Last updated: April 15, 2026

Privacy Policy

This Privacy Policy explains how RecordFlow ("we", "us", or "our") collects, uses, and protects your information when you use our service. We are committed to protecting your privacy and handling your data transparently.

Data Controller

The data controller responsible for your personal data is:
Adam Dobrawy
al. Jerozolimskie 89/43, 02-001 Warszawa, Poland
NIP: 7011027851 | VAT EU: PL7011027851
Contact: support@recordflow.org

1. Information We Collect

Account Information (from Zoom OAuth)

When you sign in with Zoom, we receive and store:

  • Your Zoom user ID
  • Display name
  • Email address
  • OAuth access and refresh tokens (encrypted with AES-GCM)
  • Disconnection timestamp (recorded when your Zoom connection expires; cleared when you reconnect)

Google Drive Connection (from Google OAuth)

When you connect Google Drive, we receive and store:

  • OAuth access and refresh tokens (encrypted with AES-GCM)
  • Your selected Drive folder ID
  • Disconnection timestamp (recorded when your Google Drive connection expires; cleared when you reconnect)

We request only the drive.file scope, which limits RecordFlow's access to files and folders that RecordFlow itself creates in your Google Drive and to folders you explicitly select via the Google Picker during setup. Selecting a folder does not grant RecordFlow access to existing files within it — RecordFlow can only access the folder itself and any files it subsequently creates there. RecordFlow cannot read, modify, or delete any other files in your Drive.

Session Data

We use encrypted cookies to maintain your login session. These cookies contain your user ID encrypted with AES-GCM and are strictly necessary for the Service to function.

Recording Content

We do not permanently store your recording content. Recordings are streamed from Zoom's servers through our Cloudflare Worker and uploaded to your Google Drive in small chunks. File data is held in memory only during the active transfer and is not persisted on our infrastructure.

Sync Activity (Optional)

When privacy mode is off (the default), we store meeting-level sync activity to display on your dashboard:

  • Zoom meeting topic and start time
  • Sync status (observed, started, in-sync, synced, or error)
  • Google Drive folder ID for the meeting's archived files
  • Error messages if sync failed
  • Timestamps of sync completion

When privacy mode is on, no sync activity data is collected or stored. Existing sync activity records are cleaned up on the next sync run after privacy mode is enabled.

Notification deduplication token: Regardless of privacy mode, when we send you an email that a recording has been archived, we store a short opaque token so we don't email you about the same meeting twice (Zoom delivers recording files in waves — video, audio, transcript, AI summary — and we collapse those into a single notification). The token is an HMAC-SHA-256 hash of the Zoom meeting UUID, keyed with a server-side secret. It is not reversible without our secret, it does not contain the meeting topic, date, or participants, and it is deleted automatically after two years.

2. How We Use Your Information

We use the information we collect to:

  • Authenticate you and maintain your session
  • Access your Zoom cloud recordings via the Zoom API
  • Upload recordings to your specified Google Drive folder
  • Deduplicate recordings (by checking Zoom file IDs in Drive file descriptions)
  • Manage sync locks to prevent concurrent operations
  • Send you email notifications when recordings are ready in your Google Drive (if enabled in your settings)
  • Notify you if your Zoom or Google Drive connection expires and needs to be re-established
  • Track and display sync progress for each meeting on your dashboard (unless privacy mode is enabled)

3. Data Storage and Security

Your data is stored using Cloudflare's infrastructure:

  • Cloudflare D1 (SQLite database): Stores user accounts, encrypted OAuth tokens, and sync meeting history (when privacy mode is off)

Security measures include:

  • All OAuth tokens are encrypted with AES-256-GCM before storage
  • OAuth 2.0 with PKCE for both Zoom and Google authentication
  • Encrypted session cookies (AES-GCM)
  • All data transmitted over HTTPS
  • No plaintext credential storage

4. Third-Party Services

RecordFlow integrates with the following third-party services:

  • Zoom Video Communications: To access your cloud recordings. Subject to Zoom's Privacy Policy
  • Google (Google Drive): To store archived recordings. Subject to Google's Privacy Policy
  • Cloudflare: Infrastructure provider for compute and database. Subject to Cloudflare's Privacy Policy
  • Resend (Resend, Inc.): Transactional email delivery for archive notifications. When email notifications are enabled, Resend receives your email address and name for email delivery. Resend does not receive your recordings, OAuth tokens, or other credentials. Subject to Resend's Privacy Policy
  • Sentry (Functional Software, Inc.): Error tracking and performance monitoring. When errors occur, Sentry receives diagnostic data including error messages, stack traces, browser/device information, and your email address (for identifying affected users). Sentry does not receive your recordings, OAuth tokens, or other sensitive credentials. Subject to Sentry's Privacy Policy

5. Google API Services User Data Policy

RecordFlow's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google Drive access to upload your Zoom recordings and create organizational folders in your selected Drive destination.
  • We do not use Google data for advertising, market research, or email campaigns.
  • We do not sell or transfer Google data to third parties except as necessary to provide the service (Cloudflare for infrastructure).
  • We do not use Google data for purposes unrelated to the core functionality of archiving Zoom recordings to Google Drive.
  • A human can review your data only with your affirmative consent, for security purposes, to comply with applicable law, or for our internal operations solely related to providing the Service.

6. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account termination.
  • Sync history: Retained while your account is active and privacy mode is off. Cleaned up on the next sync run after you enable privacy mode. Deleted within 30 days of account termination.
  • Session cookies: Expire based on cookie lifetime settings.
  • Sync lock and rate-limit data: Stored in the D1 database with short TTLs (15 seconds to 24 hours). Automatically cleaned up on the next access after expiry.
  • Archived recordings: Stored in your Google Drive under your control. We do not manage or delete files in your Drive.

Privacy mode opt-out: You can enable privacy mode from your dashboard at any time. When enabled, RecordFlow stops storing meeting metadata entirely. Existing sync history records are cleaned up on the next sync run. Recordings continue to sync to your Google Drive normally — only the dashboard tracking is affected.

7. Your Rights

You have the right to:

  • Access your data: View your account information through the dashboard
  • Delete your data: Request account deletion by contacting us. You can also revoke OAuth access at any time through your Zoom and Google account settings.
  • Data portability: Your recordings are stored in your own Google Drive and are fully under your control
  • Manage notifications: Enable or disable email notifications at any time from your dashboard settings

For EU/EEA Residents (GDPR)

If you are located in the EU/EEA, you have additional rights under GDPR including the right to rectification, restriction of processing, and the right to lodge a complaint with your local data protection authority. Our legal basis for processing is contractual necessity (to provide the Service you've requested).

For California Residents (CCPA)

California residents have the right to know what personal information is collected, request deletion of personal information, and opt out of the sale of personal information. We do not sell your personal information.

8. Cookies and Similar Technologies

RecordFlow uses strictly necessary cookies for authentication session management. We do not use advertising or marketing cookies.

We use Sentry for error monitoring and session replay. Session replays (DOM snapshots of user interactions) are captured for all browsing sessions to help diagnose issues and improve the user experience. Replays do not record passwords, credit card numbers, or other sensitive input fields.

9. Children's Privacy

RecordFlow is not directed at children under 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us for removal.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at support@recordflow.org.

Correspondence address:
al. Jerozolimskie 89/43, 02-001 Warszawa, Poland