AI AGENT
AI NOTES
Tripleblue Privacy Policy
Privacy Policy
At Tripleblue, we value the trust you place in us with your data, including audio and video files, documents, emails, or other information. We take the protection of your privacy very seriously and want to reassure you that we do everything possible to safeguard your data. This privacy policy explains how we handle your data, what rights you have, and how to contact us with questions.Β
Please read this privacy policy carefully before using:
the website www.triple.blue or app.triple.blue or agent.triple.blue (collectively, the βApplicationβ). Your visit to and/or use of the website implies your agreement with this privacy policy;
the Tripleblue mobile application for Android or iOS (the βMobile Applicationβ). Your use of the application implies your agreement with this privacy policy;
the Tripleblue digital assistant that records audio during an online meeting (the βDigital Assistantβ). Your use of this implies your agreement with this privacy policy;
any integration with external software connected to the Tripleblue platform via an API (βExternal Softwareβ);Β
the product βTripleblue AI Agents,β available via agent.triple.blue.
The foregoing are collectively referred to as the βTripleblue Platform.β In this document, you, when using Tripleblueβs services, are referred to as the βClient.β The Client enters into a contract with Tripleblue B.V.
This privacy policy explains what we do with such information. This policy applies to all data collected via the Tripleblue Platform.Β
We reserve the right to change this privacy policy if (technical) circumstances make this necessary. In such cases, we will update our data protection information accordingly. We therefore recommend that you review this privacy policy regularly so that you are aware of any changes.
If you have any questions or want to know what information we have about you, please contact us at privacy@triple.blue
Table of contents
When does this privacy policy apply?
Who uses your data?
Whose data do we use?
How do we get your data?
What data about you do we use?
What do we use your data for?
Roles, data categories, purposes and legal bases under the GDPR
How long do we keep your data?
With whom do we share your data?
Where do we store your data?
How secure is your data with us?
What can you ask of us?
What rules apply to this privacy policy?
What cookies do we use?
What do we do with data from minors?
Do you have a question about this privacy policy?
1. When does this privacy policy apply?
This privacy policy applies to all personal data we process and to all domains related to us. This includes the personal data of anyone who has had contact with us or used our Application, Mobile Application, Digital Assistant, or Tripleblue AI Agentsβsuch as visitors, customers, and business contacts. Personal data means any data traceable to you as an individual, such as your name, telephone number, IP address, customer number, or browsing behavior.Β
This also includes personal data to which we gain access when you use our services, including uploaded audio/video files, documents, and data shared via Tripleblue AI Agents (such as chats about your documents and emails you ask us to draft). We use uploaded audio, uploaded documents, and user-edited minutes to improve our models and user experience.
2. Who uses my data?
Tripleblue is the controller responsible for the use of your personal data as described in this privacy policy. Our details are:
Tripleblue B.V.
De Corridor 14 j, 3621ZB Breukelen
Do you have questions about the processing of your personal data? If so, please feel free to contact us at privacy@triple.blue.
3. Whose data do we use?
We process the personal data of anyone who has contacted us or visited our website. These include visitors, private customers, business customers and contacts of our partners.
We also process personal data contained in audio, video, and other files (such as PDF documents or email messages) that you upload to our Application, Mobile Application, Tripleblue AI Agents, or otherwise provideβfor example, via the Digital Assistant or via External Software.
Should you use:
the Digital Assistant to make an audio recording, then we will use the audio (and any visual data) from the online meeting in Teams, Google Meets, Zoom or similar software to perform the service.
an integration/connection with External software, then in order to perform the service we will read the relevant meeting information (and/or other data) from this software.
Tripleblue AI Agents to chat with your documents or have emails answered, then we process the texts and associated information you enter through this service, as well as any generated content.
We further collect and process personal data of meeting participants whose information is recorded by the customer or uploaded to the Tripleblue Platform. This includes audio recordings, names, and other identifiable information captured during meetings or contained in documents shared via the platform. It is the customerβs responsibility to ensure that all meeting participants have provided valid consent before their personal data is recorded or uploaded to the Tripleblue Platform.
4. How do we get your data?
We get the data directly from you as soon as you:
visit our website;
create an account;
enter data or upload documents on our website;
Invite the Digital Assistant to an online meeting;
Interface with External Software Vendors;
Tripleblue AI Agents used (for example, when uploading files or giving you access to your emails).
5. What data do we use from you?
If you use the Application or Tripleblue AI Agents for informational purposes only (e.g., you only visit the website and do not create an account), we collect only the personal data your browser transmits to our server (such as your IP address and browser type).
To keep our website up to date and functional, we collect various information about you and your usage. When you sign up on the Tripleblue Platform or Tripleblue AI Agents, we collect necessary information such as your name, email address, and contact details to log you in and enable customer use of the site. If you contact our customer service via email or chat, we may retain the text of those conversations. We may also record customer service phone calls for training purposes.
We also collect information about the use of our website, Application, Mobile Application, and other digital media of the Tripleblue Platform. When you visit the Tripleblue Platform, use our Mobile App, or receive our newsletter, we may in certain cases record your IP address, geolocation (based on your IP address), browser type, device data, the referring website, usage patterns, and interaction events (such as page views and favorites). We may automatically receive a notification when you open a newsletter or click a link in it.Β
When creating an account and/or signing a contract and/or agreement with Tripleblue B.V., we collect personal data to the extent permitted by applicable law, such as: personal details (your name, gender, date of birth, phone number, address and place of residence), financial information (including payment data), professional information such as your job title and work experience, data via Tripleblue AI Agents (this may include text from documents you upload, email content, questions you ask and the answers generated), and information containing personal data in documents and files you record or upload via the Tripleblue Platform (e.g., audio and PDF documents). Finally, we receive personal data if you use the Digital Assistant via our platform (e.g., audio recording of the online meeting and names of participants) and personal data retrieved if you decide to integrate/connect with External Software for minutes production (e.g., information about the meeting, names of participants).
6. What do we use your data for?
We use your personal dataβand any personal data you upload or generateβonly for purposes for which we may lawfully use it:
you have given consent for us to use your personal data when signing the service agreement, an annual contract, and/or when creating an account on app.triple.blue and agent.triple.blue;
we use your personal data to provide services and to prepare and perform agreements.
When uploading files containing personal data of individuals other than yourself, those individuals must have given consentβfor example, for recording meeting audio to produce minutes.Β
In short, we use your personal data for the following:Β
1. Provision of services: Tripleblue B.V. processes your personal data to generate and produce results (e.g., minutes) and to make these results available via the Tripleblue Platform for final quality control.
2. Account management: When creating an account on the Tripleblue Platform, we request personal data, such as your email address and first/last name, to log you in and personalize our services.
3. Newsletters: Tripleblue B.V. may send you newsletters if you have created an account or subscribed. These may include company news, offers, and personalized content. You can unsubscribe via a link in the newsletter or by emailing us.
4. Personalized marketing: We use automated tools to analyze your dataβsuch as browsing behavior and purchasesβto tailor our marketing to your interests and preferences.
5. Research and improvement: To improve our products, services, and communications, we regularly conduct research, such as surveys and interviews. This may be in cooperation with external partners and with input from our customers.
6. Improve app experience: Tripleblue B.V. may request your permission via the app to use your data so we can provide relevant suggestions and information while you use our services.
7. Fraud prevention: To prevent fraud, we process your email address and payment details in cooperation with our payment service providers.Β
8. Laws and regulations: Tripleblue B.V. must comply with various national and international laws, including storing certain data related to the use of our services.
9. Customer Service: Tripleblue B.V. may use your personal data to provide better customer service.
7. Roles, data categories, purposes and legal bases under the GDPR
To ensure transparency and compliance with the General Data Protection Regulation (GDPR), this section describes Tripleblue B.V.βs specific data processing activities, the roles performed (controller or processor), the categories of personal data involved, the purposes of processing, and the applicable legal bases.
Roles and responsibilities:
Tripleblue B.V. may act as a data controller or as a data processor, depending on the nature of the processing activity:
Controller: Tripleblue determines the purposes and means for processing personal data collected directly from users (e.g., creating accounts, marketing, customer service) and the use of uploaded files to improve the service.
Processor: Tripleblue processes personal data on behalf of customers when handling uploaded content (e.g., audio recordings, documents, emails) for transcription, summarization, or AI agent services. In such cases, the customer is the controller.
Overview of processing activities
Account creation and management
Role: Controller
Data categories: Name, e-mail address, password, contact information
Purpose: To create and manage user accounts.
Necessary for the performance of a contract, Art. 6(1)(b) GDPR
Use of Digital Assistant (e.g., meeting recordings)
Role: Processor
Data categories: Audio/video content, names of participants
Purpose: Generate minutes and summaries
Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)
Using the Tripleblue Mobile App
Role: Processor
Data categories: Audio recordings and document uploads
Purpose: Generate minutes and summaries
Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)
Using the Tripleblue Webapp
Role: Processor
Data categories: Upload of audio recordings and documents
Purpose: Generate minutes and summaries
Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)
Usage of Tripleblue AI Agents
Role: Processor
Data categories: Uploaded documents, email content, chat input and output
Purpose: Provide AI-based document email support
Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)
Customer support (email/chat/phone)
Role: Controller
Data categories: Communication content, contact information
Purpose: Answer questions and improve service quality
Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR
Marketing Communications
Role: Controller
Data categories: E-mail address, usage data
Purpose: Sending newsletters and personalized offers
Legal Basis: Consent
Website and app analysis
Role: Controller
Data categories: IP address, browser type, device data, usage patterns
Purpose: Improve platform functionality and user experience
Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR
Improve / train system
Role: Controller
Data categories: Transcripts, participant names, uploaded documents, email content, chat input
Purpose: Improve the service and software
Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR
Fraud Prevention
Role: Controller
Data categories: Email address, payment information
Purpose: To detect and prevent fraudulent activity.
Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR
Legal compliance
Role: Controller
Data categories: Transaction data, account data
Purpose: Compliance with tax and legal obligations.
Legal basis: Processing necessary for compliance with legal obligations, Art. 6 (1) sub c GDPR
8. How long do we keep your data?
We retain your personal data as long as there is an active company account on the Tripleblue Platform and for as long as necessary for the purpose for which we use your data within our services.
Audio files processed in our systems, once the task is completed, are kept for 30 days after which they are automatically deleted.
This does not apply to data such as audio or agenda information that has been uploaded but has not yet been submitted as a note-taking task to be worked on and therefore has not yet entered our processing pipeline; these are not automatically deleted after 30 days. It is the client's responsibility to ensure that these tasks are created for processing or deleted as drafts to thereby delete the underlying data as well.Β
Agenda files, the results of minutes and other information we keep on our platform until it is decided by the Client to delete the task and/or close the company account.Β
For Tripleblue AI Agents, the chat conversations and (uploaded) documents are kept until they are deleted by the customer, and can be used to deliver the functionalities and improve the functionalities and user experience. If you want to delete the data, you can submit a request at privacy@triple.blue.
After the above retention period, we keep your data anonymized only for statistical purposes and to handle any complaints or legal matters. If you would like to know more about how long we keep specific data about you, please contact us at privacy@triple.blue.Β
9. With whom do we share your data?
In order to provide our services properly, Tripleblue B.V. shares data with Tripleblue GmbH. Tripleblue GmbH is the parent company of Tripleblue B.V. and responsible for the development of the Tripleblue platform. A processor agreement has also been drawn up between Tripleblue GmbH and Tripleblue B.V. that establishes the terms of this data sharing. Tripleblue GmbH is based in Switzerland (MΓΌllheimerstrasse 55, 4057, Basel).Β
All data uploaded or collected through our platform is processed and (temporarily) stored within the European Economic Area (EEA), unless otherwise stated in this privacy policy. In some cases we use third parties to process the data. The personal data in these files is therefore sent to these parties and received back by us.Β
Results optimized by our human quality controllers are accessible only to the quality controllers working on the note-taking task, not to other individuals, third parties or companies. A strict "principle of least privilege" is applied, meaning that quality controllers can see your files only when they absolutely need to and only for the time absolutely necessary to perform the task.
10. Where do we store your data?
We process and store your data only within the European Economic Area (EEA). We ensure that all your data remains secure within the EEA.
If you have any questions about this, please feel free to contact us at privacy@triple.blue.Β Β
11. How secure is your data with us?
We have taken extensive organizational and technical measures to secure your data as effectively as possible. We have secured our systems and various communication channels to ensure your data does not fall into the wrong hands. Your data is safe with us. We also ensure your data is only used by people we have authorized.
12. What can you ask of us?
Because we use personal data about you, you have several rights. We list these rights for you below. Depending on Tripleblue's role in the processing activity, data subjects can exercise their rights as follows.
When we act as a data controller: Right to information. We need to explain to you in a comprehensible and clear way what we do with your data and what control you have over it. Therefore, in this privacy policy we explain in detail what data we collect from you and how we handle your data.
Right of access. You may always ask us to see the data we have on you.
Right to correction. You may ask us to correct your data if it is inaccurate or incomplete.
Right to object. You may object to the processing of your data if you disagree with the way we handle your personal data. This right applies to the data we use for direct marketing. For example, you can indicate to us that you no longer wish to receive mail from us. This also applies to personalized recommendations on our website.
Right to data portability. If you are a customer of ours or have given us permission to use your data, you may ask us to send you the digital data we have on you. This allows you to transfer that data to another organization if you wish.
Right to restriction. You may ask us to limit the use of your data. This means that in certain cases we may keep your data only but not use it.
Right to be forgotten. You may ask us to delete any data we hold about you. We will then delete all data that can be traced back to you. In some cases we cannot or may not yet delete your data. For example, we have to keep some data for 7 years for the tax authorities.
Right to file a complaint. You may file a complaint about the way we handle your data. If you have a complaint, we will be happy to resolve it for you. Please contact our privacy officer. You may also file your complaint with the Dutch Data Protection Authority. Of course we hope it will not come to that, but in extreme cases you may also go to court. In that case the court in the domicile of Tripleblue B.V. will handle your complaint.
Right to be informed about automated decision making. Should Tripleblue B.V. make an automated decision that could have legal consequences for you, you may have the right to speak with a Tripleblue B.V. representative to request a reconsideration of that decision. If so, you may no longer be able to use certain automated services.
When we act as a data processor, data subjects should contact the relevant data controller (for example, the client organization). Tripleblue will assist the data controller in fulfilling such requests as required under applicable data protection laws.
How do I submit a request or complaint? Send your request or complaint to our privacy officer at privacy@triple.blue. We will process your request or complaint within 30 days. If it involves multiple requests or complaints or if your request or complaint is complex, this may take longer. In that case, we will contact you no later than 30 days to notify you of any extensions due to the complexity or number of requests. We may ask you to identify yourself. In that case, we will request information from you to ensure that you are the correct person whose personal data is
13. What rules apply to this privacy policy?
Our privacy policy must meet various requirements. These requirements are set out in the General Data Protection Regulation (GDPR). In addition, the general rules under Dutch law apply to our privacy policy.
14. What cookies do we use?
You can choose which of your data we can use. If you have given us permission to personalize your profile based on your browsing and search behavior, we can tailor our website to make it easier and more personal for you to use. We do this with the help of cookies. A cookie is a small text file that is placed on your hardware when you visit our website.
We use the following types of cookies on our website:
functional cookies, such as session and login cookies for tracking session and login information
anonymized analytical cookies, to understand visits to our website based on information about visitor numbers, popular pages and popular topics
You can configure your browser settings as desired and, for example, refuse third-party cookies or all cookies. Please note that by disabling cookies you may not be able to use all of the features of this website.
15. What do we do with data of minors?
We do not specifically target minors with our website or as an organization. This means that if you are under 18 years old, you need permission from a parent or guardian to use our website. If you are a minor when you visit our website or webshop, we will assume that you have obtained this permission prior to your visit.
16. Do you have a question about this privacy policy?
Do you have a question about our privacy policy? Please feel free to contact us by sending an email to privacy@triple.blue. We are happy to help you.