Privacy Policy
Last updated: May 2026
At Ekosistem App, we value your privacy. This policy explains what data we collect, how we use it, and your rights.
1. What Data Is Collected?
During registration we collect your email address, name, and profile information. Content you share, messages, and meeting information are processed during platform use. Technical data (IP address, browser type, usage logs) is collected for security and service improvement.
2. How Is Data Used?
Your data is used to manage your account, provide service, ensure security, operate the AI moderation system, and resolve technical issues. Your data is not processed for advertising purposes and is not sold to third parties.
3. How Is Data Stored?
Your data is stored encrypted on servers compliant with European Union data protection standards. Database connections are protected with TLS and sensitive data is encrypted with AES-256-GCM. Regular security audits are conducted.
4. Who Is Data Shared With?
Your data may be shared with: ecosystem members viewing your profile (only information you choose to share), relevant authorities when legally required, and trusted service providers supporting our infrastructure (email, storage). It is never sold to third parties under any circumstances.
5. Your Rights
You have the right to access, correct, delete, and port your data. When you delete your account, all your personal data is permanently removed within 30 days. You can exercise these rights by contacting info@ekosistem.app.
6. Cookies
Only essential cookies required for session management are used. No third-party tracking cookies or advertising cookies are used. Session cookies are securely configured with httpOnly and sameSite:strict properties.
7. Zoom Integration
Ekosistem App users may optionally connect their Zoom account for Lets Meet bookings, mentorship sessions, and online events. When you authorize this integration, Ekosistem App retrieves two pieces of information from your Zoom account: your email address and account plan tier (basic/licensed) — both shown only as a 'Connected: …' label in the UI. OAuth access and refresh tokens are stored encrypted with AES-256-GCM in our database; plaintext is never logged. The connected Zoom account is used solely to create scheduled Zoom meetings on your behalf (`meeting:write:meeting` scope) for your bookings, sessions, and events, and to delete those meetings if the corresponding record is cancelled. We do not record meetings, do not access participant lists, and do not store recordings. When you uninstall the app from Zoom Marketplace, Zoom's deauthorization webhook fires; your tokens are deleted immediately, and we send a compliance notification to Zoom's /oauth/data/compliance endpoint within Zoom's required 10-day window. You can also manually disconnect via Lets Meet → Manage → 'Disconnect Zoom', which deletes tokens immediately and revokes them on Zoom's side.
8. Google Calendar Integration
Ekosistem App optionally connects to Google Calendar to prevent booking conflicts in Lets Meet. Three narrow OAuth scopes are requested at authorization: calendar.calendarlist.readonly (to list your calendars' names so you can pick which ones we should check), calendar.events.freebusy (to read busy/free time blocks from the calendars you select) and calendar.events.owned (to write bookings we create into your owned calendar — typically your primary — and delete them on cancellation). We deliberately avoid the broader 'calendar' and 'calendar.readonly' scopes; we take only the minimum access we need. This data is handled per Google's 'Limited Use' requirements: never used for advertising, never sold to third parties, never used to train AI or machine-learning models, and never read manually by our staff (access is restricted to legal compulsion or your explicit support request). Refresh tokens are stored encrypted with AES-256-GCM. Ekosistem App's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. You can disconnect at any time from Lets Meet → Manage; this deletes tokens immediately. You may also revoke access manually at myaccount.google.com/permissions.
For questions about your privacy rights or data processing, send an email to info@ekosistem.app.