses, bounce rates, use of spoofing, active (TCP/IP) ports, number of sessions initiated, click streams, location information and network/Wi-Fi access points.
• Information we collect on the use of the Site via cookies: please see the “How We Use Cookies and Other Technologies” section below for more information.

Google Analytics is an element of the Site. By using cookies, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the Site, the Internet Protocol address, and the type of operating system used in the devices used to access the Site. By using a browser plugin available at http://www.google.com/ads/preferences/plugin/ provided by Google, you can opt out of Google Analytics.

Information You Post on the Services

The Services may provide voice, video and text chat, forum or bulletin board tools to users and the ability to create an “avatar” or other customized profile and Account information. Information that you provide through the use of these tools will be available to the public generally. Fireflies.ai has no obligation to keep private any information that you disclose to other users or the public using these functions. You should exercise caution when deciding to disclose Personal Information through the use of these tools or functions. We strongly recommend that you do not post any information through the Services that allows strangers to identify or locate you or that you otherwise do not want to share with the public.

How We Use Cookies and Other Technologies

The Company may use various tracking technologies, such as cookies, web beacons, and local shared objects, on the Site. These technologies may collect information about your device, browsing habits, and usage of the Site, including the type of browser you use, your search preferences, and information about advertisements that have been displayed to you or that you have clicked on. This information enables us to continuously improve the Services. However, you have the option to disable some of these technologies through the settings on your device or browser, although this may affect your ability to use the Site fully. It is important to note that these technologies may include unique identifiers that can be stored on your device or in emails sent to you by us. We are committed to protecting your privacy and will only use this information in compliance with relevant laws and regulations.

3. Use of Collected Information

We use the information you provide to us for the following purposes: (i) to further our legitimate interests in providing the Services, including without limitation to collect and remit payment for paid features, (ii) to administer your use of the Services and any Accounts you may have with us, (iii) to personalize your experience, (iv) to provide to you Service announcements or inform you of new releases and features, (v) to provide you with further information and offers from us or third parties that we believe you may find useful or interesting, such as newsletters, marketing or promotional materials, (vi) to enforce our Terms of Service, (vii) to resolve any disputes between users of the Site or between such users and us, (viii) comply with a legal requirement or process, including, but not limited to, civil and criminal subpoenas, court orders or other compulsory disclosures; (ix) to further our legitimate interest in protecting our rights, property, or safety and the rights, property and safety of the Services, our users or the public, and (x) to contact you to obtain feedback from you regarding the Site and the Services.

In addition to the purposes described above, we use the information collected automatically to (i) to further our legitimate interests in monitoring and analyzing the use of the Services and for the technical administration of the Site, (ii) improve the Site and the Services, (iii) generate and derive useful data and information concerning the interests, characteristics and website use behavior of our users, and (iv) verify that users of the Services meet the criteria required to process their requests. We may use demographic and geo-location, as well as information logged from your hardware or device, including data such as IP address, device model and ID, MAC address, operating system, application usage data, device time zone, region and language, and click ID, to ensure relevant advertising is presented within the Services.

4. Third Parties We Share Personal Information With

We may disclose personal information that you provide to us or that we collect automatically on the Site and through our Services to the following categories of third parties, but only if it is necessary and in compliance with relevant laws and regulations:

• Service providers, such as payment processors, web hosting and data storage providers, and those who help us deliver and develop our Services.
• Public authorities, such as law enforcement, if we are legally required to do so or if it is necessary to protect our rights or the rights of third parties.
• Our subsidiaries and affiliates, or a subsequent owner, co-owner or operator of our Site and/or Services, and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization, in accordance with this Privacy Policy.

We are committed to protecting the privacy of our users and will only disclose personal information to third parties when it is necessary and in compliance with relevant laws and regulations. We will also implement strict contracts and data processing agreements with third parties to ensure that they are only using personal information for the specific purposes outlined by us, and that they are protecting the privacy and security of the personal information they receive.

5. Links to Other Websites

From time to time, the Services may have links to sites outside of it. These sites may have links to offers and promotions from third parties. We put these in so that you can find information, products, or services that you might find helpful or interesting. We are not responsible for what is on these sites or what they offer, and we can't promise that they will always be up and running. Just because we have links to these other sites doesn't mean that we support or work with the people who run or promote them. The terms and conditions of use and privacy policies for any website controlled, owned, or run by a third party tell you how to use that website. You use these websites run by other people at your own risk. Fireflies.ai makes it clear that it is not responsible for anything that happens because you use or look at websites or other content linked from the Services. You agree to not hold Fireflies.ai responsible for anything that might happen if you click on a link on the Services.

6. Security

We understand the importance of privacy and security of Personal Information to our users and have made them a priority. Fireflies.ai uses a variety of industry-standard security technologies and procedures to help protect Personal Information about you from unauthorized access, use, or disclosure and trains Fireflies.ai employees on privacy and security issues. You can read more details about Fireflies.ai security at https://Fireflies.ai/security.

7. Do Not Track Signals and Similar Mechanisms

Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.

8. Managing Your Privacy

We keep your data on your behalf and for your benefit. You can correct or terminate and delete your Account information by following the instructions on the Services or by email at security@fireflies.ai, which you may also access for further assistance and questions regarding the Privacy Policy or for a copy of your Account data. If you cancel your Account or request us to delete your information, Fireflies.ai will limit its access to Personal Information to perform what is requested by you and will delete information accessible to Fireflies.ai within seven business days.

For certain of its services, Fireflies.ai may employ Artificial Intelligence (AI) or other similar technologies, which may include the processing of user data. Fireflies.ai will take reasonable means to preserve the privacy and security of such data, but Fireflies.ai is not liable for any loss or harm resulting from the user's use of AI or similar technologies. By utilizing Fireflies.ai' services, the user understands and accepts the risks involved with the use of AI or similar technologies and agrees to indemnify and hold Fireflies.ai harmless for any claims, damages, or losses resulting from such usage.

In addition, Fireflies.ai provides private cloud services to satisfy the demands of consumers or businesses who want their customer data to be strictly isolated. Private cloud customers have greater control over their underlying infrastructure, allowing them to customise it to their own business and regulatory needs. Private cloud customers that want their data to be strictly segregated (for example, customers dealing with PHI) can choose the Private Cloud option to exercise complete control over their compute and data infrastructure, ensuring that their data is separated per their compliance requirements.

9. Your Rights

We take steps to help ensure that you are able to exercise your rights regarding Personal Information about you in accordance with applicable law. If you would like to access, review, erase, withdraw your consent, or object to, or restrict the processing of Personal Data we collect about you, you may submit a request to security@fireflies.ai. We will promptly review all such requests in accordance with applicable laws. Depending on where you live, you may also have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at support@fireflies.ai, so we have an opportunity to address your concerns directly before you do so.

10. California Residents

California Civil Code Section 1798.83 requires certain businesses that share customer Personal Information with third parties for the third parties’ direct marketing purposes to respond to requests from California customers asking about the businesses’ practices related to such information-sharing. We currently do not share or disclose your Personal Information to third parties for the third parties’ direct marketing purposes. If we change our practices in the future, we will implement an opt-out policy as required under California laws.

Furthermore, subject to certain exemptions, California residents have the following rights with respect to Personal Information we may have collected about them:

Requests to Know

You have the right to request that we disclose:

• The categories of Personal Information we have collected about you;
• The categories of Personal Information about you we have sold or disclosed for a business purpose;
• The categories of sources from which we have collected Personal Information about you;
• The business or commercial purposes for selling or collecting Personal Information about you;
• The categories of Personal Information sold or shared, if any, about you, as well as the categories of third parties to whom the Personal Information was sold, by category of Personal Information for each party to whom Personal Information was sold; and
• The specific pieces of Personal Information collected.

You may submit a request to know using one of the methods described below in “Methods for Submitting Consumer Requests and Our Response to Requests”. The delivery of our response may take*** place electronically or by mail. We are not required to respond to requests to know more than twice in a 12- month period.

We do not sell, and have not in the prior 12 months sold, Personal Information about California residents. Therefore, we have not included a “Do Not Sell My Personal Info” link on our Site. If our practices change, we will update this Privacy Policy and take any other necessary action to comply with applicable law. We do, however, disclose Personal Information for business purposes as described in the “Third Parties We Share Personal Information With” section above.

Requests to Delete

You have the right to request that we delete any Personal Information about you that we have collected. Upon receiving a verified request to delete Personal Information, we will do so unless otherwise required or authorized by law. You may submit a request to delete Personal Information via using one of the methods described below in “Methods for Submitting Consumer Requests and Our Response to Requests ”.

Authorized Agents

You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.

Methods for Submitting Consumer Requests and Our Response to Requests

You may submit a request for access and requests to delete Personal Information about you via:

• our “live chat” function, or, alternatively, at https://app.Fireflies.ai/settingsor
• via email at support@fireflies.ai with a subject line of “Personal Information Request”.

Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.

We will acknowledge the receipt of your request within 10 days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. In order to protect your privacy and the security of Personal Information about you, we verify your request by authenticating your Account or asking for submission of identifying information, such as a driver license or other photo identification.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

The Right to Non-Discrimination

You have the right not to be discriminated against for the exercise of your California privacy rights described above. Unless permitted by the CCPA, we will not:

• Deny you goods or services;
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Provide you a different level or quality of goods or services; or
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. 11. International Transfers of Personal Information

Fireflies.ai is based in the United States. As a result, Personal Information that we collect in and through the Services and on the Site may be transferred to our U.S. offices. In addition, we may work with third- party service providers in the U.S. and in other countries to support our business activities. Thus, Personal Information may be transferred to, stored on servers in, and accessed from the United States and countries other than the country in which the Personal Information was initially collected. In all such instances, we use, transfer, and disclose Personal Information solely for the purposes described in this Privacy Notice and in compliance with applicable laws.

Accountability for Onward Transfer:

1. Transfer to Third-Party Controllers: When transferring personal information to a third party acting as a controller, Fireflies.ai may enter into a contractual agreement that ensures the data may only be processed for limited and specified purposes consistent with individual consent. The contract may stipulate that the recipient will provide a level of protection consistent with Fireflies.ai’ spolicies and may notify Fireflies.ai if it determines it can no longer meet this obligation. Upon such determination, the third- party controller may cease processing or take other reasonable and appropriate steps to remediate.
2. Transfer to Third-Party Agents: When transferring personal data to a third party acting as an agent, Fireflies.ai may: (i) transfer such data only for limited and specified purposes; (ii) ensure the agent is obliged to provide at least a comparable level of privacy protection; (iii) take reasonable steps to ensure effective processing consistent with Fireflies.ai' obligations; (iv) request the agent to notify Fireflies.ai if it determines it cannot provide the same level of protection; (v) upon notice, take reasonable steps to stop and remediate unauthorized processing; and (vi) provide relevant privacy provisions of its contract with the agent upon request.

Choice:

1. Opt-Out Mechanism: Fireflies.ai may offer individuals the opportunity to choose (opt out) whether their personal information is to be disclosed to a third party or used for a purpose materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual. Mechanisms for opting out shall be made available, though they may not always be applicable.
2. Exceptions: Choice may not be required when disclosure is made to a third party acting as an agent under the instructions of Fireflies.ai. However, Fireflies.ai shall generally enter into a contract with such agents.
3. Opt-In for Sensitive Information: For sensitive information, Fireflies.ai may obtain affirmative express consent (opt-in) from individuals prior to disclosure to a third party or use for a purpose other than those originally collected or subsequently authorized. Additionally, Fireflies.ai may treat as sensitive any personal information received from a third party where identified and treated as such. 12. Compliance with Data Privacy Frameworks

Fireflies.ai complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU- U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Fireflies.ai has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) and the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles). If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit : https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Fireflies.ai commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data and human resources data received in reliance on the mentioned frameworks.

Fireflies.ai acknowledges that it is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) regarding privacy and data protection matters.

Under certain conditions, individuals have the right to invoke binding arbitration. Fireflies.ai is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to Fireflies.ai and following the procedures and subject to conditions set forth in Annex I of Principles.

13. Data Retention

We will delete your Personal Information when it is no longer needed for the purposes for which it was collected, or when you request us to do so. Please note that we may be required by law or other legal obligations to retain some of your Personal Information, even after your request for deletion. However, once those requirements are no longer in place, we will promptly delete your Personal Information in accordance with your request. We are committed to protecting your privacy and ensuring that your personal information is treated with the utmost care and respect.

14. Changes to the Privacy Policy

Our security and Privacy Policy are periodically reviewed and enhanced as necessary. This Privacy Policy might change as we update and expand the Services. You can tell when this Privacy Policy was last updated by reviewing the Last Updated-legend on top of this page. We will endeavor to notify you of these changes by email, but will not be liable for any failure to do so. We also encourage you to review this Privacy Policy periodically. If you do not understand any of the terms or conditions of any of our policies, you may inquire regarding the same via email at security@fireflies.ai. Your continued use of the Services after any change in this Privacy Policy will constitute your acceptance of such change.

15. Contacting Us

If you have any concerns or questions about this Privacy Policy, please contact us at security@fireflies.ai.