Xembly’s Data Privacy & Security

At Xembly, we take the responsibility of managing your data privacy and security very seriously. We earn our access to manage your calendar and video call data everyday by creating and enforcing rigorous internal policies designed to keep your data safe.

Our goal is to be very clear about how and when we collect, store, transmit and use your data. We are guided by a few key user-first governance principles:

Your data belongs to you – and you should have control over who has access to it.
Your data should be protected – no matter how often, or in what ways you utilize Xembly.
Your data should be minimal – only providing the bare minimum needed for Xembly to support you.
You should have the ability to delete your data – no questions asked.

FREQUENTLY ASKED QUESTIONS

Is Xembly SOC 2 compliant?

Xembly is SOC 2 Type I certified and has successfully passed a third-party audit from StrikeGraph. We’re fully committed to ensuring strong internal control practices and security frameworks are in place to secure our customer’s data and privacy. If you would like to request a copy of our SOC 2 report, please email us at legal@xembly.com

What permissions does Xembly ask for?

Xembly will ask to integrate with your Google Calendar for purposes of finding and making times for meetings and focused work as well as your chosen videocall platform(s): Zoom or Google Meet. Xembly works through Google and Zoom’s first party authentication, so your access is secured through those entities.

Is my data shared with 3rd parties?

We have and will never share your Xembly data with a third party for profit or comarketing purposes. We do not intend in any way to build a business off of monetizing our user data.

In the course of running a technology business, we do use well-regarded tools like AWS to support our infrastructure as subprocessors.

What kind of data does Xembly store?

Xembly collects and stores a subset of calendar event data in order for us to provide our service. Data is limited to title, date/times, attendees, and other miscellaneous information. We DO NOT store meeting details / descriptions in our system

We also store your Xembly preferences to help us make appropriate scheduling recommendations.

In the course of generating Meeting Summaries, we optionally collect video and audio recordings. As part of our summarization process, we also collect and store full-text transcripts of the meeting and our generated meeting notes. The retention period for raw meeting assets including media and transcripts can be configured by each customer as needed.

For additional information, please visit xembly.com/privacypolicy

If I have additional questions, who should I contact?

Please reach out to legal@xembly.com