Privacy Policy

Gistly.ai (“Gistly”, “we”, “us”) provides software that helps organizations capture, analyze, and manage customer and meeting interactions (including recordings, transcripts, summaries, quality checks, and related insights). This Privacy Policy explains how we collect, use, disclose, retain, and protect Personal Data when you visit our website, create an account, or use our services.

1) Scope

This policy applies to Personal Data processed by Gistly worldwide, including data of website visitors, customers, prospects, and end users whose interactions are processed through our services. It covers our websites, applications, integrations, and related business operations.

2) Definitions

Personal Data / Personal Information means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an individual. Sensitive Personal Data includes categories such as financial, health, biometric identifiers, government ID, precise geolocation, and children’s data (as defined by applicable law).

3) Information We Collect

A) Information you provide

  • Account and contact information: name, email address, phone number, company, role.
  • Authentication and profile information: login credentials or SSO identifiers (where applicable).
  • Support and communications: messages, emails, meeting notes, attachments you send to us.
  • Billing information (if applicable): invoicing details and transaction metadata (payment processing may be handled by providers).

B) Information collected through use of the Service

Depending on product configuration and integrations enabled by your organization:

  • Interaction content: call/meeting recordings, transcripts, chat content, notes, and other content uploaded or ingested into the platform.
  • Interaction metadata: date/time, participants, duration, identifiers from integrated systems, and related context.
  • Derived data: summaries, tags, quality/compliance results, scores, analytics, and insights generated from interaction content and metadata.
  • Usage data: logs and telemetry about feature usage, device/browser details, IP address, session identifiers, and diagnostics.

C) Information collected automatically on the website

  • Cookies and similar technologies: identifiers, preference settings, and analytics signals (see Section 9).

4) How We Use Personal Data

We use Personal Data to:

  • Provide, operate, and maintain the website and Service.
  • Process interaction content to generate transcripts, summaries, audits, analytics, reports, and other outputs requested by customers.
  • Manage accounts, authentication, access controls, and user administration.
  • Provide customer support, respond to inquiries, and troubleshoot issues.
  • Secure the Service, prevent fraud/abuse, and monitor for suspicious activity.
  • Comply with legal obligations and enforce our contracts.
  • Send service communications (e.g., security notices, changes to features).
  • Send marketing communications where permitted (see Section 8).

5) Legal Bases for Processing

Where required (including under GDPR and similar regimes), Gistly relies on one or more of the following legal bases:

  • Contract: processing necessary to provide the Service.
  • Legitimate interests: operating, securing, and improving the Service, with appropriate safeguards.
  • Consent: for specific processing such as marketing communications where opt-in is required.
  • Legal obligation: compliance, record-keeping, and lawful requests.

If Sensitive Personal Data is processed, we handle it under additional safeguards and, where required, explicit consent or other lawful grounds under applicable law.

6) Sharing and Disclosure

We do not sell your Personal Data. We disclose Personal Data only as follows:

A) Service providers (sub-processors)

We may share Personal Data with vetted vendors that help us run the Service (e.g., cloud hosting, storage, analytics, customer support tools, email delivery, security monitoring). These providers are bound by contractual confidentiality and data protection obligations. We maintain governance around supplier due diligence and data processing terms.

B) Customer-controlled sharing

If your organization configures integrations or enables sharing/export features, data may be transferred to third-party systems selected by the customer (e.g., CRMs, dialers, ticketing tools, storage providers).

C) Legal and safety

We may disclose Personal Data if required by law, regulation, legal process, or enforceable governmental request, or to protect rights, safety, and security of Gistly, our customers, users, or the public.

D) Business transfers

If Gistly is involved in a merger, acquisition, financing, reorganization, or sale of assets, Personal Data may be transferred as part of that transaction, subject to appropriate protections.

7) AI / Model Processing

Gistly may use AI components (including third-party AI service providers) to generate product outputs such as transcripts, summaries, quality checks, compliance flags, and analytics.

  • Provider restrictions: Where third-party AI providers are used, we use configurations and contractual terms intended to restrict use of customer content for provider training and to protect confidentiality.
  • Customer controls: Processing is performed according to customer configuration, templates, and access permissions.

8) Marketing Communications

If you opt in to receive marketing communications, you may unsubscribe at any time using the link in our emails or by contacting us at notes@gistly.ai. We may maintain records of marketing preferences and opt-outs.

9) Cookies and Tracking

We use cookies and similar technologies for:

  • Strictly necessary functions: login sessions, security, and site functionality.
  • Analytics: understanding website performance and usage trends.

You can control cookies through your browser settings. If we deploy a cookie banner or preference center, you can manage preferences there as well.

10) International Data Transfers

Gistly operates globally. Personal Data may be processed in countries other than your own. Where required by law, we use appropriate safeguards for cross-border transfers (such as contractual protections and security measures).

11) Data Retention

We retain Personal Data only for as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law. Retention may vary by customer configuration and the type of data. Examples of retention defaults used internally include:

  • Client data: default retention period with customer-configurable options.
  • Marketing leads: retained for a limited period after last activity.

We dispose of data using secure deletion methods consistent with our security practices.

12) Security

We implement technical and organizational measures designed to protect Personal Data, including access controls, encryption in transit and at rest, logging/monitoring, and other safeguards appropriate to the nature of the data and processing.
No method of transmission or storage is completely secure; therefore, we cannot guarantee absolute security.

13) Your Rights and Choices

Depending on your location, you may have rights that include:

  • Access to your Personal Data
  • Correction of inaccurate data
  • Deletion/erasure
  • Objection or restriction of certain processing
  • Data portability (where applicable)
  • Opt-out of certain marketing communications
  • Rights related to “sale” or “sharing” under certain laws (we do not sell Personal Data)

We operate a process for handling rights requests, including identity verification and logging, and we respond within applicable legal timelines.

To exercise your rights, contact notes@gistly.ai.

14) Data Breach Response

We maintain an incident response process. If a personal data breach occurs, we will take reasonable steps to assess, mitigate, and notify as required by applicable law. Privacy incidents can be reported to notes@gistly.ai.

15) Children’s Privacy

The website and Service are not directed to children, and we do not knowingly collect Personal Data from children where prohibited by law.

16) Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page with a revised “Last updated” date. Material changes may be communicated through the Service or by email where appropriate.

17) Contact

For privacy questions, requests, or complaints:

Logo
Gistly
Subscribe to newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Pages
HomeAboutBlog
Use cases
SalesSupportCollections
Features
Conversation IntelligenceKnowledge BasesAI agents