Back to Scribe

Privacy Policy

Last updated: March 7, 2026Happenings Group A/S

1. Introduction

Welcome to Scribe ("we," "our," or "us"). Scribe is a knowledge management tool operated by Happenings Group A/S that provides audio and video transcription services with AI-powered summaries, speaker recognition, and task management capabilities.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and mobile applications. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

2. Information We Collect

2.1 Account Information

When you create an account with Scribe, we collect:

  • Email address (provided via invitation, Google OAuth, or Sign in with Apple)
  • Name
  • Hashed password (for email/password accounts)
  • Google account ID (for Google OAuth accounts)
  • Apple account identifier (for Sign in with Apple accounts)

2.2 Content You Provide

We collect and store content you create or upload, including:

  • Audio and video files you upload for transcription
  • Transcriptions generated from your audio/video files
  • Edits and annotations you make to transcriptions
  • Summaries and AI-generated content
  • Tasks and action items you create
  • People and company information you add to the directory
  • File attachments (images, PDFs, documents)
  • Tags, contexts, and organizational metadata
  • Comments and notes

2.3 Voice Data

For speaker recognition features, we may collect:

  • Voice embeddings (mathematical representations of voices) extracted from audio files
  • Speaker assignments linking voices to individuals
  • Audio clips used for voice profile generation

2.4 Usage Information

We automatically collect certain information when you use Scribe:

  • Log data (IP address, browser type, pages visited, timestamps)
  • Device information (operating system, device identifiers)
  • API usage patterns and access times
  • Session recordings and interaction data (via PostHog, EU Cloud) for product improvement
  • Crash reports, device diagnostics, and performance telemetry (via Sentry)
  • Push notification tokens and delivery metadata (via Firebase Cloud Messaging)

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide Services: To transcribe audio/video files, generate summaries, identify speakers, and provide all core functionality of Scribe
  • AI Processing: With your permission in the mobile app, to send recordings to AssemblyAI for transcription and transcript/prompt content to Anthropic for summaries, action items, and Ask Scribe responses
  • Improve Features: To analyze usage patterns and improve the product, summaries, and speaker recognition accuracy
  • Communication: To send you notifications about transcription completion, task assignments, and system updates
  • Security: To detect, prevent, and address technical issues, fraud, or security vulnerabilities
  • Compliance: To comply with legal obligations and enforce our terms of service

4. Third-Party Services

Scribe uses the following third-party services to provide our functionality:

On iOS, before Scribe uploads a recording or sends content through Ask Scribe, the app asks for permission to share the data needed for transcription and AI features. If you do not consent, uploads, AI summaries, action items, speaker diarization, and Ask Scribe remain unavailable. You can withdraw this permission at any time in the mobile app under Settings > AI Processing Consent.

Google OAuth

Used for user authentication (optional). Subject to Google's Privacy Policy

AssemblyAI

Used for audio transcription and speaker diarization. Audio/video files, speaker diarization data, and voice input audio are processed by AssemblyAI's servers to create transcripts. Subject to AssemblyAI's Privacy Policy

Anthropic (Claude AI)

Used for generating summaries, extracting action items, and AI-powered features. Transcription text, user prompts, and related meeting context are sent to Anthropic's API to generate summaries, action items, and Ask Scribe responses. Subject to Anthropic's Privacy Policy

Cloudflare R2

Used for storing audio files, video files, transcriptions, and attachments (EU region). Subject to Cloudflare's Privacy Policy

SendGrid

Used for sending transactional emails (invitations, password resets). Subject to Twilio's Privacy Policy

Recall.ai

Used for automated meeting recording via Google Meet, Zoom, and Microsoft Teams bots (EU region). Subject to Recall.ai's Privacy Policy

PostHog

Used for product analytics, session replay, and usage tracking to improve the service (EU Cloud). Subject to PostHog's Privacy Policy

Sentry

Used for crash reporting, diagnostics, and performance monitoring. Crash logs may include device, OS, app version, and error context needed to debug problems.

Firebase Cloud Messaging

Used to deliver push notifications. Push notification tokens and delivery metadata are processed to notify you when transcriptions and tasks are ready.

PartyKit (Cloudflare)

Used for real-time collaborative document editing. Subject to Cloudflare's Privacy Policy

PyAnnote (self-hosted)

Used for generating speaker voice embeddings for voice recognition features. Audio clips are processed on our own EU-hosted infrastructure. No data is sent to third parties.

Vercel

Used for application hosting, deployment, and web analytics (pageview and performance metrics). Subject to Vercel's Privacy Policy

Inngest

Used for background job orchestration (e.g., transcription processing queues). Only job metadata and event payloads are processed. Subject to Inngest's Privacy Policy

5. Data Storage & Security

All data is stored and processed within the European Union. We implement appropriate technical and organizational measures to protect your data:

  • All data transmissions are encrypted using HTTPS/TLS
  • Passwords are hashed using bcrypt; tokens are hashed using SHA-256
  • Database credentials and API keys are stored securely using environment variables
  • Access to user data is restricted to authorized personnel only
  • Regular security audits and updates to maintain system integrity

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. You may request deletion of your data by contacting us. Upon deletion request, we will:

  • Delete your account and associated personal information
  • Remove your transcriptions, audio files, and attachments from our storage
  • Anonymize or delete voice embeddings and speaker profiles
  • Retain certain information if required by law or for legitimate business purposes

7. Your Rights

Under the GDPR and applicable data protection laws, you have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your personal data
  • Withdrawal: Withdraw consent for data processing at any time

To exercise any of these rights, please contact us at the address provided below. We will respond to your request within 30 days.

Mobile app users can also withdraw consent for AI processing directly in Settings > AI Processing Consent.

8. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Within Organization: Data is shared with other users within your organization who have appropriate access permissions
  • Service Providers: With third-party services listed in Section 4 to provide core functionality
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

9. Children's Privacy

Scribe is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

10. International Data Transfers

All primary data storage and processing takes place within the European Union. Some third-party services (such as AI processing) may transfer data outside the EU. Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) or adequacy decisions, in compliance with the GDPR.

11. GDPR Compliance

We comply with the General Data Protection Regulation (GDPR). Happenings Group A/S is the data controller for personal data processed through Scribe. Our legal basis for processing your data includes:

  • Contract: Processing necessary to fulfill our service agreement with you
  • Consent: You have given explicit consent for specific processing activities
  • Legitimate Interests: Processing necessary for our legitimate business interests
  • Legal Obligation: Processing required to comply with legal requirements

You may lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you believe your data protection rights have been violated.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Happenings Group A/S

Klostergade 56B, St.

8000 Aarhus C, Denmark

VAT NO. DK40979956

Email: support@happenings.dk

Web: scribe.happenings.social

Effective as of March 7, 2026

Terms of UseCompliance