Skip to main content
cratersync

[ LEGAL / PRIVACY POLICY ]

Privacy Policy

Effective April 15, 2026

This Privacy Policy explains what information CraterSync collects when you use the hosted Service at cratersync.fm, how we use it, and the choices you have. Self-hosted deployments run inside your own infrastructure; this Policy applies only to the hosted Service operated by CraterSync.

1. Information we collect

Account information

When you create an account we collect your email address and display name. We do not store a password -- sign-in is via a single-use 6-digit code emailed on each login. When you join an organization, we record your role (owner, admin, or member) and the timestamp of your membership.

Recordings and session metadata

For each recording session you create or join, we store: the session title and identifiers, participant display names and roles, per-track media chunks, transcripts (if generated), and the timestamps of session events. Recordings are encrypted at rest with a per-session AES-256-GCM keywrapped by our key-management service. The encryption context binds each session's key to its organizationIdand sessionId, making cross-tenant decryption infeasible. Enterprise customers may bring their own AWS KMS keys for envelope-key wrapping under a separate agreement.

Operational telemetry

We collect server-side request logs (URL path, HTTP method, response code, latency, request ID) and a small set of Prometheus metrics labeled with HMAC-hashed organization identifiers (cardinality-safe). Logs are retained for 30 days; metrics for 13 months.

Analytics

The marketing pages of cratersync.fm use Google Analytics 4 to understand which pages visitors find useful. Where analytics consent is required (EEA, UK, Switzerland), the analytics scripts are blocked from loading until you accept on the consent banner. Outside those jurisdictions you can withdraw consent at any time via the “Cookie preferences” link in the footer.

When enabled, GA4 collects page paths, referrer, approximate (country-level) geography derived from your IP, device class, browser, and a randomly-generated visitor identifier stored in a first-party cookie. GA4 does not have access to your recordings, transcripts, account email, or organization data, and we have disabled Google Signals (cross-device + demographic enrichment) and ad personalization on the GA property. The signed-in application surfaces (/dashboard, /sessions/*) load no third-party analytics. You can also opt out via Google's Analytics opt-out browser add-on.

Cookies

CraterSync uses two categories of cookies:

  • Essential — required for authentication, session continuity, and CSRF protection. These cannot be disabled because the Service won't function without them.
  • Analytics — set only after you accept on the consent banner. Includes Google Analytics' _ga and _ga_* cookies (12-month expiry).

We do not set any advertising, retargeting, or session-replay cookies.

Billing

Paid subscriptions are processed by Stripe. We receive subscription state (plan, seat count, renewal date) and never receive your full payment card number. Stripe's privacy practices are described at stripe.com/privacy.

2. How we use your information

  • To provide and operate the Service (recording, transcoding, storage, transcription).
  • To authenticate you, enforce row-level tenant isolation, and audit administrative actions.
  • To process payments and manage your subscription.
  • To send transactional email (verification, sign-in codes, invitations, billing receipts, security notices).
  • To diagnose errors, monitor performance, and improve reliability.
  • To respond to your support requests and legal process.

We do not use your recordings, transcripts, or metadata to train artificial intelligence models, and we do not sell, rent, or share Customer Content with advertisers, data brokers, or third-party AI providers.

3. Sub-processors

We use a small set of vendors to operate the hosted Service. Each is bound by a written data processing agreement where applicable.

  • Bare-metal hosting provider (Canada and France) — dedicated servers hosting compute, database, and object storage. The specific provider is disclosed on written request to privacy@cratersync.fm for legitimate purposes (e.g., DPA review by an EU controller). We intentionally don't name the vendor publicly to reduce the surface for targeted infrastructure attacks.
  • Stripe (US) — billing and subscription management for paid plans.
  • Google LLC (US) — Google Analytics 4 web-traffic measurement on the marketing pages, only when you have given consent.

Transactional email (verification, sign-in codes, invitations, billing receipts) is sent from our own SMTP infrastructure on the dedicated servers described above — no third-party email vendor is involved. Material changes to this list are announced to organization owners by email at least 30 days in advance.

4. Sharing and disclosure

We disclose information only in the following limited cases:

  • To the sub-processors listed above, as necessary to deliver the Service.
  • To other members of your organization, as required to operate it (member lists, audit logs, and recordings are visible to org admins).
  • To respond to a valid subpoena, court order, or other legal process -- and only after attempting, where lawful, to give you advance notice.
  • To investigate suspected violations of our Terms or to protect the rights, property, or safety of CraterSync, our users, or the public.
  • In connection with a merger, acquisition, or asset sale, in which case we will require the acquirer to honor this Policy.

5. Your choices and rights

You can update your account information at any time from your profile settings. Organization owners can configure retention policies, export all organization data as an encrypted tarball, and schedule the organization for deletion (which triggers a seven-day grace period followed by cryptographic erasure).

Depending on where you live, you may have rights to access, correct, delete, or port your personal data, or to object to or restrict certain processing (for example, under the EU GDPR, UK GDPR, or California CCPA/CPRA). To exercise these rights, email privacy@cratersync.fm. We will verify your identity and respond within the timeframe required by applicable law.

Cookie preferences. You can change your analytics-cookie choice at any time from the “Cookie preferences” link in the page footer. Withdrawing consent prevents new analytics cookies from being set; cookies already on your device will expire on their normal schedule (or you can clear them manually from your browser settings).

6. Retention and deletion

Recordings are retained according to the retention policy set by your organization (default: indefinite, until deleted). When a recording is deleted, its per-session key is cryptographically erased and the underlying ciphertext becomes unrecoverable.

Account information is retained while your account is active and for a short window after deletion (typically 30 days) to allow recovery from accidental deletion. After that window, account records are purged. Audit log entries that reference a deleted organization are tombstoned (organization identifier nulled) and retained for up to 12 months for compliance purposes.

7. Security

We encrypt Customer Content at rest with per-session AES-256-GCM keys, encrypt all data in transit with TLS 1.2+, isolate tenant data with Postgres row-level security (RLS) policies, and use argon2id for the few credential hashes we still hold. We rotate keys and credentials on demand for incident response; scheduled rotation is on the roadmap. Detailed security questions and third-party audit responses are handled at security@cratersync.fm.

8. Children

The Service is not directed to children under 13 (or under 16 in the European Economic Area). We do not knowingly collect information from children. If you believe a child has provided us with information, please contact privacy@cratersync.fmand we will delete it.

9. International data transfers

Recordings and account data are stored on dedicated servers in Canada and France. Operational tooling, billing, and analytics partners may transfer data to the United States. Where required for transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses with the receiving party.

10. Changes to this Policy

We may update this Policy from time to time. Material changes will be announced to organization owners by email at least 30 days before they take effect. The effective date at the top of this Policy reflects the most recent revision.

11. Contact

Privacy questions, data subject requests, and security reports should be directed to privacy@cratersync.fm.

TermsPrivacyAccessibilityDMCA*legal@cratersync.fm