Privacy Policy
Short version: your meeting data never leaves your device. We collect only your email (to verify your subscription) and payment info is handled entirely by Stripe — we never see your card number.
1. Who we are
AgendaBurn ("we", "us", "our") is a meeting cost tracker available at agendaburn.com. For questions about this policy, contact us at support@agendaburn.com.
2. What data we collect
Email address. We collect your email address when you subscribe (via Stripe) or sign in to restore Pro access. We use it to send a one-time verification code and to look up your subscription status.
Payment information. Subscription payments are processed by Stripe. We never see, store, or have access to your card number, CVV, or billing address. Stripe's privacy policy applies to payment data.
Meeting data. Attendee names, salaries, and meeting history are stored only in your browser's localStorage. This data never leaves your device and is never sent to our servers.
Contact messages. If you contact us via the in-app form, your message is processed by Formspree and forwarded to our support email.
3. What we do NOT collect
- We do not use tracking cookies or advertising pixels
- We do not build advertising profiles or sell your data
- We do not record or transmit meeting audio or video
- We do not access your calendar data beyond what you explicitly grant via the Google Calendar integration
4. Third-party services
AgendaBurn uses the following third-party services, each with their own privacy policies:
- Stripe — payment processing (stripe.com/privacy)
- Resend — transactional email (resend.com/privacy)
- Vercel — hosting (vercel.com/legal/privacy-policy)
- Google Calendar — optional integration, requires your explicit authorization (policies.google.com/privacy)
- Slack — optional integration, requires your explicit authorization
- Formspree — contact form processing (formspree.io/legal/privacy-policy)
5. How we use your data
- To verify your identity via a one-time email code
- To check whether your Stripe subscription is active
- To send you transactional emails (verification codes, receipts) — no marketing email without consent
- To respond to support requests
6. Data retention
We retain your email address for as long as you have an active subscription. If you cancel and request deletion, we will remove your email from our systems within 30 days. Meeting data stored in your browser is deleted when you clear your browser data — we have no copy of it.
7. Your rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you
- Delete your data (right to erasure / "right to be forgotten")
- Correct inaccurate data
- Object to processing
- Portability — receive your data in a machine-readable format
To exercise any of these rights, email us at support@agendaburn.com. We will respond within 30 days.
8. Security
We use HMAC-SHA256 signed session tokens, HTTPS-only connections, and server-side Stripe validation to protect your account. We never store passwords. Verification codes expire in 10 minutes.
9. Children
AgendaBurn is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, contact us and we will delete it promptly.
10. Changes to this policy
We may update this policy occasionally. When we do, we'll update the "last updated" date at the top. Continued use of the service after changes constitutes acceptance of the revised policy.
11. Contact
Questions or concerns? Email us at support@agendaburn.com. We're a small team and we read every message.