Privacy Policy

1. Information We Collect

Account and profile information

When you create or use a Tofia account, we may process your name, email address, authentication identifiers, account session tokens, subscription status, app settings, language preferences, and support messages.

Meeting and practice data

Tofia may process meeting audio, live transcripts, translations, summaries, action items, coaching feedback, meeting titles, attendees, calendar metadata, and user-provided meeting context when you use real-time meeting, translation, summary, or practice features.

Chrome extension browser context

When you use the Tofia Chrome extension, it may process audio from the browser meeting tab you choose, optional microphone audio, live transcripts, translations, meeting summaries, meeting titles, and the title and URL of browser tabs used to identify supported meeting pages. The Chrome extension does not read arbitrary page content or files.

Local app and device information

The desktop app may process local app settings, diagnostics, app version, operating system, microphone or system-audio device choices, virtual audio driver status, and crash or error information needed to operate and improve the product.

Integrations

If you connect optional integrations, Tofia may process data from those services, such as Google Calendar events, Google Drive or Google Docs content, Gmail message metadata or message content, and related OAuth tokens. Integration data is accessed only after you connect the integration and only to provide the requested feature.

2. Chrome Extension Privacy and Permissions

The Tofia Chrome extension is a browser-based meeting assistant. It opens a side panel, lets you sign in to your Tofia account, captures audio from the selected browser meeting tab after you start a session, can capture microphone audio after permission is granted, and connects to Tofia cloud services to provide transcription, translation, summaries, reports, billing, support, and account features.

What the Chrome extension does not do

• It does not sell or share browser data for advertising.
• It does not use browser content to train AI models.
• It does not collect Chrome browsing history.
• It does not read every page automatically in the background.
• It does not request local network bridge access, desktop screen capture, page injection, or broad active-tab permissions.
• It does not execute remote code; extension code is bundled with the extension package.

3. How We Use Information

We use information to:

• provide live transcription, translation, summaries, reply suggestions, and coaching;
• process the browser meeting tab audio, optional microphone audio, meeting title, and tab URL needed for a meeting session;
• sync app state, account status, settings, report history, and user preferences;
• operate connected integrations that you authorize;
• maintain security, prevent abuse, debug issues, and improve reliability;
• respond to support requests and product feedback.

4. How Information Is Shared

We share information only as needed to operate Tofia, comply with law, protect users, or complete actions you request. Depending on the feature, information may be processed by:

• AI, speech-to-text, and translation providers used to generate transcripts, translations, summaries, and responses;
• cloud hosting, database, authentication, and storage providers used to run Tofia;
• error monitoring and analytics providers used to diagnose crashes and product reliability issues;
• payment processors if you purchase a paid plan;
• connected third-party services such as Google, only after you authorize the integration.

We do not allow these processors to use your sensitive Tofia content for their own advertising or model-training purposes.

5. Storage and Retention

Some information is stored locally on your device, including extension settings, account session state, app settings, notification preferences, and local conversation state. If you use account sync, cloud history, integrations, shared summaries, or support features, related records may be stored in Tofia cloud systems.

Sensitive meeting data, including meeting audio, transcripts, and notes, is scheduled for deletion after 30 days unless a longer period is required to provide a feature you request, comply with law, resolve disputes, or maintain security. You can request deletion by contacting us at support@tofia.ai.

6. Security

We use technical and organizational safeguards designed to protect personal information, including encrypted transport for cloud services, scoped OAuth access for integrations, local browser-extension storage for account session state, access controls, and data minimization. No method of storage or transmission is perfectly secure, but we work to limit collection and access to what is needed for Tofia to function.

7. Your Choices

• You can choose not to start browser tab audio or microphone capture.
• You can remove Chrome extension permissions in Chrome settings.
• You can disconnect Google or other integrations from the Tofia app.
• You can delete local extension conversations or clear app data from your device.
• You can request account, meeting, or support-data deletion by emailing us.

8. Children

Tofia is intended for professional and educational use by adults and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy as Tofia changes. If we make material changes, we will update the date at the top of this page and provide additional notice when appropriate.