Privacy Policy for Recordly Chrome Extension

Last Updated: December 2024

1. Introduction

Recordly ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use the Recordly Chrome extension (the "Extension").

By using the Extension, you agree to the collection and use of information in accordance with this policy.

2. Data Collection

2.1 Meeting Recordings

Recordly does NOT collect, store, or transmit any meeting recordings or meeting content. All recordings are stored locally on your device and are never uploaded to our servers or any third-party services.

2.2 Authentication Data

We collect minimal authentication data necessary for account management:

Email address - For account creation and login
Authentication tokens - For secure session management
License validation data - To verify authorized access to the Extension

2.3 Usage Data

We do not collect usage statistics, analytics, or tracking data about how you use the Extension.

3. How We Use Your Data

We use the collected authentication data solely for:

User authentication and account management
License validation and multi-device session control
Preventing unauthorized access to the Extension
Ensuring compliance with our terms of service

4. Permissions Usage

Recordly requires the following Chrome extension permissions, which are used exclusively for recording functionality:

desktopCapture: Used only when you explicitly start a recording to capture screen content during Google Meet sessions. This permission is essential for the Extension's core functionality.
tabs/activeTab: Used to detect when you are on a Google Meet page (meet.google.com) and enable recording controls only in that context. This ensures the Extension only functions on Google Meet pages.
storage: Used to save recording state (active/inactive, start time) locally on your device. No data is synced to external servers. This allows the Extension to maintain recording state even when the popup is closed.
identity: Used for secure user authentication through Firebase. No personal information is shared beyond what is necessary for authentication.
scripting: Used to inject content scripts into Google Meet pages to enable recording functionality. This is required for the Extension to interact with Google Meet sessions.
host_permissions (meet.google.com): Required because the Extension only works with Google Meet sessions. This permission allows the Extension to detect and interact with Google Meet pages.
host_permissions (API endpoint): Used only for authentication and license validation. No meeting data or recordings are transmitted to this API.

5. Third-Party Services

5.1 Firebase Authentication

We use Google Firebase for secure user authentication. Firebase's privacy policy applies to authentication data. You can review Firebase's privacy policy at: https://firebase.google.com/support/privacy

5.2 API Services

Authentication and license validation data is transmitted to our secure API endpoint hosted on AWS. This data is encrypted in transit and used only for the purposes stated above. The API endpoint is: https://dj9una2cy6.execute-api.ap-south-1.amazonaws.com/stage/*

6. Data Storage and Security

All meeting recordings are stored locally on your device and are never transmitted to our servers.
Authentication data is stored securely using Firebase's encrypted storage.
We implement industry-standard security measures to protect your authentication data.
We do not store any meeting content, transcripts, or participant information.
All data transmission is encrypted using HTTPS/TLS protocols.

7. Data Sharing

We do NOT share, sell, or rent your personal information to third parties. The only exception is:

Firebase (Google) - For authentication services, as necessary for account management. Firebase's privacy policy governs this data sharing.

We do not share meeting recordings or meeting content with anyone, as this data never leaves your device.

8. User Rights

You have the right to:

Access your account information
Delete your account and associated data
Request information about data we hold
Opt-out of data collection (by not using the Extension)
Request correction of inaccurate data

To exercise these rights, please contact us using the information provided in the Contact Us section below.

9. Children's Privacy

Recordly is not intended for users under the age of 13. We do not knowingly collect information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. Compliance

This Extension complies with:

Chrome Web Store Developer Program Policies
Google's User Data Privacy Policy
General Data Protection Regulation (GDPR) principles
California Consumer Privacy Act (CCPA) principles

11. Data Retention

We retain authentication data only for as long as necessary to provide the Extension's services. When you delete your account, we delete all associated authentication data. Meeting recordings stored on your device are your responsibility to manage and delete.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by:

Updating the "Last Updated" date at the top of this policy
Posting a notice in the Extension (if significant changes occur)

Your continued use of the Extension after any changes constitutes acceptance of the new Privacy Policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Website: https://www.recordly.in
Support: https://www.recordly.in

This privacy policy is effective as of the date listed above and applies to all users of the Recordly Chrome extension.