Ctrl is a macOS productivity product for turning meetings, messages, email, calendar events, and other work context into summaries, tasks, reminders, and references. This policy applies to the Ctrl website, download flows, support communications, and product experiences that link to this page.
Who controls your information
Ctrl is responsible for the personal information described in this policy. If you have questions, privacy requests, or security concerns, contact us at hello@usectrl.ai.
Information we collect
| Category | Examples | Source |
|---|---|---|
| Account and contact information | Name, email address, company, support messages, download requests, and team inquiries. | You provide it directly. |
| Product content | Meeting audio or transcripts, summaries, tasks, reminders, messages, emails, calendar metadata, and connected-workspace context that you choose to capture or connect. | You provide it, capture it, or connect a third-party account. |
| Integration information | OAuth authorization data, workspace identifiers, channel or calendar metadata, and provider account details needed to connect services such as Google, Microsoft, Slack, email, or calendar tools. | You or the connected provider provide it. |
| Website and device information | IP address, browser, device type, referring page, pages viewed, events, cookie identifiers, and approximate location inferred from network data. | Collected automatically through the website and analytics tools. |
| Payment and billing information | Plan, invoice, billing contact, and payment status. Payment card details are handled by payment providers, not stored directly by Ctrl. | You and payment providers provide it. |
How we use information
- Provide, maintain, debug, and improve the website and product.
- Send download links, account messages, product updates, and support replies.
- Create summaries, tasks, reminders, references, and other requested product outputs.
- Connect and sync with integrations that you authorize.
- Measure website and product performance, conversion, and reliability.
- Protect the service, prevent abuse, and enforce legal terms.
- Comply with legal, tax, accounting, security, and regulatory obligations.
AI and model processing
Ctrl uses AI systems to convert user-selected work context into useful outputs. Depending on the feature, product content may be processed by Ctrl systems and by model providers that help generate summaries, tasks, classifications, or other requested outputs. Where supported by the product flow, Ctrl tokenizes or redacts identifiable data before LLM processing. You should not use Ctrl to process regulated health records, payment card data, government identifiers, or other highly sensitive records unless a separate written agreement says that use is supported.
Legal bases for EEA and UK users
| Purpose | Typical legal basis |
|---|---|
| Providing the product, account, downloads, and support | Contract performance or steps requested before entering a contract. |
| Security, fraud prevention, debugging, service improvement, and basic analytics | Legitimate interests, balanced against user rights. |
| Optional marketing emails and non-essential cookies where required | Consent. |
| Tax, accounting, compliance, and legal requests | Legal obligation or legitimate interests. |
Service providers and subprocessors
Ctrl uses service providers to host the site, deliver email, measure analytics, manage consent, process support requests, process payments, connect integrations, and provide AI functionality. Current production and website providers may include Vercel, Resend, Google Analytics, Google Tag Manager, PostHog EU, GetTerms, payment providers, integration providers selected by the user, and model providers used for AI features.
Cookies and analytics
The website uses cookies and similar technologies for security, consent, analytics, and product measurement. Google Analytics and Google Tag Manager are used on the website. PostHog may be used for product or website events when configured. GetTerms provides the cookie consent widget. More detail is available in the Cookie Policy.
Sharing information
We do not sell personal information for money. We share information with service providers that process it for the purposes described in this policy, with third-party integrations that you authorize, with payment and billing providers, and when required to comply with law, protect rights, prevent abuse, or complete a business transaction such as a merger, acquisition, financing, or sale of assets.
Retention
We keep personal information only as long as needed for the purposes described in this policy, including providing the product, meeting legal obligations, resolving disputes, maintaining security, and supporting legitimate business records. Product content is generally retained while an account is active or until it is deleted through available product controls or by request, subject to backups, legal obligations, and abuse prevention needs.
Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. You can also unsubscribe from marketing messages. To make a request, email hello@usectrl.ai. We may need to verify your request before acting on it.
California notice
If California privacy law applies to your interaction with Ctrl, the categories of personal information we collect are described above. We use those categories for the business and commercial purposes in this policy and disclose them to the categories of service providers and integrations listed here. We do not knowingly sell or share personal information for cross-context behavioral advertising.
Meeting consent and third-party content
Users are responsible for giving legally required notices and obtaining legally required consents before recording, transcribing, uploading, or connecting meeting, email, message, or third-party content to Ctrl. Do not capture content that you do not have the right to process.
Security
Ctrl uses technical and organizational safeguards designed to protect personal information, including encrypted transport, hosted infrastructure controls, access limits, and vendor review. No internet service can guarantee absolute security. More detail is available on the Security page.
Children
Ctrl is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
Changes
We may update this policy as the product, providers, or legal requirements change. If a change is material, we will take reasonable steps to notify users through the website, product, or email.