Privacy Policy

1. Introduction

Forum Labs, Inc. ("Company," "we," "us," "our," or "TenTenor") operates TenTenor, a SaaS platform that provides AI-powered coaching, performance analysis, and operational intelligence for business teams. This Privacy Policy explains what information we collect, how we use and protect it, and your rights regarding your data. This policy applies to our website, application, services, and all related interactions. For jurisdiction-specific rights, see Section 16 (California) and Section 17 (EU/UK). This Privacy Policy should be read together with our Terms of Use.

2. Information We Collect

We collect information you provide directly to us, information we collect automatically, and information from third parties. The specific categories include:

2.1 Account & Identity Information

When you create a TenTenor account or register an organization, we collect information including but not limited to your email address, display name, timezone, organization name, team information, roles and permissions, and other profile details you provide.

2.2 Billing Information

For organizations with paid plans, we collect billing-related information including but not limited to billing contact name, billing email address, billing address, and payment-related data as needed to process transactions.

2.3 Meeting Data

We collect information about your meetings, including but not limited to meeting titles, dates, times, duration, attendee lists, meeting source and status, and associated calendar and service identifiers.

2.4 Media & Transcript Data

When a meeting is recorded or audio/video is uploaded, we collect and process audio files, video files, text transcripts, speaker identification data, and timestamps. Transcripts may be generated by third-party recording or speech-to-text providers. See our Trust Center at trust.tentenor.com for current providers.

2.5 AI Analysis Data

When we analyze a meeting, we generate and store AI-produced outputs including but not limited to coaching reports, scores, assessments, participant insights, talk time metrics, action items, and related analytical data. We also retain technical metadata related to the analysis process.

2.6 Usage & Feedback Data

We collect information about how you use TenTenor, including but not limited to analysis feedback and comments, usage metrics, feature interactions, and navigation patterns within the application.

2.7 Technical & Device Data

We automatically collect technical information including but not limited to IP addresses, browser and device information, performance metrics, session identifiers, and cookies. See Section 13 for details on cookies.

2.8 Waitlist Data

If you join our waitlist, we collect information including but not limited to your email address, name, company name, and other details you provide about your interest in the Service.

2.9 Authentication Data

To authenticate you, we collect and use unique identifiers, temporary authentication tokens, and session cookies.

3. How We Collect Information

3.1 Directly From You

You provide information directly when you interact with the Service, including when you create an account, complete your profile, submit meeting data, provide feedback, or contact us.

3.2 Automatically

We automatically collect technical and usage information through server logs, cookies, analytics services, error tracking, and security systems. See Section 13 for details on cookies and tracking.

3.3 From Third Parties

We receive information from third-party services that integrate with TenTenor, including calendar providers, meeting recording services, video conferencing platforms, and transcription services. See our Trust Center at trust.tentenor.com for current providers.

4. How We Use Your Information

We use the information we collect for the following purposes:

We use the information we collect to: (a) provide, operate, and maintain the Service, including all AI analysis, coaching, and intelligence features; (b) improve, personalize, and develop the Service and new features; (c) communicate with you, including transactional notifications, service updates, and marketing communications; (d) prevent fraud, enforce our Terms, and protect the security of the Service; (e) comply with applicable laws, regulations, and legal processes; and (f) generate aggregated, anonymized insights and benchmarks. See Section 8 for details on data sharing.

5. Legal Bases for Processing (GDPR)

If you are in the European Union, United Kingdom, or other GDPR-applicable jurisdiction, we process your personal data on the following legal bases: (a) Contract performance — to provide the Service under our agreement with you and your organization; (b) Legitimate interests — to improve the Service, prevent fraud, ensure security, and conduct analytics, balanced against your privacy rights; (c) Consent — for marketing communications, optional analytics, and certain integrations (you may withdraw consent at any time by contacting privacy@tentenor.com); and (d) Legal obligation — to comply with applicable laws and regulations.

6. Meeting Recording & Media Data

6.1 Data Controller vs. Data Processor

Your organization is the data controller for meeting content submitted to TenTenor. We act as a data processor for meeting analysis and as a data controller for AI Output derived from that content. Your organization is responsible for obtaining proper consent from meeting participants. See Section 18 for details.

6.2 Recording, Storage & Processing

Meeting data may be captured via calendar integration, audio or video upload, or direct transcript submission. Media files and transcripts are stored in secure, encrypted cloud infrastructure and processed by third-party providers as described in Section 8. Meeting data and analysis results may be visible to other members of your organization. The Service may perform automated speaker identification; accuracy may vary.

6.3 Human Review

Meeting analysis is primarily performed by automated systems. TenTenor staff may review recordings, transcripts, or other meeting data as needed to provide the Service, improve quality, troubleshoot issues, or comply with applicable law.

7. AI Processing

7.1 AI-Powered Analysis

When a meeting is analyzed, we send meeting transcripts, metadata, and applicable configuration to our AI analysis provider, which returns coaching insights, scores, and recommendations. Customer Data sent to our AI provider is not used to train the provider's models.

7.2 AI Output Ownership & Storage

All AI Output — including coaching reports, scores, assessments, and profiles — is owned by Forum Labs, Inc. and licensed to your organization as described in our Terms of Use, Section 7.4. We may re-analyze previously submitted data using updated algorithms (see Terms of Use, Section 7.4.1). Analysis results may be visible to other members of your organization. We may update AI models at any time.

7.3 How We Use Data for AI Improvement

We do not use identifiable Customer Data to train third-party AI models. We may use aggregated, anonymized, and de-identified data to improve our proprietary coaching algorithms, scoring methodologies, and analytical capabilities. Any such use is governed by our Terms of Use, Section 7.3.

8. Data Sharing & Disclosure

8.1 Service Providers

We share information with service providers who process data on our behalf under appropriate contractual safeguards. A complete, up-to-date list of our sub-processors is maintained at trust.tentenor.com. Organizations with a Data Processing Addendum (DPA) will receive advance notice before we engage a new sub-processor.

8.2 Within Your Organization

Meeting data, analysis results, and other Service outputs may be visible to other members of your organization based on role and access level, as configured by your organization's administrators.

8.3 Legal Requests & Compliance

We may disclose personal information when required by law, court order, subpoena, or other valid legal process, or when necessary to protect public safety or our legal rights.

8.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction.

8.5 Aggregated & Anonymized Data

We may share aggregated, de-identified data without restriction. This data cannot reasonably be used to re-identify individuals.

8.6 We Do Not Sell Your Data

We may share information with third parties as described in this policy.

9. International Data Transfers

TenTenor is hosted and operated primarily in the United States. If you are located in the European Union, United Kingdom, or other jurisdiction with data protection laws, your personal data is transferred to the United States. We rely on Standard Contractual Clauses (SCCs) and other appropriate legal mechanisms to ensure adequate safeguards for cross-border transfers. A Data Processing Addendum (DPA) is available upon request for organizations requiring enhanced compliance.

By using TenTenor, you acknowledge that your data will be processed in the United States, which may be subject to different data protection standards than your jurisdiction.

10. Data Retention

We retain personal information only as long as necessary to provide the Service and fulfill the purposes outlined in this policy. Different categories of data may have different retention periods, as governed by our data retention policy. Key principles:

• Account and organization data is retained for the duration of your subscription plus a reasonable period after account closure
• Audio files, video files, and transcripts may be subject to automatic data lifecycle policies and may be deleted after a defined retention period, even while your subscription is active. AI Output derived from these materials will be retained independently
• Billing data is retained as required for tax and accounting compliance
• Technical and analytics data is retained for limited periods appropriate to its purpose
• You may request deletion of specific data at any time, subject to legal and operational requirements
• You are responsible for exporting any data you wish to preserve before the applicable retention period expires
• Upon account cancellation, Customer Data will be deleted in accordance with the timelines in our Terms of Use, Section 8
• Even after deletion, data may persist in backups for a limited period for disaster recovery purposes

11. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your personal data against unauthorized access, alteration, disclosure, and destruction. These measures include encryption of data in transit and at rest, access controls, secure authentication, infrastructure security, and application-level protections. For details on our current security posture and compliance certifications, visit trust.tentenor.com.

We are committed to continuously improving our security practices. If you discover a potential security issue, please report it to security@tentenor.com.

12. Your Rights

12.1 GDPR Rights (EU, UK, & Equivalent Jurisdictions)

If you are in the EU, UK, or another GDPR-covered jurisdiction, you have the right to: access your personal data; rectify inaccurate data; request erasure; restrict processing; data portability; object to processing; withdraw consent; lodge a complaint with your supervisory authority; and not be subject to solely automated decisions that produce legal or similarly significant effects.

12.2 CCPA Rights (California Residents)

California residents have the right to: know what personal information we collect and why; request deletion; opt out of the "sale" of personal information; opt out of targeted advertising; and non-discrimination for exercising these rights.

12.3 Exercising Your Rights

To exercise any data rights, contact privacy@tentenor.com or write to Forum Labs, Inc., Attn: Privacy Officer, 1111B S Governors Ave # 27451, Dover, DE 19904. We will verify your identity and respond within the timeframes required by applicable law. Authorized agents may submit requests on your behalf with written authorization.

13. Cookies & Tracking

TenTenor uses cookies and similar technologies for the following purposes:

• Essential cookies: Required for authentication and core Service functionality. These cannot be disabled.
• Analytics cookies: Used to understand feature usage and improve the Service. You may opt out by contacting privacy@tentenor.com.
• Local storage: Used for session state and UI preferences. You can clear this via your browser settings.

You can control cookies through your browser settings.

14. Children's Privacy

TenTenor is not intended for children under the age of 16. We do not knowingly collect personal information from anyone under 16. If we become aware of such collection, we will delete the information promptly. Contact privacy@tentenor.com if you believe we have collected information from a child.

15. Do Not Track

TenTenor does not currently respond to "Do Not Track" browser signals. You can control tracking through your browser cookie settings or by contacting privacy@tentenor.com to opt out of analytics.

16. California Residents (CCPA & CPRA)

This section provides additional disclosures for California residents under the CCPA and CPRA.

16.1 Categories of Personal Information Collected

We collect the following CCPA categories: identifiers (email, name, IP address); commercial information (billing data, usage metrics); biometric information (audio recordings); internet/network activity; geolocation (IP-based, approximate); sensory information (audio recordings); professional information (roles, company name); and inferences (behavioral patterns). These categories are used for the purposes described in Section 4.

16.2 Sale, Sharing & Rights

For information about how we share data, see Section 8. We do not offer financial incentives in exchange for personal information. See Section 12.2 for your CCPA rights.

17. European Residents (GDPR & UK Data Protection)

The data controller for your account information is Forum Labs, Inc., 1111B S Governors Ave # 27451, Dover, DE 19904 (privacy@tentenor.com). For meeting content, your organization is the data controller and TenTenor is the data processor (see Section 19). For privacy inquiries, contact privacy@tentenor.com.

You may file complaints with your national data protection authority. For GDPR rights, see Section 12.1. For cross-border transfers, see Section 9. Organizations may request a Data Processing Addendum (DPA) by contacting privacy@tentenor.com.

18. Data Processor Role

TenTenor operates in multiple capacities depending on the data type: (a) Data Controller for account information, billing data, usage analytics, technical data, and AI Output; and (b) Data Processor for meeting recordings, transcripts, and attendee information submitted by your organization.

AI Output is owned by Forum Labs, Inc. and licensed to your organization (see Terms of Use, Section 7.4). Your organization remains the data controller for underlying meeting content. A current list of sub-processors is maintained at trust.tentenor.com.

19. Changes to This Policy

We may update this Privacy Policy at any time. Updated versions will be posted on our website with a revised "Last Updated" date. Your continued use of TenTenor after any changes constitutes acceptance of the updated policy.

20. Contact Information

If you have questions about this Privacy Policy, your data, or your privacy rights, please contact us:

We will respond to data rights requests within the timeframes required by applicable law.