Salyn Start

Trust

Privacy Policy

Effective date: May 20, 2026

This Privacy Policy explains how Salyn ("Salyn", "we", "us") collects, uses, stores, and shares information when you use the Salyn dashboard, API, meeting-bot features, calendar integrations, and related marketing pages (together, the "Service"). Salyn is operated by Lee Hansel Solevilla Jr., an individual based in Dubai, United Arab Emirates.

If you do not agree with this policy, please do not use the Service. For privacy questions, contact us at [email protected].

1. Information we collect

We collect the following categories of information:

  • Account information. Name, email address, and an account identifier. If you sign in with Google, we receive your email, name, profile picture URL, and a Google user identifier through the standard openid, email, and profile scopes. We do not request access to your Gmail or Drive for account sign-in.
  • Authentication state. Session cookies (named access, refresh, and oauthState) used to keep you signed in and to complete the Google OAuth handshake.
  • Meeting content you provide. Audio or video recordings you upload, capture in the dashboard, or ask Salyn to capture through an online-meeting bot, generated transcripts, speaker labels, AI-generated briefs, decisions, action items, chat questions you ask about a meeting, and metadata such as meeting titles, descriptions, conference URLs, scheduled times, bot session status, and recording provider identifiers.
  • Calendar integration data. If you connect Google Calendar, we store encrypted OAuth tokens, the connected calendar account email, granted scopes, watch-channel identifiers, sync cursors, and recent or future calendar event metadata needed to detect supported video meetings. This can include event titles, descriptions, locations, start and end times, provider event IDs, and conference links.
  • Contacts and sharing data. Email addresses of people you tag as meeting participants or share a meeting with, optional display names, and share-link permissions.
  • Billing and usage data. Pay-as-you-go credit balances, processed-minute counts, provider usage logs used for cost accounting, and payment metadata returned by our payment processor. Salyn does not store sensitive card data such as full card numbers, CVV, PIN, magnetic stripe data, or chargeable payment tokens. We may store non-sensitive payment display metadata returned by Paddle, such as card brand, last four digits, expiry month/year, cardholder name, transaction IDs, invoice or receipt references, and refund or chargeback status.
  • Technical data. Basic request metadata such as IP address, user agent, device-fingerprint identifiers or hashes when available, and timestamps, used for security, signup-credit abuse prevention, and debugging.

2. How we use information

  • Authenticate you and keep your session active.
  • Transcribe and summarize the recordings you submit, return generated notes and action items, and answer meeting questions you ask the in-app assistant.
  • Schedule, reschedule, cancel, and process online-meeting bot recordings that you request.
  • Connect to Google Calendar if you authorize it, import supported video-meeting events, and keep imported calendar meetings in sync.
  • Operate sharing, contacts, billing, credit accounting, and signup-credit fraud prevention.
  • Detect abuse, protect the Service, and meet legal or tax obligations.
  • Improve the Service in aggregate and respond to support requests.

We do not sell personal information. We do not use Google user data to serve advertising. We do not use your meeting recordings, transcripts, or generated notes to train any AI model, and our AI processing sub-processors are configured under terms that prohibit training their general-purpose models on your data.

3. Google user data

Salyn's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy , including the Limited Use requirements.

We use Google account sign-in information only to:

  • Create or sign you into your Salyn account.
  • Display your name and profile picture in the dashboard.
  • Associate meetings and contacts with the correct account.

If you separately connect Google Calendar, Salyn requests read-only access to calendar events so it can find supported conference links, create calendar-imported meeting rows, keep those rows in sync, and reschedule or cancel Salyn bot sessions when the underlying calendar event changes. Salyn does not use Google Calendar access to create, edit, or delete events in your calendar.

We do not transfer Google user data to third parties except as necessary to provide the Service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you. We do not allow humans to read Google user data unless you give us explicit consent for specific messages, it is required for security (for example, investigating abuse) or required by law, or the data is aggregated and used for internal operations in accordance with the Limited Use requirements.

4. Sub-processors

Salyn uses the following sub-processors to deliver the Service. Each is bound by a written agreement. Where a sub-processor provides AI model processing, we configure it under terms that prohibit using customer data to train general-purpose models.

  • Google Cloud Platform — primary hosting, application database, and private object storage (Google Cloud Storage) for uploaded recordings.
  • Google (Gemini API) — generates meeting briefs, decisions, action items, and answers to meeting questions from transcript text. We send the transcript text and brief context for the current meeting. Gemini API requests are governed by the Google Cloud terms and are not used to train Google's general-purpose models.
  • AssemblyAI — transcribes and diarizes submitted audio. AssemblyAI receives a short-lived signed read URL to the recording and returns transcript data via webhook. AssemblyAI does not use customer audio to train its models when accessed through the standard API.
  • Recall.ai — schedules and operates online-meeting bots when you request bot recording. Recall receives the meeting URL, bot configuration, scheduled join time when applicable, limited metadata needed to route webhooks back to Salyn, and the meeting media captured by the bot so Salyn can retrieve the recording.
  • Paddle — acts as Merchant of Record and online reseller for paid orders. Paddle handles checkout, payment method collection, tax, invoices, receipts, payment support, refunds, chargebacks, and related fraud checks. Paddle is the custodian of sensitive payment data; Salyn receives only payment and method metadata needed to operate credits and account billing.

Because recordings and transcripts contain whatever was said in your meeting, we cannot redact identifiers, names, or sensitive content before sending meeting URLs and media to a bot provider, audio to the transcription provider, or transcript text to the summarization provider — doing so would defeat the core purpose of the Service. By uploading, recording, or scheduling a bot for a meeting, you accept that its content will be processed by these sub-processors as described.

5. Storage, security, and location

Recordings are stored in private Google Cloud Storage buckets scoped to your account. The application database and storage are located in the United States. Bot providers and other sub-processors may process information in the regions where they operate or where we configure their service. Access URLs to recording bytes are generated as short-lived signed URLs; we do not store public links to your recordings.

We use industry-standard practices including TLS in transit, encrypted storage at rest, scoped service-account credentials, and least-privilege application access patterns. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

6. Sharing of information

We share information only as follows:

  • With sub-processors listed above, strictly to provide the Service.
  • With Paddle when you purchase credits, manage payment methods, request payment support, or when payment, tax, refund, fraud, or chargeback handling requires it.
  • With people you invite to a meeting through a share link. Restricted shares require the recipient to be signed in with the invited email; link shares allow anyone with the link to view, edit, or take full action according to the permission you choose. Shared views strip recipient email lists from public payloads.
  • For legal reasons when we believe in good faith that disclosure is required by law, regulation, legal process, or governmental request.
  • As part of a business transfer such as a merger, acquisition, or asset sale, subject to the surviving entity honoring this policy.

7. Retention

We retain account information, meetings, recordings, transcripts, generated notes, contacts, and billing records for as long as your account is active or as needed to provide the Service. You can delete individual meetings from the dashboard at any time. To delete your account and all associated meeting data, email [email protected]; we will action verified deletion requests promptly, typically within 30 days, subject to limited retention required for legal, tax, or fraud-prevention purposes.

8. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete the personal information we hold about you, to object to or restrict certain processing, and to lodge a complaint with your local data protection authority. To exercise any of these rights, email [email protected] from the address associated with your account.

9. Cookies

Salyn uses a small number of strictly necessary cookies to keep you signed in (access, refresh) and to complete Google sign-in (oauthState). The dashboard does not use third-party advertising or cross-site tracking cookies. Marketing pages on salyn.app may use minimal first-party analytics; if added, they are described here before launch.

10. Recording consent

You are responsible for obtaining any consent required by applicable law from all participants before recording, uploading, live-recording, or scheduling a bot for a meeting. When you use bot recording, Salyn or its provider may cause a named bot to join the meeting, wait to be admitted, record the meeting, and return the recording to Salyn for transcription and summary. You are responsible for notifying participants, obtaining host or organizer permission where required, and following the rules of the meeting platform. Salyn does not monitor whether you have obtained consent.

11. Children

Salyn is not directed to children under 16, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, email [email protected] and we will delete it.

12. International transfers

Salyn is operated from Dubai, United Arab Emirates and uses sub-processors located in the United States. By using the Service, you understand that your information will be transferred to and processed in the United States and other jurisdictions where our sub-processors operate.

13. Changes

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, when appropriate, notify account holders by email or in-product notice. Continued use of the Service after an update constitutes acceptance of the revised policy.

14. Contact

Salyn — operated by Lee Hansel Solevilla Jr., Dubai, United Arab Emirates.
Privacy contact: [email protected]