Download

Privacy Policy

EffectiveMay 28, 2026

Contents
  1. Roles and responsibility
  2. What information Moonage collects
  3. How we use your personal data
  4. With whom we share your personal data
  5. International transfers
  6. Your rights
  7. How we keep your personal data safe
  8. Personal data of children
  9. Google API and Google Workspace data
  10. Cookies, tracking and Do Not Track
  11. How long we store your personal data
  12. Updates to this Privacy Policy
  13. Contact us

Moonage, Inc. ("Moonage", "we", "us" or "our") respects your privacy and is committed to securing and protecting any information we hold about you. This policy (the "Privacy Policy") covers our treatment of personal data about you whenever you access or use Moonage's products, services, features and technologies, including our website (the "Site"), platform and any plug-ins that exchange information with Moonage (the "Services"). The Privacy Policy also covers other interactions you have with Moonage and describes your rights and how you can exercise them. The Site and Services are referred to collectively as the "Online Services".

You accept this Privacy Policy by using the Online Services. If you have any questions or concerns about it, please contact us using the details in Section 13.

In this Privacy Policy, "Applicable Data Protection Laws" means the legislation applicable from time to time to the processing of your personal data, including the EU General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK General Data Protection Regulation and the UK Data Protection Act 2018 (together, the "UK GDPR"), the Data Use and Access Act, supplementary national legislation, and the practices, guidelines and recommendations issued by a national or EU supervisory authority.

1. Roles and responsibility

Moonage's Services are offered to companies and other legal entities for professional use (our "Subscribers"). Our subscriber agreements govern the delivery and use of the Services ("Subscriber Agreements").

This Privacy Policy applies when Moonage is the data controller responsible for processing personal data. It does not apply to any input submitted to, output generated by, or documents and files uploaded to our Services ("Content"). We process Content as a data processor on behalf of our Subscribers (who are the data controllers), and our processing of Content is governed by the relevant Subscriber Agreement. Any queries relating to data that can be used to identify you ("personal data") contained in Content should be directed to the relevant Subscriber. If we receive a rights request concerning data we process as a processor, we will forward it to the relevant Subscriber.

Moonage may maintain links to other websites, and other websites may link to the Online Services. This Privacy Policy applies only to the Online Services operated by Moonage, and not to other websites accessible from our Services or websites you use to access our Services.

2. What information Moonage collects

2.1 Information you provide to us

We collect personal data you provide when you create an account to use our Services or communicate with us, as follows:

  • User account information: We require everyone with access to our Services to have an account. When you or your employer creates a Moonage account for you, we collect personal data including your name, email address, role, language preferences and account credentials.
  • Communication information: When you contact us for support, feedback or other enquiries, we collect your name, email address, phone number and any other information you choose to provide. We may monitor or record phone and email communications with our staff for training and quality-assurance purposes, and may receive a confirmation when you open or click content in an email from us.
  • Social media information: We maintain accounts on social media platforms such as LinkedIn, YouTube and X. When you interact with these accounts we collect the personal data you choose to provide, and the platforms hosting them may give us aggregate analytics about your interactions.
  • Survey and contest information: We may invite you to take part in surveys to measure customer satisfaction. Participation is voluntary, and the information requested typically includes your name, email address and mailing address.
  • Testimonial and review information: With your consent, we may display testimonials or reviews from users. You can contact us at any time to update or remove your testimonial or review.
  • Meeting, calendar and recording data: Where you use features of our Services that connect to your calendar or join, record or process meetings, we may collect calendar data (such as meeting invitations, body text, and the senders and recipients), meeting data (such as attendees, audio and transcriptions), photos, videos or recordings of you or your environment, any other identifying information you authorise Moonage to access or elect to share with us, and any derivatives of such data, including transcripts of conversations. We collect and use this data to provide the relevant features of the Services to you and the Subscriber you represent. Where we process this data on behalf of a Subscriber, we act as a data processor and our processing is governed by the relevant Subscriber Agreement (see Section 1).

2.2 Information we automatically collect

When you visit, use and interact with our Services, we automatically collect certain information about your visit and interactions ("Technical Information"), including through automated means from your computer or device:

  • Log data: Your browser automatically sends us your IP address, browser type and settings, the date and time of your request, and how you interacted with the Online Services.
  • Device information: We automatically collect information about the device you use, including device name and ID, operating system, browser, referring and exit pages, date/time stamps, clickstream data, and — where relevant to the Services — other applications that use the microphone function. What we collect may depend on your device and its settings.
  • Usage data: We automatically collect information about your use of the Services, including the features you use, actions you take, your time zone, location, dates and times of access, time spent within the Services, and the types and volumes of queries you submit. We never collect or store data directly related to your Content other than in accordance with the applicable Subscriber Agreement.
  • Cookies: A cookie is a small string of information transferred to your device for identification. We and our service providers use cookies, and some cookies are placed by third parties such as Google (for analytics). You can disable or be warned about cookies through your browser settings, though rejecting cookies may limit the functionality of our Services. We use the following categories of cookies:
    • Essential cookies — required to enable you to move around the website and use its features, such as accessing secure areas.
    • Performance and analytics cookies — including Google Analytics, these track the pages you visit so we can see which content is most popular and improve performance; they primarily record aggregate and anonymous data but may capture a minimal amount of identifiable information.
    • Functional cookies — these remember choices such as your language or region to make your visit more personal, and are deleted when you close your browser or the session expires.

2.3 Information collected from third parties

We may collect information about you from third parties such as security partners, marketing vendors and event organisers. Our Subscribers may give us your contact details to help us provide the Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.

2.4 Publicly available information

Our Services may provide access to publicly available information. Some of this may relate to individuals and can, in certain jurisdictions, be considered personal data. Such personal data is processed only so that our Services can provide more accurate and relevant responses, and not to intentionally identify individuals. Moonage also collects publicly available information about Subscribers and prospects, including name, email address, phone number and other contact details.

2.5 Aggregated information

Moonage may aggregate personal data and use the aggregated information to analyse the effectiveness of, improve and add features to our Services. From time to time we may analyse the general behaviour and characteristics of users and share, publish or make generally available aggregated information such as general user statistics. We may also create aggregated, de-identified or anonymised data from the personal data we collect, including by removing information that makes the data personally identifiable, and use or share it with third parties for our lawful business purposes — provided we will not share it in a manner that could identify you. We may collect aggregated information through the Services, through cookies and through the other means described in this Privacy Policy.

3. How we use your personal data

Moonage may use your personal data for the following purposes:

  • to provide, administer, maintain and improve our Services;
  • to provide support, resolve issues and respond to your queries;
  • to manage and remember your preferences and customise the Services;
  • to communicate with you, including to send information or marketing about our Services and events;
  • to analyse and study the effectiveness of our Services and develop new features and services;
  • to verify your identity, prevent fraud and criminal activity, and ensure the security of our IT systems, architecture and networks;
  • to prevent misuse of the Services and enforce our legal terms;
  • to comply with legal obligations and legal processes; and
  • to protect the rights, privacy, safety or property of Moonage, our affiliates, you or other third parties.

The table below provides additional information about the categories of personal data we collect, how we use them, our legal basis under the GDPR, and how long we retain them. These disclosures do not limit our ability to use or disclose information as described above.

PurposeTypes of personal dataLegal basisData retention
To manage the customer relationship with you and/or your employer and to provide and administer the Services you use.User account information; Communication information; Log data; Device information; Usage dataNecessary to perform a contract with you and/or your employer (Art. 6(1)(b) GDPR).Until the relevant Subscriber Agreement terminates.
To provide support, resolve issues and respond to your queries.User account information; Communication informationNecessary to perform a contract (Art. 6(1)(b) GDPR) and legitimate interest in supporting users (Art. 6(1)(f) GDPR).For as long as you use the Services.
To ensure network and information security of the Services.User account information; Technical InformationLegitimate interest in maintaining security (Art. 6(1)(f) GDPR), which also serves your and our Subscribers' interests.For as long as you use the Services.
To analyse usage for the development and improvement of the Services.User account information; Technical InformationLegitimate interest in product development and improving the customer experience (Art. 6(1)(f) GDPR).For as long as you use the Services.
To calculate usage costs in relation to suppliers and Subscribers (anonymised where possible).Usage dataNecessary to perform a contract (Art. 6(1)(b) GDPR) and legitimate interest in calculating usage costs (Art. 6(1)(f) GDPR).Up to 6 months after use of a Service, or longer where required by law or to protect legal rights.
To conduct satisfaction surveys, market research and request reviews.Survey and contest information; Testimonial and review information; Technical InformationLegitimate interest in measuring and improving customer satisfaction (Art. 6(1)(f) GDPR).Until the Subscriber Agreement terminates.
To decide what marketing to provide to you (may involve profiling).Communication information; Social media information; Technical InformationLegitimate interest in tailoring marketing (Art. 6(1)(f) GDPR).Until you notify us you object to this processing.
To send you direct marketing and marketing surveys about Moonage and our affiliates.Communication information; Social media information; Technical InformationYour consent (Art. 6(1)(a) GDPR).Until you withdraw your consent or opt out.
To provide the AI agent, meeting and calendar features of the Services, including joining, recording, transcribing and summarising meetings where you enable these features.Meeting, calendar and recording data; Photos, videos and recordings; User account informationNecessary to perform a contract with you and/or your employer (Art. 6(1)(b) GDPR). Where Moonage processes this data on behalf of a Subscriber, Moonage acts as a data processor under the relevant Subscriber Agreement.In accordance with the relevant Subscriber Agreement, or otherwise for as long as you use the relevant feature.
To verify your identity.User account information; Technical InformationNecessary to perform a contract (Art. 6(1)(b) GDPR).For as long as you use the Services.
To protect Moonage from legal claims and safeguard our legal rights.All categories in Section 2; in a dispute, additional data necessary to exercise our rights.Legitimate interest in protecting against legal claims (Art. 6(1)(f) GDPR).For the period Moonage must retain the data to perform the contract or comply with applicable law.

4. With whom we share your personal data

In certain circumstances we may share your personal data with third parties without further notice to you, unless legally required, including in the situations below:

  • Affiliates: We may share your personal data with other entities within the Moonage corporate group. Our affiliates will only use the personal data we share with them in a manner consistent with this Privacy Policy.
  • Vendors and service providers: To support our business operations we may share your personal data with vendors and service providers, including hosting and cloud providers, other information-technology providers, event-management services, email and newsletter services, advertising and marketing services, and web-analytics providers. These parties access, process or store personal data only to perform their duties to us and on our instructions.
  • Independent controllers: Some recipients act as independent data controllers responsible for their own processing of your personal data — for example, law firms or auditing firms we engage who, in performing their assignment, have access to your personal data and process it according to their own procedures. Moonage remains responsible for ensuring that any such sharing takes place in accordance with Applicable Data Protection Laws.
  • Third-party websites and services: Our Services may contain links to websites not operated or controlled by Moonage, including social media services. Information you share with those sites is governed by their own privacy policies and terms, not this Privacy Policy. Providing a link does not imply that we endorse or have reviewed the site.
  • Other users: When you use the collaboration features within our Services, certain actions you take may be visible to other users of the Services.
  • Plug-ins: When you connect your Moonage account to an external third-party application (for example, a word-processor plug-in), the provider of that application may receive information about you. Their own terms and privacy policies will govern your use of that application.
  • Business changes: If we are involved in a strategic transaction such as a sale, merger, reorganisation, liquidation or transition of service to another provider, your personal data may be disclosed during diligence and transferred to a successor or affiliate as part of that transaction, along with other assets.
  • Legal requirements: We may share your personal data where required by law or in the good-faith belief that doing so is necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, act in urgent circumstances to protect the personal safety of users or the public, or protect against legal liability.

5. International transfers

Moonage operates facilities and servers in both the European Union/European Economic Area (EU/EEA) and the United States. By using the Online Services you understand and acknowledge that your personal data may be transferred from your location to our facilities and to those of our service providers in these regions, and in certain situations — such as when we share data within the Moonage group or with a supplier or subcontractor — outside the EU/EEA.

Moonage always ensures that the same high level of protection applies to your personal data under the applicable data protection laws, even when the data is transferred internationally, and your rights (described in Section 6) are not affected by such transfers. Countries outside the EU/EEA may have laws allowing public authorities to access personal data for crime-prevention or national-security purposes; regardless of where processing occurs, we ensure appropriate safeguards are in place in accordance with applicable data protection requirements such as the GDPR. These safeguards include, but are not limited to:

  • Adequacy decisions: Where the relevant authority (such as the European Commission) has decided that the destination country provides an adequate level of protection corresponding to that of the applicable data protection laws.
  • Standard Contractual Clauses: Where the relevant authority's standard clauses have been entered into between Moonage and the recipient. We also assess whether laws in the recipient country affect the protection of your data and, where necessary, take additional technical and organisational measures.
  • Derogations: In limited circumstances we may rely on an exception under the applicable data protection laws — such as your explicit consent or the necessity of the transfer for the establishment, exercise or defence of legal claims.
  • Data Privacy Framework: Where the transfer is covered by a relevant framework, such as the EU–US Data Privacy Framework, an opt-in certification scheme for US companies administered by the US Department of Commerce.

6. Your rights

You have several rights under the applicable data protection laws (including the GDPR) concerning your personal data and how we process it:

  • Right to information and access: You can ask whether we are processing your personal data and request a copy of it (a "data extract"), together with information about how we process it.
  • Right to rectification: If you believe your personal data is inaccurate or incomplete, you can ask us to correct or complete it.
  • Right to restriction: You can ask us to restrict processing where you believe the data is inaccurate, the processing is unlawful, or we no longer need the data, including while we assess any objection you raise.
  • Right to object: You can object, on grounds relating to your particular situation, to processing based on our legitimate interests. Unless we can show compelling legitimate grounds, we will stop the processing. You can always object to processing for direct-marketing purposes, and we will then stop sending it to you.
  • Right to be forgotten: In certain cases you can ask us to delete your personal data — for example, where we no longer need it, or where it is processed based on consent that you withdraw. There are situations where we cannot delete data, such as where it is still necessary for the original purpose, where our interests override yours, or where we have a legal obligation to keep it.
  • Right to data portability: Where we process your personal data to perform a contract or based on your consent, you may in certain cases obtain a copy in a machine-readable format and transmit it to another data controller.
  • Right to withdraw consent: Where we process your personal data based on your consent, you may withdraw that consent at any time, and we will then stop the related processing.
  • Right to lodge a complaint: If you have concerns about how we process your personal data, you may contact or lodge a complaint with the relevant data protection supervisory authority. In the EU this includes your national authority or, for Sweden, the Swedish Authority for Privacy Protection (IMY); a list of EU authorities is available through the European Data Protection Board. If you are in the UK, or your matter relates to the UK, you may complain to the Information Commissioner's Office (ICO).

To exercise your rights, please contact us at any time. To protect your data from unauthorised access or deletion, we may need to verify your identity (and, where applicable, proof of residency) before processing a request, and we may decline requests where we cannot verify your identity. You may use an authorised agent who provides signed written authority and can verify your identity. We will not discriminate against you for exercising your rights. Even after deletion, certain residual data may remain in our backups or archives for a limited period in accordance with our retention policies and applicable law.

7. How we keep your personal data safe

We take appropriate steps to protect your personal data against loss, misuse, and unauthorised access, disclosure, alteration and destruction. Depending on the nature of the information and the scope of processing, our technical and organisational measures may include physical access controls, encryption, intrusion detection and network monitoring. No security measures are perfect or impenetrable.

Should a personal data breach occur that is likely to result in a high risk to your rights and freedoms — for example, a risk of fraud or identity theft — we will inform you of the risk and recommend steps you can take to mitigate any potential adverse effects, in accordance with our obligations under Applicable Data Protection Laws. We also recommend that you help protect your data by choosing and protecting your password and other sign-on credentials carefully, limiting access to your device and browser, and signing out after you finish using your account.

8. Personal data of children

Our Services are intended for professional use and are not directed to children. We do not knowingly collect or solicit personal data from children under 16 years of age. If you are under 16, please do not attempt to register for or otherwise use the Services or send us any personal data. If you believe that a child under 16 may have provided personal data to us, please contact us at privacy@moonage.ai and we will take appropriate steps to delete it.

9. Google API and Google Workspace data

Where we collect personal data about you through a Google API, our use and transfer of that data to any other application will comply with the Google API Services User Data Policy, including its Limited Use requirements. In addition, Moonage does not use Google Workspace user data to develop, improve or train non-personalised or generalised AI or machine-learning models, and does not combine such data with data from other customers for model-training purposes.

10. Cookies, tracking and Do Not Track

We and our service providers use cookies and similar tracking technologies (such as pixel tags, web beacons and JavaScript) to analyse use of the Online Services and improve your experience, as described in Section 2.2. Some web browsers offer a "Do Not Track" (DNT) signal. Because there is no common industry standard for how to interpret DNT signals, Moonage does not currently change its practices in response to a DNT signal from your browser. You can manage cookies through your browser settings as described in Section 2.2.

11. How long we store your personal data

Moonage retains your personal data for as long as necessary to fulfil the purposes for which it was collected, or longer where required under applicable law:

  • If you are a Moonage user covered by a Subscriber Agreement between your employer and Moonage, we delete your data in accordance with that agreement.
  • Personal data we are legally obliged to retain — for example under anti-money-laundering or bookkeeping laws — is kept for the periods required by applicable law (generally 5 or 7 years).
  • Personal data not used for a contractual relationship and not subject to a legal retention obligation is retained only as long as necessary for the relevant purpose (usually around 3 months).

Further detail is set out in the table in Section 3. In limited cases we may store personal data longer in order to protect our legal rights. When we no longer need your personal data, we delete or anonymise it in accordance with our retention policies and applicable law, or — where that is not immediately possible, for example because the data is held in backup archives — we securely store and isolate it from further processing until deletion is possible. A legal obligation to store your personal data does not permit us to use it for any other purpose.

12. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page unless another type of notice is required by law or contract. By continuing to use the Online Services, or by providing us with personal data, after we have posted an updated Privacy Policy or notified you by other means, you accept the revised Privacy Policy.

13. Contact us

If you have any questions about this Privacy Policy or any other privacy-related matter, please contact us at privacy@moonage.ai or by mail at the address below.

Controller's contact information

Moonage, Inc. privacy@moonage.ai