We are committed to protecting your personal information and being transparent about how we use it.
Effective Date: May 15, 2026 — Version 1.0
Version 1.0 | Effective Date: May 15, 2026
Ponuz, LLC, a Delaware limited liability company, is responsible for personal data processed in connection with Ponuz. Registered office: 131 Continental Dr, Suite 305, Newark, Delaware 19713, New Castle County, United States. Registered agent: Legalinc Corporate Services Inc. Contact: contact@ponuz.com or help@ponuz.com.
This Privacy Notice applies to the Ponuz website, desktop applications for macOS and Windows, backend APIs, workspace services, AI assistant, transcription, knowledge base, billing, support, and related communications.
We collect account and profile data such as name, email address, workspace name, role, avatar, language, time zone, authentication identifiers, session tokens, and support communications.
We collect content and usage data generated through the Service, including meeting titles, timestamps, transcripts, speaker labels, summaries, extracted tasks, task descriptions, notes, priorities, assignments, due dates, knowledge base articles, uploaded documents, generated documents, AI conversations, contextual mentions, memory facts, screenshots when enabled, usage logs, billing status, subscription metadata, storage usage, and application version or operating system information.
Microphone and system audio are processed in real time for transcription or voice features. Audio is not stored on Ponuz servers by default and Ponuz does not offer a user setting to permanently store meeting audio.
Screenshot capture may process everything visible on your screen. Depending on configuration, capture may require confirmation or consent before it is sent for AI analysis.
Ponuz does not intentionally collect sensitive personal data, precise geolocation, biometric information, advertising identifiers, or third-party advertising cookies. Because users control meetings, documents, screenshots, and AI chats, sensitive or third-party data may appear incidentally in User Content. You are responsible for having a valid legal basis for such processing.
Create, authenticate, secure, and manage user accounts.
Provide meeting transcription, summaries, tasks, knowledge base, AI chat, voice features, document import and generation, semantic search, workspace collaboration, and proactive notifications.
Process subscriptions, billing, taxes, invoices, and payment disputes through Stripe.
Measure usage, enforce plan limits, prevent abuse, protect security, debug errors, and improve service reliability.
Send transactional, administrative, security, billing, support, and legal communications.
Respond to privacy rights requests, data export requests, account deletion requests, legal obligations, and lawful authority requests.
Marketing communications, surveys, and non-essential analytics will be handled according to applicable consent and opt-out requirements.
Ponuz processes User Content through AI systems to provide user-requested features such as chat, summaries, task extraction, document generation, embeddings, voice sessions, and visual analysis.
Ponuz does not use User Content to train, improve, or develop Ponuz's own AI models or third-party AI models. Data sent to AI providers is used to provide the requested Service features.
Ponuz uses the following providers to operate the Service:
Amazon Web Services (AWS): cloud infrastructure, storage, database, security, and related processing.
OpenAI: AI chat, summaries, task extraction, embeddings, transcription or voice features where used.
Deepgram: real-time meeting transcription.
Recall.ai: desktop recording SDK, meeting recording, transcription, participant metadata, and related recording infrastructure where used.
WorkOS: authentication, user management, and enterprise SSO.
Stripe: payments, subscriptions, invoices, taxes, billing portal, and payment records.
Resend: transactional and support email delivery.
Sentry: error monitoring and reliability diagnostics, with sensitive data redaction where feasible.
Vercel: website hosting, performance, and analytics for ponuz.com.
Cloudflare: DNS, CDN, security, traffic protection, and related web services.
Providers process data only as necessary to provide, secure, monitor, bill for, or support the Service.
Ponuz uses strictly necessary cookies or local storage for session, security, language, consent, and preference purposes. The website may use Vercel Analytics and Speed Insights for privacy-focused performance measurement. Ponuz does not use advertising cookies, retargeting cookies, third-party ad pixels, or browser fingerprinting for advertising.
Data may be processed in the United States and other jurisdictions where our providers operate. By using the Service, you understand that your data may be transferred to and processed outside your country of residence. Where required, Ponuz relies on contractual safeguards, data processing agreements, standard contractual clauses, or other lawful transfer mechanisms.
Ponuz may disclose information when required by law, legal process, court order, government authority, to protect rights and security, to prevent abuse, in connection with business transfers, or with your direction or consent.
Account and profile data: for as long as the account remains active.
Meeting content, transcripts, summaries, tasks, documents, knowledge base, AI conversations, and memory facts: until deleted by the user, workspace owner, or account/workspace cancellation process.
Billing data: 5 years after the last payment, or longer if legally required.
Detailed usage logs: 180 days.
Webhook events: 90 days.
Completed jobs: 14 days.
Security logs: 1 year.
Inactive workspaces: subject to cleanup after 60 days of inactivity.
Upon account cancellation or verified deletion request, personal data will be deleted within 30 days unless retention is required by law, security, fraud prevention, tax, accounting, or dispute-resolution obligations. Workspace deletion may affect other members' shared workspace content.
Ponuz uses technical and organizational safeguards designed to protect data, including TLS/HTTPS, encryption at rest where appropriate, secure credential storage, restricted CORS and security headers, CSRF protections, rate limiting, input validation, access controls, protected API keys, error redaction, and workspace roles. No security measure is perfect, and we cannot guarantee absolute security.
Depending on your location, you may have rights to access, correct, delete, export, restrict, object to processing, withdraw consent, opt out of marketing, or lodge a complaint with a data protection authority. California residents may have rights under the CCPA/CPRA. EEA/UK users may have rights under GDPR. Mexican users may have ARCO rights.
To exercise rights, use the in-product privacy tools where available or contact contact@ponuz.com or help@ponuz.com. We may request information to verify identity and authority before fulfilling a request.
Ponuz is not intended for users under 18. We do not knowingly collect personal data from minors. If we learn that a minor created an account, we may delete the account and related data.
Ponuz uses automated processing for transcription, summaries, task extraction, semantic search, embeddings, proactive notifications, AI chat, and memory facts. These features are assistive and do not make legal or similarly significant decisions about you without user control.
Ponuz may update this Privacy Notice. Material changes will be posted at https://www.ponuz.com/privacy and may be notified by email or in-product notice. Continued use after the effective date means you accept the updated notice where permitted by law.
If you have any questions about this Privacy Notice or our data practices, please contact us: