OSSMeet

Privacy Policy

Last updated: April 22, 2026

1. Introduction

Welcome to OSSMeet ("we," "us," or "our"). OSSMeet is an open-source video meeting platform available at ossmeet.com. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services. By using OSSMeet, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you sign in with Google OAuth, we collect the following from your Google account:

  • Google account identifier (sub ID)
  • Email address
  • Display name
  • Profile picture URL

2.2 Meeting Data

We do not have access to the content of your meetings. Your audio, video, recordings, transcripts, whiteboard sessions, and uploaded files are yours — we do not monitor, review, or access them.

We do collect meeting metadata to operate the service, such as:

  • Room names and meeting codes
  • Space membership and participant counts
  • Meeting start and end times
  • Storage usage per account

2.3 Technical Data

We automatically collect certain technical information to maintain security and improve the service:

  • IP address
  • User agent (browser and operating system information)
  • Session timestamps and expiry information

2.4 Cookies

OSSMeet uses the following cookies:

  • session — An HttpOnly authentication cookie used to keep you signed in.
  • oauth_state — A temporary cookie used during the Google OAuth sign-in flow for PKCE state verification. Deleted after authentication completes.
  • ossmeet_guest_* — Temporary cookies that grant guests access to a specific meeting without requiring an account.

We do not use any third-party analytics cookies, advertising trackers, or tracking pixels.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Authenticating your identity and managing your account
  • Operating the meeting infrastructure and delivering real-time audio, video, and collaboration features
  • Managing spaces, rooms, and participant access within your organization
  • Processing billing and subscription management through our payment provider
  • Maintaining security, preventing abuse, and debugging technical issues

4. Data Storage & Security

OSSMeet is deployed on Cloudflare's infrastructure. Your data is stored as follows:

  • Structured data (users, sessions, spaces, rooms, meetings, transcripts) is stored in Cloudflare D1, a globally distributed SQLite database.
  • Files (recordings, whiteboard snapshots, uploaded PDFs) are stored in Cloudflare R2 object storage.
  • Session tokens are stored as cryptographic hashes — we never store your raw session token.

All connections to OSSMeet are encrypted in transit via TLS. We follow industry-standard security practices to protect your data, including encrypted session storage, scoped access controls, and automatic session expiry. While no system can guarantee absolute security, we are committed to protecting your information.

5. Third-Party Services

OSSMeet integrates with the following third-party services to provide its functionality:

  • Google OAuth — Used for authentication. When you sign in, Google shares your basic profile information with us. Google's use of your data is governed by Google's Privacy Policy.
  • Google Gemini AI — When you use AI-powered meeting features (such as notes or summaries), relevant meeting data (e.g., transcript text) is sent to Google's Gemini API for processing. This data is handled according to Google's AI Terms of Service.
  • LiveKit (self-hosted) — We run our own LiveKit instance on dedicated infrastructure to provide real-time WebRTC audio, video, and screen sharing. Media streams are routed through our servers during meetings and are not sent to any third party. LiveKit does not permanently store your media.
  • Cloudflare — Provides our compute (Workers), database (D1), object storage (R2), and content delivery infrastructure. Data may be processed at Cloudflare edge locations worldwide. See Cloudflare's Privacy Policy.
  • Lemon Squeezy — Handles subscription billing and payment processing. We do not store your credit card information directly; it is managed by Lemon Squeezy. See Lemon Squeezy's Privacy Policy.

6. Data Retention

Meeting content stored on your behalf (such as recordings or files) is retained according to your subscription plan:

  • Free plan: 30 days from creation
  • Pro plan: 1 year from creation
  • Organization plan: Unlimited retention

Your account information is retained for as long as your account exists. When you delete your account, we remove your personal data and associated meeting data in accordance with the retention periods above. Expired data is automatically purged through scheduled cleanup processes.

7. Your Rights

You have the following rights regarding your personal data:

  • Access — You can view your account information and meeting data through your OSSMeet dashboard at any time.
  • Deletion — You can delete your account from your account settings. This will remove your profile and personal data. Meeting data shared in spaces may be retained according to the space owner's retention policy.
  • Export — You can download your recordings, transcripts, and other files directly from the meeting interface.
  • Correction — Your display name and profile picture are synced from your Google account. To update them, update your Google profile.

To exercise any of these rights or if you have questions, contact us at support@ossmeet.com.

8. Children's Privacy

OSSMeet is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@ossmeet.com.

9. International Data Transfers

OSSMeet operates on Cloudflare's global edge network. Your data may be processed and stored in data centers located in various countries around the world. By using OSSMeet, you acknowledge that your information may be transferred to and processed in jurisdictions other than your own. We rely on Cloudflare's infrastructure, which maintains appropriate safeguards for international data transfers, including compliance with applicable data protection frameworks.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of OSSMeet after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

support@ossmeet.com

© 2026 OSSMeet Contributors. OSSMeet is open-source software licensed under the MIT License.