AI AGENT

AI NOTES

Tripleblue Privacy Policy

Privacy Policy

Bij Tripleblue waarderen we het vertrouwen dat u in ons stelt met uw gegevens, waaronder audio-, videobestanden, documenten, emails of andere informatie. We nemen de bescherming van uw privacy zeer serieus en willen u geruststellen dat we alles in het werk stellen om uw gegevens te beveiligen. Deze privacyverklaring legt uit hoe we omgaan met uw gegevens, welke rechten u heeft, en hoe u contact met ons kunt opnemen bij vragen.Β 

Please read this privacy policy carefully before using:

  • the website www.triple.blue or app.triple.blue or agent.triple.blue (collectively, the β€œApplication”). Your visit to and/or use of the website implies your agreement with this privacy policy;

  • the Tripleblue mobile application for Android or iOS (the β€œMobile Application”). Your use of the application implies your agreement with this privacy policy;

  • the Tripleblue digital assistant that records audio during an online meeting (the β€œDigital Assistant”). Your use of this implies your agreement with this privacy policy;

  • any integration with external software connected to the Tripleblue platform via an API (β€œExternal Software”);Β 

  • het product β€œTripleblue AI Agents” ook wel β€œTwinQ AI Agents” (waaronder TwinQ AI Email Agent) dat beschikbaar is via agent.triple.blue of via de TwinQ omgeving.

The foregoing are collectively referred to as the β€œTripleblue Platform.” In this document, you, when using Tripleblue’s services, are referred to as the β€œClient.” The Client enters into a contract with Tripleblue B.V.

This privacy policy explains what we do with such information. This policy applies to all data collected via the Tripleblue Platform.Β 

We reserve the right to change this privacy policy if (technical) circumstances make this necessary. In such cases, we will update our data protection information accordingly. We therefore recommend that you review this privacy policy regularly so that you are aware of any changes.

If you have any questions or want to know what information we have about you, please contact us at privacy@triple.blue

Table of contents

  1. When does this privacy policy apply?

  2. Who uses your data?

  3. Whose data do we use?

  4. How do we get your data?

  5. What data about you do we use?

  6. What do we use your data for?

  7. Roles, data categories, purposes and legal bases under the GDPR

  8. How long do we keep your data?

  9. With whom do we share your data?

  10. Where do we store your data?

  11. How secure is your data with us?

  12. What can you ask of us?

  13. What rules apply to this privacy policy?

  14. What cookies do we use?

  15. What do we do with data from minors?

  16. Do you have a question about this privacy policy?

1. When does this privacy policy apply?

This privacy policy applies to all personal data we process and to all domains related to us. This includes the personal data of anyone who has had contact with us or used our Application, Mobile Application, Digital Assistant, or Tripleblue AI Agentsβ€”such as visitors, customers, and business contacts. Personal data means any data traceable to you as an individual, such as your name, telephone number, IP address, customer number, or browsing behavior.Β 

Hieronder vallen ook persoonsgegevens waar wij toegang toe krijgen wanneer je gebruik maakt van onze diensten, waaronder geΓΌploade audio-/videobestanden, documenten en gegevens die via Tripleblue AI Agents worden gedeeld (zoals chats over je documenten en emails die je laat beantwoorden). We gebruiken geΓΌploade audio, geΓΌploade documenten en door gebruikers geperfectioneerde notulen om onze modellen en gebruikservaring te verbeteren.

2. Who uses my data?

Tripleblue is the controller responsible for the use of your personal data as described in this privacy policy. Our details are:

Tripleblue B.V.
De Corridor 14 j, 3621ZB Breukelen

Do you have questions about the processing of your personal data? If so, please feel free to contact us at privacy@triple.blue.

3. Whose data do we use?

We process the personal data of anyone who has contacted us or visited our website. These include visitors, private customers, business customers and contacts of our partners.

Daarnaast verwerken we persoonsgegevens die voorkomen in audio-, video- en andere bestanden (zoals PDF-documenten of emailberichten) die je uploadt naar onze Applicatie, Mobiele applicatie, Tripleblue AI Agents of op een andere manier aanlevert, bijvoorbeeld via de Digitale assistent of via Externe software.

Should you use:

  • the Digital Assistant to make an audio recording, then we will use the audio (and any visual data) from the online meeting in Teams, Google Meets, Zoom or similar software to perform the service.

  • an integration/connection with External software, then in order to perform the service we will read the relevant meeting information (and/or other data) from this software.

  • Tripleblue AI Agents om te chatten met je documenten of om emails te laten beantwoorden, dan verwerken wij de teksten en bijbehorende informatie die je via deze dienst invoert, evenals eventuele gegenereerde content.

We further collect and process personal data of meeting participants whose information is recorded by the customer or uploaded to the Tripleblue Platform. This includes audio recordings, names, and other identifiable information captured during meetings or contained in documents shared via the platform. It is the customer’s responsibility to ensure that all meeting participants have provided valid consent before their personal data is recorded or uploaded to the Tripleblue Platform.

4. How do we get your data?

We get the data directly from you as soon as you:

  • visit our website;

  • create an account;

  • enter data or upload documents on our website;

  • Invite the Digital Assistant to an online meeting;

  • Interface with External Software Vendors;

  • Tripleblue AI Agents gebruikt (bijvoorbeeld bij het uploaden van bestanden of het geven van toegang tot je emails)

5. What data do we use from you?

If you use the Application or Tripleblue AI Agents for informational purposes only (e.g., you only visit the website and do not create an account), we collect only the personal data your browser transmits to our server (such as your IP address and browser type).

Om onze website up-to-date en functioneel te houden, verzamelen we diverse informatie over jou en je gebruik. Wanneer je je aanmeldt op het Tripleblue-platform of Tripleblue AI Agents verzamelen we de benodigde informatie zoals je naam, emailadres en contactgegevens om je in te kunnen loggen en de site als klant te gebruiken. Als je contact opneemt met onze klantenservice via email of chat, kunnen we de tekst van deze gesprekken bewaren. Ook kunnen we telefoongesprekken met onze klantenservice opnemen voor trainingsdoeleinden.

We also collect information about the use of our website, Application, Mobile Application, and other digital media of the Tripleblue Platform. When you visit the Tripleblue Platform, use our Mobile App, or receive our newsletter, we may in certain cases record your IP address, geolocation (based on your IP address), browser type, device data, the referring website, usage patterns, and interaction events (such as page views and favorites). We may automatically receive a notification when you open a newsletter or click a link in it.Β 

Bij het aanmaken van een account en/of het ondertekenen van een contract en/of overeenkomst met Tripleblue B.V. verzamelen wij persoonlijke gegevens voor zover toegestaan door de toepasselijke wetgeving, zoals: Persoonlijke gegevens (zoals je naam, geslacht, geboortedatum, telefoonnummer, adres en woonplaats), FinanciΓ«le informatie (inclusief betaalgegevens), professionele informatie zoals je functietitel en werkervaring, data via Tripleblue AI Agents (dit kan bestaan uit tekst uit documenten die je uploadt, emailinhoud, vragen die je stelt en de antwoorden die worden gegenereerd), de informatie die persoonsgegevens bevat in documenten en bestanden die je via het Tripleblue platform opneemt of upload (bijv. audio en PDF documenten). Tot slot ontvangen wij persoonsgegevens indien je via ons platform gebruik maakt van de Digitale assistent (bijv. audio opname van de online vergadering en de namen van de deelnemers) en persoonsgegevens die worden opgehaald indien u besluit te integreren/koppelen met Externe software voor het uitwerken van de notulen (bijv. informatie over de vergadering, namen van de deelnemers).

Als jouw organisatie Single Sign-On (SSO) inschakelt, gebruiken wij Clerk als onze authentication provider. Voor dit doel delen wij uitsluitend de volgende persoonsgegevens met Clerk om je login aan te maken/beheren en je te authenticeren: emailadres, voornaam, achternaam en identity provider (bijv. de SSO-provider waarmee je inlogt).

Door de TwinQ Email AI Agent te activeren en toestemming te geven, geeft u Tripleblue toestemming om (namens u) toegang te krijgen tot bepaalde gegevens binnen uw Microsoft-account, uitsluitend om de functionaliteiten van de Email AI Agent te leveren. Deze toestemming wordt door u gegeven aan het begin van het gebruik en kan afhankelijk van uw Microsoft-instellingen later ook weer worden ingetrokken.

De TwinQ Email AI Agent kan, afhankelijk van uw keuze en inrichting, de volgende rechten aanvragen: User.Read (Inloggen en uw basisprofielgegevens uitlezen), User.ReadWrite (Uw profielinformatie uitlezen en bijwerken), Calendars.ReadWrite (Toegang tot uw agenda, inclusief het aanmaken en wijzigen van afspraken), Calendars.ReadWrite.Shared (Lezen en schrijven in gedeelde agenda’s), Mail.ReadWrite (Emails in uw mailbox lezen en bewerken (bijvoorbeeld concepten maken, berichten organiseren of opvolgingen voorbereiden)),Β  Mail.ReadWrite.Shared (Emails lezen en schrijven in gedeelde mailboxen), Mail.Send (Emails verzenden namens u), Mail.Send.Shared (Emails verzenden vanuit gedeelde mailboxen namens u), MailboxSettings.ReadWrite (Instellingen van uw mailbox lezen en wijzigen (zoals automatische antwoorden en tijdzone-instellingen)), Tasks.ReadWrite (Taken aanmaken, lezen, bijwerken en verwijderen), Tasks.ReadWrite.Shared (Taken beheren in gedeelde taakmappen). Tripleblue gebruikt deze toegang uitsluitend om de Email AI Agent voor u te laten werken, bijvoorbeeld om:

  • emails te lezen, te analyseren, te organiseren en te labelen

  • emails automatisch door te sturen afhankelijk van uw instellingen

  • concept-antwoorden voor te bereiden en, indien u dat toestaat, te verzenden

  • mailbox- of agenda-acties uit te voeren die u expliciet initieert via de agent

Tripleblue gebruikt uw gegevens niet voor andere doeleinden dan het leveren en verbeteren van de dienst, zoals beschreven in onze privacyverklaring. Afhankelijk van uw gebruik van de TwinQ Email AI Agent kan Tripleblue onder meer verwerken:

  • emailinhoud en contactgegevens (inclusief bijlagen en metadata)

  • agenda-items en gerelateerde details

  • taken en taakdetails

Wanneer emails of bijlagen persoonsgegevens van andere personen bevatten, blijft het uw verantwoordelijkheid om te waarborgen dat dit rechtmatig is en dat betrokkenen, waar nodig, toestemming hebben gegeven.

6. What do we use your data for?

We use your personal dataβ€”and any personal data you upload or generateβ€”only for purposes for which we may lawfully use it:

  • you have given consent for us to use your personal data when signing the service agreement, an annual contract, and/or when creating an account on app.triple.blue and agent.triple.blue;

  • we use your personal data to provide services and to prepare and perform agreements.

When uploading files containing personal data of individuals other than yourself, those individuals must have given consentβ€”for example, for recording meeting audio to produce minutes.Β 

In short, we use your personal data for the following:Β 

1. Provision of services: Tripleblue B.V. processes your personal data to generate and produce results (e.g., minutes) and to make these results available via the Tripleblue Platform for final quality control.

2. Accountbeheer: Bij het aanmaken van een account op het Tripleblue platform vragen we om persoonlijke gegevens, zoals je emailadres, voor- en achternaam, om je in te laten loggen en onze services te personaliseren.

3. Nieuwsbrieven: Tripleblue B.V. kan je nieuwsbrieven sturen als je een account hebt aangemaakt of je hebt ingeschreven voor onze nieuwsbrief. Deze kunnen bedrijfsnieuws, aanbiedingen, en gepersonaliseerde content bevatten. Afmelden kan via een link in de nieuwsbrief of door een email te sturen.

4. Personalized marketing: We use automated tools to analyze your dataβ€”such as browsing behavior and purchasesβ€”to tailor our marketing to your interests and preferences.

5. Research and improvement: To improve our products, services, and communications, we regularly conduct research, such as surveys and interviews. This may be in cooperation with external partners and with input from our customers.

6. Improve app experience: Tripleblue B.V. may request your permission via the app to use your data so we can provide relevant suggestions and information while you use our services.

7. Fraudepreventie: Om fraude te voorkomen, verwerken we je emailadres en betalingsgegevens in samenwerking met onze betalingsdienstaanbieders.Β 

8. Laws and regulations: Tripleblue B.V. must comply with various national and international laws, including storing certain data related to the use of our services.

9. Customer Service: Tripleblue B.V. may use your personal data to provide better customer service.

7. Roles, data categories, purposes and legal bases under the GDPR

To ensure transparency and compliance with the General Data Protection Regulation (GDPR), this section describes Tripleblue B.V.’s specific data processing activities, the roles performed (controller or processor), the categories of personal data involved, the purposes of processing, and the applicable legal bases.

Roles and responsibilities:

  • Tripleblue B.V. may act as a data controller or as a data processor, depending on the nature of the processing activity:

  • Controller: Tripleblue determines the purposes and means for processing personal data collected directly from users (e.g., creating accounts, marketing, customer service) and the use of uploaded files to improve the service.

  • Verwerker: Tripleblue verwerkt persoonsgegevens namens klanten bij het verwerken van geΓΌploade inhoud (bijv. audio-opnames, documenten, emails) voor transcriptie, samenvatting of AI-agentdiensten. In deze gevallen is de klant de verwerkingsverantwoordelijke.

Overview of processing activities

Account creation and management

  • Role: Controller

  • GegevenscategorieΓ«n: Naam, emailadres, wachtwoord, contactgegevens

  • Purpose: To create and manage user accounts.

  • Necessary for the performance of a contract, Art. 6(1)(b) GDPR

Use of Digital Assistant (e.g., meeting recordings)

  • Role: Processor

  • Data categories: Audio/video content, names of participants

  • Purpose: Generate minutes and summaries

  • Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)

Using the Tripleblue Mobile App

  • Role: Processor

  • Data categories: Audio recordings and document uploads

  • Purpose: Generate minutes and summaries

  • Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)

Using the Tripleblue Webapp

  • Role: Processor

  • Data categories: Upload of audio recordings and documents

  • Purpose: Generate minutes and summaries

  • Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)

Usage of Tripleblue AI Agents

  • Role: Processor

  • GegevenscategorieΓ«n: GeΓΌploade documenten, emailinhoud, email gegevens, email bijlagen chatinvoer en -uitvoer

  • Doel: AI-gebaseerde documenten emailondersteuning bieden

  • Legal basis: Data Processing Agreement (Art. 28 GDPR) with Customer; consent or contract (via Customer)

Klantenondersteuning (email/chat/telefoon)

  • Role: Controller

  • Data categories: Communication content, contact information

  • Purpose: Answer questions and improve service quality

  • Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR

Marketing Communications

  • Role: Controller

  • GegevenscategorieΓ«n: Emailadres, gebruiksgegevens

  • Purpose: Sending newsletters and personalized offers

  • Legal Basis: Consent

Website and app analysis

  • Role: Controller

  • Data categories: IP address, browser type, device data, usage patterns

  • Purpose: Improve platform functionality and user experience

  • Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR

Improve / train system

  • Role: Controller

  • GegevenscategorieΓ«n: Transcripties, namen van deelnemers, geΓΌploade documenten, emailinhoud, chatinvoer

  • Purpose: Improve the service and software

  • Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR

Fraud Prevention

  • Role: Controller

  • GegevenscategorieΓ«n: Emailadres, betalingsgegevens

  • Purpose: To detect and prevent fraudulent activity.

  • Legal basis: Processing necessary to pursue legitimate interests of the processing controller, Art. 6 (1) sub f GDPR

Legal compliance

  • Role: Controller

  • Data categories: Transaction data, account data

  • Purpose: Compliance with tax and legal obligations.

  • Legal basis: Processing necessary for compliance with legal obligations, Art. 6 (1) sub c GDPR

8. How long do we keep your data?

We retain your personal data as long as there is an active company account on the Tripleblue Platform and for as long as necessary for the purpose for which we use your data within our services.

  • Audio files processed in our systems, once the task is completed, are kept for 30 days after which they are automatically deleted.

  • This does not apply to data such as audio or agenda information that has been uploaded but has not yet been submitted as a note-taking task to be worked on and therefore has not yet entered our processing pipeline; these are not automatically deleted after 30 days. It is the client's responsibility to ensure that these tasks are created for processing or deleted as drafts to thereby delete the underlying data as well.Β 

  • Agenda files, the results of minutes and other information we keep on our platform until it is decided by the Client to delete the task and/or close the company account.Β 

  • Voor Tripleblue AI Agents worden de chatgesprekken en (geΓΌploade) documenten bewaard totdat deze door de klant worden verwijderd, en kunnen worden gebruikt om de functionaliteiten te leveren en de functionaliteiten en gebruikservaring te verbeteren. Indien je de gegevens wilt verwijderen, kun je een verzoek indienen via privacy@triple.blue.

  • Na de bovenstaande bewaartermijn bewaren we je gegevens alleen nog geanonimiseerd voor statistische doeleinden en om eventuele klachten of juridische zaken af te handelen. Wil je meer weten over hoe lang we specifieke gegevens van je bewaren, neem dan contact met ons via privacy@triple.blue.Β 

9. With whom do we share your data?

In order to provide our services properly, Tripleblue B.V. shares data with Tripleblue GmbH. Tripleblue GmbH is the parent company of Tripleblue B.V. and responsible for the development of the Tripleblue platform. A processor agreement has also been drawn up between Tripleblue GmbH and Tripleblue B.V. that establishes the terms of this data sharing. Tripleblue GmbH is based in Switzerland (MΓΌllheimerstrasse 55, 4057, Basel).Β 

All data uploaded or collected through our platform is processed and (temporarily) stored within the European Economic Area (EEA), unless otherwise stated in this privacy policy. In some cases we use third parties to process the data. The personal data in these files is therefore sent to these parties and received back by us.Β 

Results optimized by our human quality controllers are accessible only to the quality controllers working on the note-taking task, not to other individuals, third parties or companies. A strict "principle of least privilege" is applied, meaning that quality controllers can see your files only when they absolutely need to and only for the time absolutely necessary to perform the task.

Als SSO voor jouw organisatie is ingeschakeld, delen wij beperkte accountgegevens met Clerk, Inc. uitsluitend om inloggen en authenticatie mogelijk te maken. De gedeelde gegevens zijn beperkt tot: emailadres, voornaam, achternaam en identity provider.

10. Where do we store your data?

We process and store your data only within the European Economic Area (EEA). We ensure that all your data remains secure within the EEA.

If you have any questions about this, please feel free to contact us at privacy@triple.blue.Β Β 

11. How secure is your data with us?

We have taken extensive organizational and technical measures to secure your data as effectively as possible. We have secured our systems and various communication channels to ensure your data does not fall into the wrong hands. Your data is safe with us. We also ensure your data is only used by people we have authorized.

12. What can you ask of us?

Because we use personal data about you, you have several rights. We list these rights for you below. Depending on Tripleblue's role in the processing activity, data subjects can exercise their rights as follows.

When we act as a data controller: Right to information. We need to explain to you in a comprehensible and clear way what we do with your data and what control you have over it. Therefore, in this privacy policy we explain in detail what data we collect from you and how we handle your data.

Right of access. You may always ask us to see the data we have on you.

Right to correction. You may ask us to correct your data if it is inaccurate or incomplete.

Right to object. You may object to the processing of your data if you disagree with the way we handle your personal data. This right applies to the data we use for direct marketing. For example, you can indicate to us that you no longer wish to receive mail from us. This also applies to personalized recommendations on our website.

Right to data portability. If you are a customer of ours or have given us permission to use your data, you may ask us to send you the digital data we have on you. This allows you to transfer that data to another organization if you wish.

Right to restriction. You may ask us to limit the use of your data. This means that in certain cases we may keep your data only but not use it.

Right to be forgotten. You may ask us to delete any data we hold about you. We will then delete all data that can be traced back to you. In some cases we cannot or may not yet delete your data. For example, we have to keep some data for 7 years for the tax authorities.

Right to file a complaint. You may file a complaint about the way we handle your data. If you have a complaint, we will be happy to resolve it for you. Please contact our privacy officer. You may also file your complaint with the Dutch Data Protection Authority. Of course we hope it will not come to that, but in extreme cases you may also go to court. In that case the court in the domicile of Tripleblue B.V. will handle your complaint.

Right to be informed about automated decision making. Should Tripleblue B.V. make an automated decision that could have legal consequences for you, you may have the right to speak with a Tripleblue B.V. representative to request a reconsideration of that decision. If so, you may no longer be able to use certain automated services.

When we act as a data processor, data subjects should contact the relevant data controller (for example, the client organization). Tripleblue will assist the data controller in fulfilling such requests as required under applicable data protection laws.

How do I submit a request or complaint? Send your request or complaint to our privacy officer at privacy@triple.blue. We will process your request or complaint within 30 days. If it involves multiple requests or complaints or if your request or complaint is complex, this may take longer. In that case, we will contact you no later than 30 days to notify you of any extensions due to the complexity or number of requests. We may ask you to identify yourself. In that case, we will request information from you to ensure that you are the correct person whose personal data is

13. What rules apply to this privacy policy?

Our privacy policy must meet various requirements. These requirements are set out in the General Data Protection Regulation (GDPR). In addition, the general rules under Dutch law apply to our privacy policy.

14. What cookies do we use?

You can choose which of your data we can use. If you have given us permission to personalize your profile based on your browsing and search behavior, we can tailor our website to make it easier and more personal for you to use. We do this with the help of cookies. A cookie is a small text file that is placed on your hardware when you visit our website.

We use the following types of cookies on our website:

  • functional cookies, such as session and login cookies for tracking session and login information

  • anonymized analytical cookies, to understand visits to our website based on information about visitor numbers, popular pages and popular topics

You can configure your browser settings as desired and, for example, refuse third-party cookies or all cookies. Please note that by disabling cookies you may not be able to use all of the features of this website.

15. What do we do with data of minors?

We do not specifically target minors with our website or as an organization. This means that if you are under 18 years old, you need permission from a parent or guardian to use our website. If you are a minor when you visit our website or webshop, we will assume that you have obtained this permission prior to your visit.

16. Do you have a question about this privacy policy?

Do you have a question about our privacy policy? Please feel free to contact us by sending an email to privacy@triple.blue. We are happy to help you.