Privacy Policy
Last updated: 19 June 2026
1. Who we are
Loopsii is an all-in-one app for freelance designers and developers that brings projects, clients, tasks, time tracking, invoicing, and an AI meeting assistant into one place. This Privacy Policy explains how we collect, use, share, and protect personal data.
The data controller is [LEGAL ENTITY NAME], registered at [REGISTERED ADDRESS] (company number [COMPANY NUMBER]) ("Loopsii", "we", "us"). For any privacy question or to exercise your rights, contact us at privacy@loopsii.com. [If you appoint a Data Protection Officer or an EU/UK representative, add their details here.]
2. Scope of this policy
This policy covers our website and waitlist, and the Loopsii application and related services (together, the "Service"). Where we link to third-party services (for example a video-call provider or your bank), their own privacy notices apply to what they do.
3. Our roles: controller and processor
For your account and the data about you (your profile, billing details, usage), Loopsii acts as a controller and this policy applies.
For the content you put into the Service about your own clients and projects (client contacts, meeting recordings and transcripts, files, notes), you are the controller and Loopsii acts as a processor that handles that data on your instructions. Your use of that data is governed by our terms and, where applicable, a Data Processing Agreement [link your DPA]. You are responsible for having a lawful basis (and, where required, consent) to put that data into Loopsii.
4. The personal data we collect
Website & waitlist
When you join the waitlist we collect your name, email address, the role you select, your update preferences, and whether you want to be a beta user.
Account & profile
When you create an account we collect your email, full name, and profile photo, plus the business details you add: business name, VAT/tax ID, billing address, registration number, currency, timezone, and bank account details (such as IBAN, BIC, account and routing numbers) used to display payment information on your invoices.
Content you create
The Service stores the content you add to run your work: clients (names, emails, phone numbers, addresses, VAT IDs, notes), projects, milestones, tasks, comments, attachments, time entries, and invoices. This may include personal data about your clients and collaborators.
Meeting assistant
If you use the AI meeting assistant, a bot may join your video calls to capture recordings, transcripts, and summaries, which we use to generate notes and suggested tasks. See section 6.
Integrations
If you connect Google Calendar, we receive and store (in encrypted form) OAuth tokens and the calendar data needed to schedule and link meetings to your projects, limited to the scopes you approve. You can disconnect at any time.
Technical & usage data
Like most services, we automatically receive technical data — IP address, device and browser type, pages viewed, and diagnostic/error logs — used to operate, secure, and improve the Service.
5. Why we use your data and our legal bases
- To provide the Service (create your account, run your projects, generate invoices) — performance of a contract.
- To operate the waitlist and send product updates you ask for — your consent, which you can withdraw at any time.
- To keep the Service secure, prevent abuse, debug, and improve it — our legitimate interests in running a safe, reliable product.
- To meet legal, accounting, and tax obligations (e.g. retaining invoice records) — compliance with a legal obligation.
- To record and transcribe meetings — your consent and your instructions (see section 6).
6. The AI meeting assistant & call recordings
The meeting assistant uses a third-party bot (Recall.ai) to join calls and produce recordings and transcripts, which are stored (Cloudflare R2) and processed by an AI model (Anthropic / Claude) to create summaries and tasks. Recordings and transcripts can contain the voices and personal data of everyone on the call.
Your responsibility: recording laws differ by country and US state (some require all-party consent). You must inform participants and obtain any legally required consent before recording. AI summaries can be inaccurate or incomplete — review them before relying on them. We do not use your meeting content to train third-party AI models, and we instruct our AI provider not to use it for their own model training.
7. Who we share your data with
We do not sell your personal data. We share it with service providers ("sub-processors") who help us run the Service, under contracts that require them to protect it:
- Supabase — authentication and database hosting.
- Vercel — application and website hosting.
- Anthropic — AI processing of meeting transcripts (summaries, tasks).
- Recall.ai — meeting recording and transcription bot.
- Cloudflare (R2) — storage of recordings, transcripts, and attachments.
- Resend — sending transactional and product emails.
- Sentry — error monitoring and diagnostics.
- Google — calendar integration (only if you connect it).
We may also disclose data where required by law, to protect our rights or users' safety, or as part of a merger or acquisition (with notice where required). [Keep this list current and publish it as your sub-processor list.]
8. International data transfers
Some of our providers are located in the United States or process data outside your country. Where we transfer personal data out of the EEA/UK, we rely on appropriate safeguards — such as the EU–US Data Privacy Framework (where the recipient is certified) and/or the European Commission's Standard Contractual Clauses, with additional measures where needed. You can ask us for a copy of the relevant safeguards. [Confirm each provider's mechanism and your Supabase/R2 region.]
9. How long we keep your data
We keep personal data only as long as needed for the purposes above. Account and content data is kept while your account is active and for a reasonable period afterwards; invoices and related records are kept for the period required by tax and accounting law [e.g. up to 10 years, confirm for your jurisdiction]; meeting recordings and transcripts are kept [retention period — confirm] or until you delete them; waitlist data is kept until you ask us to remove it or the waitlist closes. We then delete or anonymise it.
10. How we protect your data
We use technical and organisational measures including encryption in transit, encryption of sensitive tokens, database row-level security to isolate each account's data, access controls, and monitoring. No system is perfectly secure, but we work to protect your data and will notify you and the relevant authority of a personal-data breach where the law requires.
11. Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, or object to our processing of your personal data, to data portability, and to withdraw consent at any time. You can also unsubscribe from marketing emails using the link in each message. To exercise any right, email privacy@loopsii.com.
If we process your client/meeting data as a processor, please direct those requests to the Loopsii user (the controller); we will help them respond.
If you are in the EEA/UK you have the right to complain to your local data protection authority; California and other US-state residents have additional rights, including the right not to be discriminated against for exercising them.
12. Cookies & similar technologies
Our website currently uses only strictly necessary cookies/local storage required for it to work, and we do not use advertising or third-party tracking cookies — so no consent banner is shown. The Loopsii app uses essential cookies to keep you signed in. If we introduce analytics or other non-essential technologies, we will update this policy and ask for your consent first.
13. Children
Loopsii is a business tool not intended for children. We do not knowingly collect data from anyone under [16/18]. If you believe a child has given us personal data, contact us and we will delete it.
14. Changes to this policy
We may update this policy from time to time. We will post the new version here with a revised "last updated" date and, for material changes, give you reasonable notice.
15. Contact us
Questions or requests: privacy@loopsii.com, or write to [LEGAL ENTITY NAME, REGISTERED ADDRESS].