Privacy policy

Chaired helps authorized programs verify meeting attendance. This policy describes our draft approach to personal information while the product matures. Your organization may act as a controller for participant data; Chaired often acts as a processor or service provider on behalf of that organization — exact roles belong in your Data Processing Addendum and counsel's analysis.

What we collect

Depending on features enabled, the service may process account identifiers (e.g. name, email, phone), program and enrollment relationships, meeting attendance outcomes, timestamps, and location information used at check-in to verify proximity to a meeting venue. Optional channels (e.g. SMS via Twilio) process contact details needed to deliver messages your program configures.

Location data

GPS or coarse location may be used when a participant initiates a chair-in and as described in the in-product disclosure. Chaired is not designed for continuous background tracking. Accuracy depends on device hardware, environment, and user permissions.

Use of information

We use data to provide, secure, and improve the service; to send operational notices; and to meet legal obligations. We do not sell personal information as a line of business. Aggregated or de-identified metrics may be used for reliability and product improvement where permitted.

Sharing

We share data with subprocessors (e.g. hosting, database, maps, SMS) necessary to operate the platform — see the Subprocessors page. Programs may access participant data according to their policies and the permissions implemented in the product. We may disclose information if required by law or to protect rights and safety.

Retention

Retention periods should follow your program agreements, applicable law, and technical configuration. Production deployments must align database retention with documented policies (see internal compliance and DBA practices).

Security

We implement administrative, technical, and organizational measures appropriate to the sensitivity of the data — including access controls, encryption in transit for modern deployments, and audit logging for key compliance features. **No system is perfectly secure**; programs should maintain incident response plans.

Your rights

Depending on jurisdiction, individuals may have rights to access, correct, delete, or restrict processing of their personal information. Many recovery programs route those requests through program staff; where Chaired receives a request directly, we will coordinate with the relevant organization when applicable.

Children

The service is built for adult-oriented program participation. If minors could be enrolled in your jurisdiction, obtain appropriate consent and counsel guidance before production use.

International transfers

If data crosses borders (e.g. EU ↔ US), ensure appropriate transfer mechanisms (e.g. SCCs) and updates to this policy — counsel to advise based on actual hosting regions and customer locations.

Changes

We will update this page when practices materially change and revise the "Last updated" date. Material changes for enterprise customers may require additional notice per contract.

Contact

For privacy requests related to this deployment: Configure CHAIRED_PRIVACY_CONTACT_EMAIL or NEXT_PUBLIC_SUPPORT_EMAIL for a public inbox.