SpikedAI Logo

Privacy Policy

Effective Date: February 19, 2023. Last Updated: February 21, 2026. This Privacy Policy explains how SpikedAI collects, uses, and protects personal data in connection with its platform and services.

1. Introduction

SpikedAI (“SpikedAI”, “we”, “us”, or “our”) provides software designed to analyze meeting transcripts and related business information in order to generate insights, summaries, signals, and performance intelligence for organizations.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when individuals access our website, create accounts, or use the SpikedAI platform and related services.

SpikedAI does not independently record meetings or capture audio or video. Meeting recordings and transcription services are performed by third-party providers integrated and authorized by our customers. SpikedAI receives transcript data and related metadata from those integrations solely to provide platform functionality.

SpikedAI generally acts as a data processor or service provider on behalf of customer organizations with respect to customer content and transcript data. Customer organizations act as the data controllers and determine the purposes and means of processing such data.

SpikedAI is intended for professional and business use and is not directed to individuals under the age of 13. Organizations using the services are responsible for ensuring lawful use of integrations and data shared with the platform. If we become aware that personal data has been provided in violation of applicable child data protection laws, we will take reasonable steps to delete such data where practicable.

By using the services, users acknowledge that their organization controls how integrations are configured and what information is shared with SpikedAI.

2. Information We Collect

We collect information from several sources depending on how the services are used.

2.1 Information You Provide Directly

When creating or administering an account, users may provide personal data such as name, email address, organization name, billing details, and communications sent through support or onboarding channels.

2.2 Automatically Collected Information and Website Interaction

When users access the platform or website, we automatically collect certain technical information including IP address, browser type, device identifiers, operating system, timestamps, pages accessed, and diagnostic logs. We may also collect anonymous information about how visitors interact with our website, such as page visits, navigation paths, and interactions with site features. This information helps us maintain security, troubleshoot issues, and improve reliability.

2.3 Chatbot Conversations

If you interact with our website chatbot, we may collect and temporarily store messages exchanged during the conversation, along with related technical metadata such as timestamps and anonymous visitor identifiers. We process chatbot messages to respond to inquiries and provide support, improve the chatbot’s responses and system performance, and identify potential product interest or business inquiries.

2.4 Integration and Transcript Data

Customers may connect third-party integrations that provide meeting transcripts, participant identifiers, timestamps, and contextual metadata. SpikedAI processes this information on behalf of customers in order to generate summaries, insights, and analytics within the platform.

2.5 Methods of Collection

We collect information through multiple methods, including information provided directly by users, information generated automatically through use of the platform, and information received from integrations enabled by customers. Certain technical data is collected automatically through cookies, logs, and similar technologies when users access our services.

SpikedAI does not independently collect conversational data outside integrations authorized by customers. Where required by law, consent will be obtained before non-essential cookies are used.

3. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to operate and improve the services, understand usage patterns, and enhance security. These technologies help us remember user preferences, maintain session state, and collect technical information about how the platform is accessed and used.

Customers can manage cookie preferences through their browser settings. Some features of the services may function less effectively if cookies are disabled.

4. How We Use Information

We use collected information to operate and improve the services, including to:

  • provide platform functionality and AI-powered analysis;
  • generate summaries, signals, and contextual insights;
  • maintain account administration and workspace management;
  • provide customer support and onboarding assistance;
  • monitor platform performance, reliability, and security;
  • detect fraud, abuse, or unauthorized access;
  • communicate service updates, billing notices, and operational messages;
  • comply with applicable legal obligations.

We may use aggregated or de-identified information to evaluate and improve product features. Customer content is not used to train general-purpose artificial intelligence models without authorization.

4.1 Artificial Intelligence Processing

SpikedAI uses machine learning and computational systems to analyze transcript and workspace data in order to generate summaries, signals, and performance insights. Processing occurs automatically based on patterns identified within provided data.

Outputs are intended to assist users and do not constitute automated decision-making producing legal or similarly significant effects. Customer content is not used to train general-purpose artificial intelligence models without authorization.

Customers are responsible for human review of outputs before reliance on them.

5. Sharing of Information

We do not sell personal data.

We may share information in limited circumstances:

  • with service providers supporting hosting, infrastructure, analytics, or security;
  • with organizational administrators managing customer workspaces;
  • when required by law, regulation, or legal process;
  • to protect the rights, safety, or security of users or the public;
  • in connection with mergers, acquisitions, or asset transfers.

5.1 Third-Party Data Sources

Some personal data processed by SpikedAI originates from third-party services integrated by customers, such as meeting transcription or workflow platforms. These providers may independently collect data in accordance with their own privacy policies.

Service providers are contractually required to process data only for authorized purposes and to maintain appropriate confidentiality protections.

5.2 Subprocessors

SpikedAI may engage trusted third-party service providers (“subprocessors”) to support the operation of the services, including hosting, infrastructure, analytics, communications, and security services. These subprocessors are authorized to process personal data only as necessary to provide services to SpikedAI and are subject to contractual obligations regarding confidentiality and data protection.

A current list of subprocessors supporting the services may be made available upon request.

6. Data Retention

We retain personal data only for as long as necessary to provide the services, fulfill contractual obligations, maintain security, resolve disputes, and comply with legal requirements. Retention periods may vary depending on customer configuration, legal obligations, and operational needs. Chatbot conversations are retained for up to 30 days and are automatically deleted after this period unless required for legitimate support or security purposes.

7. Security

SpikedAI implements technical and organizational safeguards designed to protect personal data, including encryption in transit where appropriate, access controls, authentication mechanisms, monitoring systems, and periodic security testing.

No system can guarantee absolute security, and users should take appropriate steps to protect their credentials and organizational access.

8. International Transfers

SpikedAI operates primarily in the United States. Information may be transferred to and processed in the United States or other jurisdictions where our service providers operate. Where required, we implement safeguards intended to protect personal data during international transfers.

8.1 Do Not Track Signals

Some web browsers include a “Do Not Track” (“DNT”) feature that signals to websites that a user does not want to have online activity tracked. Because there is currently no consistent industry standard for interpreting DNT signals, SpikedAI does not respond differently when such signals are received.

8.2 California Privacy Rights

If you are a California resident, you may have certain rights under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”), including the right to:

  • request access to personal information we collect about you;
  • request deletion of personal information, subject to legal exceptions;
  • request correction of inaccurate personal information;
  • know the categories and purposes of personal information collected;
  • opt out of the sale or sharing of personal information, where applicable.

SpikedAI does not sell personal information as defined under applicable California law. Customers may configure retention or request deletion of customer content subject to contractual and legal obligations.

Requests may be submitted by contacting us at hello@spiked.ai. We may take reasonable steps to verify your identity before fulfilling requests.

Authorized agents may submit requests on behalf of individuals where permitted by applicable law.

9. Your Rights

Depending on applicable law, individuals may have rights to access, correct, delete, or restrict processing of personal data. Requests relating to workspace data may be directed to the organization controlling the account.

We will respond to valid requests within a reasonable timeframe consistent with applicable law.

9.1 Additional Rights for EEA and UK Residents

Individuals located in the European Economic Area (“EEA”), United Kingdom, or other jurisdictions with similar data protection laws may have additional rights under applicable law, including the General Data Protection Regulation (“GDPR”). Subject to applicable legal limitations, these rights may include:

  • the right to request access to personal data we hold about you;
  • the right to request correction of inaccurate or incomplete personal data;
  • the right to request deletion of personal data;
  • the right to restrict or object to certain processing activities;
  • the right to data portability, allowing you to receive personal data in a structured, commonly used format;
  • the right to withdraw consent where processing is based on consent;
  • the right to lodge a complaint with a supervisory data protection authority in your jurisdiction.

Where SpikedAI processes personal data on behalf of a customer organization, requests relating to customer content should generally be directed to the organization controlling the account.

10. Changes to This Policy

If material changes are made to this Privacy Policy, we may notify users through the platform, email notification, or administrative notice prior to the changes becoming effective where required by law.

11. Contact

Questions regarding this Privacy Policy may be directed to: hello@spiked.ai.