Privacy Statement

This Privacy Statement explains how FORUM LABS, INC. ("FORUM LABS," "TenTenor," "we," "us," or "our") collects, uses, discloses, and otherwise processes personal data.

This Privacy Statement applies to personal data we process:

1. in connection with our websites, marketing, events, and business operations;
2. when you create an account, communicate with us, or otherwise interact with us; and
3. when we process personal data on behalf of our customers in connection with the Service.

When we process meeting recordings, transcripts, participant data, and related Customer Data solely on behalf of a customer, we generally act as a processor/service provider, and the customer is the controller/business responsible for the relevant processing and related notices and consents.

1. Categories of Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

1.1 Account and Contact Information

• name
• business email address
• company name
• title or role
• login credentials or authentication details
• support communications

1.2 Customer Data and Service Data

• meeting recordings
• audio, video, and transcript data
• meeting titles, dates, times, participants, and calendar metadata
• notes, summaries, prompts, and user-entered content and feedback submitted about Outputs, comments, annotations, quality ratings, and other information users provide through interactive Service features
• AI-generated outputs, reports, coaching outputs, and analytics
• usage logs and feature interaction data

1.3 Product and Device Information

• IP address
• browser type
• device identifiers
• operating system
• approximate location derived from IP
• application and usage telemetry and feature interaction data, session-level analytics, and troubleshooting information used to understand feature adoption, debug user-reported issues, and improve the Service

1.4 Billing Information

• billing contact information
• transaction metadata
• subscription status
• invoicing details

Payment card data is processed by third-party payment processors such as Stripe. FORUM LABS does not store full payment card details.

1.5 Marketing and Communications Information

• your preferences for receiving communications
• event registrations
• survey responses
• communications with sales, support, or legal teams

2. Biometric and Audio-Related Data

Certain Service features may process audio recordings, voice characteristics, speaker labels, speaker diarization data, and related information. Depending on applicable law and how the Service is configured by the customer, audio recordings, voice characteristics, speaker-labeled data, speaker diarization data, and similar information processed through the Service may be considered biometric data, biometric identifiers, biometric information, or other specially regulated personal data.

FORUM LABS:

1. processes such data only to provide and support the Service, as configured by the customer;
2. does not sell biometric data or use identifiable customer biometric data to train models used to provide services to other customers;
3. may disclose such data only to subprocessors and service providers as necessary to provide the Service, subject to appropriate contractual restrictions; and
4. retains such data according to the customer's instructions, applicable retention settings, our contractual commitments, and applicable law.

Customers are responsible for determining whether voice recordings, speaker analysis, or other biometric-related features are lawful to use, and for providing all required notices and obtaining all required consents, authorizations, releases, and written consents where required by applicable law, from meeting participants and other individuals. Where enabled by a customer, such data may include voice recordings, speaker-labeled data, speaker diarization data, and voice characteristics used to distinguish or attribute portions of speech among participants. We process such data only as necessary to provide the Service as configured by the customer and in accordance with applicable law, customer instructions, contractual commitments, and retention settings.

3. How We Use Personal Data

We use personal data to:

1. provide, operate, maintain, support, and secure the Service;
2. authenticate users and manage accounts;
3. record, transcribe, summarize, analyze, and process meetings and related data as directed by customers;
4. generate notes, analytics, coaching outputs, reports, and other Outputs;
5. communicate with users and customers about the Service;
6. process billing, payments, renewals, and related transactions;
7. monitor usage, troubleshoot issues, prevent fraud, and improve system security and reliability;
8. conduct analytics, research, product development, and service improvement using aggregated, anonymized, or de-identified data;
9. use usage logs, support interactions, feature interaction data, and other Service telemetry to troubleshoot issues, understand product usage, provide support, and improve Service functionality;
10. comply with legal obligations and enforce our agreements; and
11. send marketing communications in accordance with applicable law.

4. AI Processing

The Service uses machine learning and related technologies to generate Outputs.

FORUM LABS does not use identifiable Customer Data, including customer prompts, inputs, transcripts, recordings, or Outputs, to train or fine-tune proprietary or third-party models used to provide services to other customers. We may use aggregated, anonymized, or de-identified data for product improvement, analytics, research, and service development.

The Service is not intended to make solely automated decisions that produce legal or similarly significant effects on individuals, including employment decisions. Customer organizations remain responsible for any decisions they make using or informed by the Service.

5. Sources of Personal Data

We collect personal data:

1. directly from you;
2. from customers that provision or authorize your use of the Service;
3. from meeting content submitted to the Service by or on behalf of customers, including through meeting recording tools, direct upload of audio or video files, or submission of transcript content;
4. automatically through your use of the Service and our websites; and
5. from service providers, integrations, and other third parties that support our business operations.

6. Legal Bases for Processing

Where required by applicable law, we rely on one or more of the following legal bases:

1. performance of a contract;
2. legitimate interests, such as providing and securing the Service, improving products, and communicating with customers;
3. consent, where required by law; and
4. compliance with legal obligations.

7. How We Disclose Personal Data

We may disclose personal data to:

1. affiliates;
2. cloud hosting, analytics, communications, payment, customer support, security, and AI service providers;
3. professional advisors, auditors, and insurers;
4. governmental authorities, regulators, or law enforcement where required by law; and
5. relevant parties in connection with a merger, financing, acquisition, restructuring, or sale of assets.

We do not sell personal data and do not share personal data for cross-context behavioral advertising.

8. Subprocessors

For Customer Data processed on behalf of customers, FORUM LABS uses subprocessors to support the Service. Our subprocessors may include providers supporting cloud hosting, database storage, meeting capture, transcription, AI processing, billing, email delivery, analytics, error monitoring, and business productivity tools. A current list of subprocessors is available at trust.tentenor.com. Customers may subscribe to receive notice of subprocessor updates where such functionality is offered.

9. Cookies and Similar Technologies

We use cookies and similar technologies for essential site functionality, authentication, security, performance, and analytics.

We do not use cookies for behavioral advertising or cross-context behavioral targeting.

You can control cookies through browser settings and, where available, cookie preference tools.

10. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Statement, including to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

Unless otherwise agreed in writing:

1. Customer Data is generally retained for the duration of the customer account or subscription;
2. following termination or expiration, Customer Data is generally deleted within ninety (90) days, unless earlier deletion is requested and operationally supported;
3. backup copies may be retained for up to an additional thirty (30) days; and
4. aggregated, anonymized, or de-identified data may be retained for a longer period.

AI-generated Outputs and meeting content are retained in accordance with the same customer-data retention framework, to the extent they contain personal data.

To the extent biometric-related or voice-related data is included in Customer Data, such data is retained and deleted in accordance with the same customer-data retention framework described above, unless applicable law requires otherwise.

11. International Transfers

FORUM LABS is based in the United States and may process personal data in the United States and other jurisdictions where we or our service providers operate.

Where required by law, we use appropriate safeguards for cross-border transfers, including the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum or other legally recognized transfer mechanisms, as applicable.

12. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal data, including measures such as encryption in transit and at rest, role-based access controls, logging and monitoring, vulnerability management, and incident response processes.

FORUM LABS maintains a SOC 2 examination covering the Security and Confidentiality of the Service.

13. Your Rights and Choices

Depending on your jurisdiction, you may have rights to request access, correction, deletion, portability, restriction, objection, or withdrawal of consent.

If your personal data is processed through the Service on behalf of a customer, you should generally direct your request to that customer, which controls the relevant processing. FORUM LABS may assist customers in responding to such requests as required by law or contract.

You may opt out of non-essential marketing communications at any time by using the unsubscribe link in the message or by contacting us.

14. Security Incidents

If we become aware of a confirmed security incident affecting personal data for which we act as a processor, we will notify the relevant customer without undue delay in accordance with our contractual and legal obligations.

15. Children

The Service is intended for adults and is not directed to children under 18. We do not knowingly collect personal data directly from children under 18.

16. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. If we make material changes, we will post the updated version and revise the "Last Updated" date. Where required by law, we will provide additional notice.

17. Contacting FORUM LABS