HomeManifestoBlogsCareersRequest an invite
← Back to Virre

Privacy Policy

Last updated: April 10, 2026

1. Introduction

Virre ("we", "our", or "us") operates the Virre.ai platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, store, and safeguard your information when you use our website, application, and services, including when you connect third-party platforms such as Zoom, Google, or LinkedIn. We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

We collect only the information necessary to provide and improve the Service:

  • Account Information: Name, email address, profile photo, and authentication identifiers when you create an account or sign in via Google or LinkedIn OAuth.
  • Third-Party Integration Tokens: When you connect a third-party service (Zoom, Google, LinkedIn), we store the OAuth access token, refresh token, token expiry, and granted scopes required to act on your behalf. We never see or store passwords for these services.
  • Zoom Account Data: When you connect Zoom, we access and store your Zoom user ID, Zoom account ID, display name, email address associated with Zoom, and the OAuth scopes you have approved.
  • Zoom Meeting Data: Meeting IDs, topics, start times, durations, time zones, join URLs, host information, and participant metadata for meetings you create, view, update, or delete through the Service.
  • Meeting Content Created in Virre: Meeting titles, descriptions, agendas, scheduled dates, attendee lists, and notes that you create or edit inside Virre.
  • Usage and Diagnostic Data: Logs of interactions with the Service (pages visited, features used, API requests, error traces) used solely for security, debugging, and product improvement. We do not use this data for advertising.
  • Cookies: Strictly-necessary session cookies used for authentication. We do not use third-party advertising or tracking cookies.

3. Zoom OAuth Scopes and What We Access

When you connect Zoom, Virre requests only the minimum OAuth scopes required to schedule and manage meetings on your behalf:

  • meeting:read:meeting,read meetings created by Virre on your account so we can display their status.
  • meeting:write:meeting,create new Zoom meetings when you schedule a virtual meeting in Virre.
  • meeting:update:meeting,update an existing Zoom meeting when you change a meeting's date, time, title, or description in Virre.
  • meeting:delete:meeting,delete the Zoom meeting from your Zoom account when you cancel or delete a meeting in Virre.
  • user:read:user,read your basic Zoom user profile (user ID, account ID, name, email) to associate Zoom data with your Virre account.

Virre never accesses meeting recordings, chat transcripts, webinar data, contacts, or any Zoom data outside these scopes. We do not access meetings that were not created through Virre.

4. How We Use Your Information

  • To provide, maintain, secure, and improve the Service.
  • To create, read, update, and delete meetings on your behalf through connected third-party services such as Zoom.
  • To send transactional notifications related to your account, meetings, and connected integrations.
  • To respond to support requests and provide customer support.
  • To detect, investigate, and prevent fraud, abuse, security incidents, and violations of our Terms of Service.
  • To comply with legal and regulatory obligations.

We do not sell, rent, or trade your personal information. We do not use Zoom data or any user data to train machine-learning models that are shared across customers.

5. Data Storage, Encryption, and Security

We apply industry-standard administrative, physical, and technical safeguards designed to protect your data:

  • Encryption in transit: All connections to the Service and to third-party APIs (including Zoom) use TLS 1.2 or higher with strong cipher suites. HTTP traffic is automatically redirected to HTTPS.
  • Encryption at rest: Data is stored in encrypted databases. OAuth access tokens, refresh tokens, and other secrets are encrypted at rest using AES-256.
  • Access controls: Production data is accessible only to a limited number of authorized personnel under the principle of least privilege, with multi-factor authentication required for all administrative access.
  • Secure development: We follow a Secure Software Development Life Cycle (SSDLC) that includes peer code review, dependency scanning, static application security testing (SAST), and dynamic application security testing (DAST) before releases.
  • Vulnerability management: We monitor dependencies for known vulnerabilities and patch issues according to severity, with critical issues addressed promptly.
  • Logging and monitoring: Application and infrastructure logs are monitored for anomalous activity and potential security events.

No method of transmission or storage is 100% secure. While we strive to protect your information using commercially reasonable means, we cannot guarantee absolute security.

6. Sub-processors

We rely on a small number of vetted sub-processors to operate the Service. Each sub-processor is contractually bound to protect your data and process it only on our instructions:

  • Vercel,application hosting and edge delivery.
  • MongoDB Atlas,encrypted database hosting.
  • Cloud email provider,transactional email delivery (account, meeting, and support notifications).
  • OAuth providers,Google, LinkedIn, and Zoom for authentication and authorized API access.

7. Data Sharing and Disclosure

We do not sell your personal information. We share information only in the following limited circumstances:

  • With your consent or at your direction.
  • With the sub-processors listed above, strictly to operate the Service on our behalf.
  • With third-party platforms you connect (e.g., Zoom), to perform actions you initiate.
  • To comply with applicable laws, lawful requests, court orders, or to protect our legal rights.
  • In connection with a merger, acquisition, or sale of assets, where the receiving party will be bound to honor this Privacy Policy.

8. Data Retention

  • Account data is retained for as long as your account is active.
  • Zoom OAuth tokens are retained only while your Zoom integration is connected. When you disconnect Zoom (in Virre or in the Zoom App Marketplace), the tokens are permanently deleted from our database immediately.
  • Zoom meeting metadata created through Virre is retained while the meeting exists in your Virre dashboard and is deleted when you delete the meeting.
  • Diagnostic logs are retained for up to 30 days and then automatically purged.
  • When you delete your account, all personal data, integration tokens, and meeting data associated with your account are permanently deleted within 30 days, except where retention is required by law.

9. Your Rights

Depending on your location, you may have the following rights under the GDPR, CCPA, or other applicable laws:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data (the "right to be forgotten").
  • Request a portable copy of your data.
  • Object to or restrict certain processing.
  • Withdraw consent at any time, where processing is based on consent.
  • Disconnect any third-party integration at any time, which immediately revokes our access and deletes the corresponding tokens.
  • Lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at support@virre.ai. We will respond within 30 days.

10. International Data Transfers

Virre is operated from and stores data with sub-processors that may be located in the United States, the European Union, or other jurisdictions. Where data is transferred outside your region, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent mechanisms.

11. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will delete it promptly.

12. Security Incident Notification

In the event of a confirmed personal data breach affecting your information, we will notify affected users and applicable regulators in accordance with applicable law, including within 72 hours where required by the GDPR.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Last updated" date at the top of this page and, where appropriate, by notifying you through the Service or by email.

14. Zoom Disclaimer

Virre is an independent application that integrates with the Zoom Meetings platform via the Zoom API. Virre is not affiliated with, endorsed by, or sponsored by Zoom Communications, Inc. Your use of Zoom remains subject to the Zoom Privacy Statement and the Zoom Terms of Service.

15. Contact Us

If you have any questions or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: support@virre.ai

Website: www.virre.ai