mentr privacy policy

mentr privacy policy

mentr privacy policy

Updated: 27.09.2024

Updated: 27.09.2024

Updated: 27.09.2024

Introduction

Mentr (mentr.ai) is a service developed by Nora Software AS. This privacy policy will explain how we (Nora Software AS, Gaustadalléen 21, 0349 OSLO, Norway) will use the personal data we collect from you when you use our services (the “service” or “Mentr service”) and how artificial intelligence (“AI”) will support the service.

We protect your data in accordance with the Norwegian Data Protection Act, including the EU General Data Protection Regulation (GDPR).

If you have any questions about this privacy and AI policy or any other questions regarding our privacy and AI practices, please contact us at info@mentr.ai.


Which AI systems do we use and how?

We use the following AI sub suppliers :

Name

How we use it

Link to terms

Open AI

Meeting insights, advice and summaries

Anthropic

Meeting insights, advice and summaries

Deepgram

Transcription

Speechmatics

Transcription

The terms of the sub suppliers, our partners, apply to the part of the service made up by their systems. 


What data do we collect and why?

We process your personal data in order to provide the Mentr service when using our service, as described below.

When you and others use the service

Your use. When you use the Mentr service, we collect the following data:

  • Personal identification information (name and email address)

  • Voice data

  • Meeting notes, which may include personal data

  • Public information from LinkedIn and Google search, such as career data

  • Website access data (see below)

  • If you connect your Google or Microsoft account, we collect Google and Microsoft user data (see below)

If you decide to use the voice transcriber service feature, we may

  • temporarily record your voice and share it with our partner in order to transcribe it to text. This recording is deleted as soon as possible, and always within 24 hours.

  • apply machine learning algorithms to both your utterances and your meeting notes, in order to summarize them and provide other information like advice and input related to them.

The legal basis for the processing is the performance of our contract with you or to fulfill your request (GDPR art. 6 (1) b). You can delete your account, and all data we have collected about you in settings under account.

In order to provide key functionality and benefits of the service, the above described data must be retained. The retention is in the interest of all users of the service, creating a win-win for all parties. These interests are legitimate. The retention of data will to a very limited extent violate your privacy, as most data will be business related and of low personal sensitivity. Thus, our legitimate interest will override your privacy related to this use of the data.

Google and Microsoft User Data Policy Compliance
mentr.ai ensures that any information we receive from Google or Microsoft APIs is handled according to their rules. This means we follow Google’s API Services User Data Policy and Microsoft’s API Terms of Use, including their specific guidelines for limited data use.

If you grant permissions for us to access your Google or Microsoft account, we will process:

  • Profile data, including e-mail address and name

  • Events from your Google or Microsoft calendars

  • Contacts from your Google or Microsoft account

We will not share your Google or Microsoft user data with any third parties for other purposes than data storage.

We store all your user data in encrypted form, and always transmit it over encrypted connections.

The legal basis for the processing is the performance of our contract with you or to fulfill your request (GDPR art. 6 (1) b).

Our copy of your Google or Microsoft account data (name, email and profile picture) will be deleted if you delete your account (see above).


When you visit our website

When you visit our website mentr.ai, we collect the following information from your device:

  • IP address

  • date and time of the access

  • name and URL of the accessed file

  • browser type and version

  • further information sent by the browser (such as your computer’s operating system, the name of your access provider, geographical origin, etc.)

  • form information (if submitted)

We only process these data to ensure the proper operation of our website, sales and marketing purposes, for evaluating system security and stability, for analysis and administrative purposes.

Data will be deleted after 30 days.

The legal basis for the processing is the performance of our contract with you or to fulfill your request (GDPR art. 6 (1) b).

The legal basis for the marketing, sales and analysis is the legitimate interest of Nora Software (GDPR art. 6 (1) f). In order to improve the service and thus stay in business, we must analyze how you and other users operate the service, and conduct marketing and sales. These interests are legitimate. The retention of data will to a very limited extent infringe on your privacy, as most data will be business related and of low personal sensitivity. Thus, our legitimate interest will override your privacy related to this use of the data.  


When you contact us via email

If we provide email support, you may contact us via e-mail. In order to respond you your request or inquiry we process:

  • Your name

  • Your email address 

  • Other personal data you choose to share with us

The processing is necessary for the performance of a contract with you or to fulfill your request (GDPR art. 6 (1) b).

Marketing via email

We send newsletters by email so that you can receive information and offers. It is voluntary to sign up to receive newsletters, and you will only receive emails if you have given your consent (GDPR. art. 6 (1) a) or we have legitimate interest (GDPR. art. 6 (1) f). It is easy to unsubscribe from the newsletter, either by contacting us or by clicking on the unsubscribe link at the bottom of all newsletters from us.

For our newsletters to be relevant to you, we may, if you have consented to this, use information about you to adapt our newsletters to you.

When sending newsletters, we can measure the opening rate of the newsletter and create aggregated statistics and analyzes to improve our newsletters.

The legal basis for this and our processing for marketing purposes is our legitimate interest in marketing through relevant newsletters (GDPR art. 6 (1) f)). The marketing related processing is required for us to stay in business. The processing constitutes a very limited infringement of your privacy.    

We use MailChimp as our newsletter provider., which is certified under the EU US Data Privacy Framework. Read MailChimp's privacy policy.

When you delete your account or request us to, we will delete your information from our marketing database.

Error data reporting

We use error reporting tools which may include personal data for the purpose of error reporting. The data will be processed solely for the purpose of testing and resolving compatibility issues, fixing and resolving bugs or other quality issues related to the service. The legal basis for the processing is the performance of our contract with you or enabling us to reply to your request for the service (GDPR art. 6 (1) b).

Any personal data that is included in our error reporting will be deleted after 30 days.

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology (e.g. local storage).

How do we use cookies?

Nora Software uses persistent first-party cookies to keep you signed into the application. They expire after one year.

How to manage cookies

You can set your browser not to accept cookies. However, in a few cases, some of our website features may not function as a result.


The 3rd party cookies we use:

Service

Purpose

Google Analytics

Analyze website traffic, user behavior, and interactions

Google Tag Manager

Simplify the process of managing and deploying various scripts and marketing tags on a website

Simplify the process of managing and deploying various scripts and marketing tags on our website

Google Ads

Advertising, retargeting and conversion tracking

Hotjar

Understand and visualize user interactions on the website, such as clicks, scrolls and mouse movements

Delighted by Qualtrics

Collect and analyze customer feedback

Meta / Facebook

Advertising, retargeting and conversion tracking

Hubspot

Analyze website traffic, user behavior, and interactions

MailChimp

Newsletter

Encharge

Marketing automation

Where we process your data


Service providers (third-party services)

We do not process your data using third parties unless there is a legitimate and legal basis for doing so. We use third party services for a number of purposes, as listed below.

We will only process your personal data with third parties as described in this privacy policy and do not sell any personal data. The third parties will be responsible for any processing of personal data for their own purposes.

Our service providers are:

Service

Purpose

Legal basis

Privacy policy

Cloudflare

Hosting our website and the Mentr service

GDPR art. 6 (1) b

Google

Calendar and user data

GDPR art. 6 (1) b, f

Microsoft

Calendar and user data

GDPR art. 6 (1) b, f

MailChimp

Email / newsletter service

GDPR art. 6 (1) a, f

OpenAI

AI Analysis, advice and summaries

GDPR art. 6 (1) b

Anthropic

AI Analysis, advice and summaries

GDPR art. 6 (1) b

Deepgram

Transcription

GDPR art. 6 (1) b

Speechmatics

Transcription

GDPR art. 6 (1) b

Fly.io

Proxy services

GDPR art. 6 (1) b

Convert API

File conversion

GDPR art. 6 (1) b

Hotjar

Usage analysis

GDPR art. 6 (1) f

Meta (Facebook)

Advertisement and analytics

GDPR art. 6 (1) f

Hubspot

CRM system

GDPR art. 6 (1) a, b, f

Encharge

Marketing automation

GDPR art. 6 (1) f

 LinkedIn

We have an account on LinkedIn to present our products, services and Nora Software.

LinkedIn allows us to see posts, likes, follows, comments, messages, as well as aggregated statistics to help us understand the visitor’s actions on our pages. LinkedIn processes personal data in the USA and other countries listed in their privacy policy. The European Union Standard Contractual Clauses (SCC) are the legal basis for the transfer from the European Economic Area (EEA) to the USA.

As the vast majority of the processing taking place will be by Linkedin as data controller, please read more in LinkedIn’s privacy policy.

Business transactions

Relevant personal data may also be provided to third parties such as lawyers, advisers, buyers and prospects in connection with a business transaction, including a prospective or completed merger, acquisition or stock sale (including transfers made as part of insolvency or bankruptcy proceedings). Non-disclosure agreements or professional obligations of secrecy will protect your personal data.

Safety measures

We are constantly working to protect your personal information and other confidential information. Our security measures include physical, technical and administrative measures.

Everyone at Nora Software who handles personal data has received training and guidance on how to handle personal data safely. We have routines and access control to prevent the loss or disclosure of your personal information. We adopt industry standard software and guidelines to protect your personal data and other confidential information.

Any violation of our security practices will be documented. We have procedures and capacity to detect and address security and privacy breaches. If such breaches are detected, this will be reported to management, the risk of security breaches will be assessed, and the Data Inspectorate will be notified if necessary. You will also be notified as a user if the security breach poses a high privacy risk to you.

For how long we store your data

We will retain and use personal information only for as long as we have a legal basis for doing so. That could mean minutes, hours, days, months or years, depending on the type of personal data. See the various purposes under the section "What data do we collect and why?".

Your rights as a data subject

Subject to applicable law, you may have certain rights with respect to our processing of your personal data, including:

  • the right to information about how we collect and process your data.

  • the right to access to a copy of, rectify, correct and update the personal data that we have about you.

  • the right to restrict processing or have your data deleted, in certain cases.

  • the right to withdraw any consents you have given at any time, in certain cases.

Please contact us at info@mentr.ai for any of the above or if you consider that our processing of your personal data infringes applicable law.

If you believe that we process your data in violation of your rights, you have the right to complain to the Norwegian Data Inspectorate (“Datatilsynet”) or your local data protection authority. Please contact us at info@mentr.ai before sending a complaint to the relevant authority, so that we can try to resolve or clarify the issue.

Stay in touch

Subscribe for email updates

© Nora Software AS. All rights reserved.

Stay in touch

Subscribe for email updates

© Nora Software AS. All rights reserved.

Stay in touch

Subscribe for email updates

© Nora Software AS. All rights reserved.