Privacy Policy

This privacy policy (“Policy”) informs you of our practices when handling your Personal Information through the Services (both as defined below).  In this Policy, “Otter.ai”, “we” or “us” refers to Otter.ai, Inc., a company registered in Delaware with its registered address located at 800 W El Camino Real, Suite 170, Mountain View, CA 94040.  Except as otherwise set forth below, we are the data controller under the applicable privacy laws.

Where we have an Otter Business or enterprise service agreement in place with an enterprise customer who is asking you to use our Services (for example your employer), we obtain and process your Personal Information on behalf of and at the instructions of that customer.  In that context, such enterprise customers are the data controllers and their privacy policies will apply to the processing of your Personal Information. We encourage you to read their privacy policies.

For the purpose of this Policy, “Personal Information” means any information relating to an identified or identifiable individual.  This includes Personal Information you provide or generate when you use: (a) Our Otter meeting assistant app (the “App”); and (b), https://otter.ai, and any other dedicated Otter.ai websites (the “Website”) (collectively, the “Services”).  When you use the Services, you accept and understand that we collect, process, use, and store your Personal Information as described in this Policy.

If you are a California resident, our Privacy Notice for California Residents includes additional information about your rights and how we collect, use, and share information.

If you do not agree with this Policy, you must not use any of the Services.  If you change your mind in the future, you must stop using the Services and you may exercise your rights concerning your Personal Information as set out in this Policy. Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide your Personal Information when requested, you may not be able to use the full extent of the Services if that Personal Information is necessary to provide you with the Services or if we are legally required to collect it.

1. INFORMATION WE COLLECT

We will collect and use the following Personal Information about you:

Information you provide to us

• Registration Information.  When you create an account on our Services, you will be asked to provide your name, email, phone number, and a password, you may voluntarily add a profile picture.  For Pro or Business plans which are paid Services, our payment processing partner Stripe, Inc. may also collect your name, billing address, and payment information.  Payment information is not shared with us and is maintained by Stripe.
• Meeting and Uploaded Information.  When you use the Services, you may provide us with your audio recordings (“Audio Recordings”), automatic OtterPilot^TM screenshots and any text, images or videos that you upload or provide to us in the context of the Services.  OtterPilot may take automatic screenshots which are available meeting transcripts to add value to the meetings by extracting useful visual information.  The automatic screenshots will only take place in virtual meetings.
• Communication Information.  When you contact us, you provide us with your phone number, email, and any other information you choose to provide over such communication, including information about your query. When we send you emails, we may use embedded pixels or other technologies to track information about your receipt and interaction with our emails, such as whether and when you open them, whether you access any links included in our emails, how long you read our emails, whether you forward our emails and to whom, your Location Information (described below), and your Device Information (described below), to learn how to deliver a better customer experience and improve our Services.

Speaker Identification Information.  When you use the Services, you may record and annotate spoken conversations, such as calls or meetings, from which we generate speaker identification information. We use this information to help you recognize speakers in recorded conversations and automatically tag their name within the transcript. Information you provide us about others

• If you choose to collaborate on a task with your co-workers or friends, or refer us to them, you provide us with the email address and contact information of your co-workers or friends.
• If you provide an Audio Recording, this may contain the Personal Information of third parties.  Before you do so, please make sure you have the necessary permissions from your co-workers, friends or other third parties before sharing Personal Information or referring them to us.

Information we automatically collect or is generated about you when you use the Services

• Usage Information: When you use the Services, you generate information pertaining to your use, including timestamps, such as access, record, share, edit and delete events, interactions with OtterPilot, app use information, screenshots/screen captures taken during the meeting, interactions with our team, and transaction records.
• Device Information: We assign a unique user identifier (“UUID”) to each mobile device that accesses the Services.  When you use our Services, you provide information such as your IP address, UUIDs, device IDs, web beacons and other device information (such as carrier type, whether you access our Service from a desktop or mobile platform, device model, brand, web browser and operating system).
• Cookies: We use Cookies and other similar technologies (“Cookies”) to enhance your experience when using the Service.  For more information about our Cookies policy, see HOW WE USE COOKIES AND SIMILAR TECHNOLOGIES below.
• Location Information: When you use the Services, we receive your approximate location information.  For example, we infer your approximate location by using your IP address.

Information received from third parties.

• Information we receive from third party platforms: When you connect third party platforms, apps or providers (such as Google Calendar, iCal or other calendar programs, Google Contacts or Zoom) to our Services, or when you register through a third party account (such as Google or Microsoft), we receive Personal Information that includes your username, profile picture, email address, time, location, calendar information, contact information from such third parties and any information you choose to upload to such third party platforms (“Platform Information”).
• Information from platforms our Services rely on: We receive transaction information from our payment processor Stripe.
• Information from Data and Marketing Partners.  We may receive additional information about you, such as demographic or interest attributes from third parties such as data or marketing partners and combine it with other information we have about you.

We also collect and use deidentified or aggregated data such as statistical or demographic data for our purposes. Deidentified or aggregated data may be derived from your Personal Information but is not Personal Information as this data will not directly or indirectly reveal your identity.  However, if we combine or connect aggregated data with your Personal Information so that it can directly or indirectly identify you, we will treat the combined data as Personal Information which will be used in accordance with this Policy. We will maintain deidentified data in deidentified form and not attempt to reidentify the information, except solely as permitted for determining the effectiveness of our deidentification processes.

2. HOW WE USE YOUR PERSONAL INFORMATION

We use and disclose the information we collect for the following purposes and categories of third parties:

We disclose Device Information, Cookies, and Location Information to Mobile advertising tracking providers, Analytics providers, Advertising Partners, and Providers of integrated third-party programs, apps, or platforms. Under various U.S. state privacy laws, some of these data disclosures may broadly be considered a “sale” of Personal Information and processing of Personal Information for targeted advertising.

3. HOW WE USE COOKIES AND SIMILAR TECHNOLOGIES

We and our third-party partners use Cookies, pixel tags, and similar technologies to collect information about your browsing activities and to distinguish you from other users of our Services in order to aid your experience and measure and improve our advertising effectiveness.

Cookies are small files of letters and numbers that we store on your browser or on your device.  They contain information that is transferred to your device.

We use the following types of Cookies and similar technologies:

• Strictly necessary Cookies: Some Cookies are strictly necessary to make our Services available to you; for example, to provide login functionality, user authentication and security.  We cannot provide you with the Services without this type of Cookie.
• Functional Cookies: These are used to recognize you when you return to our Website.  This enables us to personalize our content for you and remember your preferences (for example, your choice of language).
• Analytical, performance, or advertising Cookies: We also use Cookies and similar technologies for analytics purposes in order to operate, maintain, and improve our Services and measure and improve our advertising effectiveness.  We use third party analytics providers, including Google Analytics and Amplitude, to help us understand how users engage with us.  We also use third party advertising partners, including Facebook, to deliver ads to you on other sites.  Google Analytics uses first-party Cookies to track user interactions which helps show how users use our Service and Website.  This information is used to compile reports and to help us improve our Service and Website.  Such reports disclose Website trends without identifying individual visitors.  You can opt out of Google Analytics by going to https://tools.google.com/dlpage/gaoptout or via Google’s Ads settings.

You can block Cookies by setting your internet browser to block some or all or Cookies.  However, if you use your browser settings to block all Cookies (including strictly necessary Cookies) you may not be able to use our Services.

4. WITH WHOM WE SHARE YOUR PERSONAL INFORMATION

We may disclose your Personal Information to various categories of vendors and service providers we rely on in the provision of the Services, as well as additional third parties in certain circumstances described below. Third party services are not owned or controlled by Otter.ai and third parties may have their own policies and practices for collection, use and sharing of information.  Please refer to third party privacy and security policies for more information before using such services.  We disclose your Personal Information to selected vendors and service providers, including:

• Cloud service providers who we rely on for compute and data storage, including Amazon Web Services, based in the United States.
• Platform support providers who help us manage and monitor the Services, including Amplitude, which is based in the U.S. and provides user event data for our Services.
• Data labeling service providers who provide annotation services and use the data we share to create training and evaluation data for Otter’s product features.
• Artificial intelligence service providers that provide backend support for certain Otter product features.
• Mobile advertising tracking providers who help us measure our advertising effectiveness.
• Analytics providers who provide analytics, segmentation and mobile measurement services and help us understand our user base.  We work with a number of analytics providers, including Google LLC, which is based in the U.S.  You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/, and opt-out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

We also disclose your Personal Information to the following categories of third parties, including:

• Other users who see your Personal Information (such as your username and email) and any other information you choose to share with them through the Services.
• Advertising Partners: We work with third party advertising partners to show you ads that we think may interest you.  Some of our advertising partners are members of the Network Advertising Initiative (http://optout.networkadvertising.org/) or the Digital Advertising Alliance (http://optout.aboutads.info/).  If you do not wish to receive personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving web-based personalized ads from member companies.  You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.
• Providers of integrated third-party programs, apps or platforms, such as Google Calendar and Apple iCal.  When you connect third party platforms to our Services, you authorize us to share designated information and data created and/or uploaded by you to our servers with these third-party programs on your behalf.
• Payment processors, such as Stripe.  These payment processors are responsible for the processing of your Personal Information, and may use your Personal Information for their own purposes in accordance with their privacy policies.  More information is available here: https://stripe.com/gb/privacy.
• Law enforcement agencies, public authorities or other judicial bodies and organizations.  We disclose Personal Information if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to comply with a legal obligation, process or request; enforce our terms of service and other agreements, policies, and standards, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; or protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (including exchanging information with other companies and organizations for the purposes of fraud protection).  For more information, please see Otter’s Data Request Policy.
• Change of corporate ownership.  If we are involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale or other transaction, we may disclose your Personal Information as part of that transaction.

5. HOW LONG WE STORE YOUR INFORMATION

Otter.ai stores all Personal Information for as long as necessary to fulfill the purposes set out in this Policy, or for as long as we are required to do so by law or in order to comply with a regulatory obligation.  When deleting Personal Information, we will take measures to render such Personal Information irrecoverable or irreproducible, and the electronic files which contain Personal Information will be permanently deleted.

6. YOUR RIGHTS

Depending on where you live and subject to certain exceptions, you have the following rights in relation to your Personal Information that we hold.

If you are a California resident, please visit our Privacy Notice for California Residents to learn more about your California privacy rights.

• Access.  You have the right to confirm whether we process your Personal Information, access the Personal Information we hold about you, and to receive an explanation of how we use it and the third parties or categories of third parties to whom such Personal Information is disclosed.
• Update. You have the right to update any Personal Information we maintain about you
• Correction.  You have the right to correct any Personal Information we hold about you that is inaccurate or incomplete.
• Erasure.  You have the right to request for your Personal Information to be erased or deleted.
• Right to opt out.  You have the right to opt out of the “sale” of your Personal Information and the processing of your Personal Information for targeted advertising.
• Rights related to profiling in furtherance of significant decisions. You also have the right to opt-out of profiling in furtherance of producing legal or significant decisions concerning you. Additionally, if your Personal Information is profiled in furtherance of decisions that produce legal or similarly significant effects concerning you, you have the right to question the result of the profiling, to be informed of the reason that the profiling resulted in the decision, and, if feasible, to be informed of the actions you might have taken to secure a different decision and the actions that you might take to secure a different decision in the future. You also have the right to review your Personal Information used in the profiling, and if applicable, have the data corrected and the profiling decision reevaluated based upon the corrected data. We do not engage in such profiling.
• Object to processing.  You have the right to object to our processing of your Personal Information where we are relying on a legitimate interest or if we are processing your Personal Information for direct marketing purposes.
• Restrict processing.  You have a right in certain circumstances to stop us from processing your Personal Information other than for storage purposes.
• Portability.  You have the right to receive, in a structured, commonly used and machine-readable format, Personal Information that you have provided to us if we process it on the basis of our contract with you, or with your consent, or to request that we transfer such Personal Information to a third party.
• Right to be free from discriminatory treatment.  You have the right to be free from discriminatory treatment for the exercise of your privacy rights.
• Right to appeal. You have the right to appeal any decision with regard to your privacy request.
• Withdraw consent.  You have the right to withdraw any consent you previously applied to us.  We will apply your preferences going forward, and this will not affect the lawfulness of processing before your consent was given.

Please note that, prior to a response to the exercise of certain rights, we will require you to verify your identity. If you have an Otter.ai account, please verify your identity by logging into your account and submitting a support request from the Services. If you do not have an account, we will attempt to verify your identity by asking for information that we may have about you, such as your name, email address, and other information. In addition, we may require additional information (for example, why you believe the information we hold about you is inaccurate or incomplete) and may have valid legal reasons to refuse your request.  We will inform you if that is the case.  

We do not require verification for requests to opt out of the “sale” of your Personal Information or the processing of your Personal Information for targeted advertising. You can exercise these rights by clicking the “Do Not Sell or Share My Personal Information” link in the Otter website footer and following the instructions provided.

For more information on how to exercise your rights, or to exercise your rights, please email privacy@otter.ai, click our online form [here], or call our toll-free number [1-866-I-OPT-OUT (1-866-467-8688) and enter Service Code 2392#].

Authorizing an Agent. If you are acting as an authorized agent to make a request to opt out, please send an email to privacy@otter.ai and attach a written authorization signed by the resident. We may still require the resident you are acting on behalf of to directly verify their identity and confirm that they have provided you permission to submit the request.

7. Data Privacy Framework Principles

Otter.ai complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.  Otter.ai has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with respect to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Otter.ai has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. DPF Principles with respect to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

For more information on how we comply with the DPF Principles, please see APPENDIX: Otter.ai Data Privacy Framework Principles Notice.

8. CHILDREN

The Service and Website are not targeted at children, and we do not knowingly collect Personal Information from children under the age of 13.  If you learn that a child has provided us with Personal Information in violation of this Policy, please contact us as indicated below.

9. CONTACT & COMPLAINTS

For inquiries or complaints regarding this Policy, please first contact us at privacy@otter.ai and we will endeavor to deal with your complaint as soon as possible.  This is without prejudice to your right to launch a claim with a data protection authority.

If you are based in the European Economic Area or the UK, you may also make a complaint to either the Irish Data Protection Commission (on +353 578 684 800 or via https://forms.dataprotection.ie/contact) or the UK’s ICO (on +44 303 123 1113 or via https://ico.org.uk/make-a-complaint/), or to another supervisory authority, including in your country of residence, place of work or where an incident took place.

10. DATA SECURITY

Otter.ai maintains and implements physical, administrative, and technical safeguards to protect the confidentiality, integrity, and availability of personal information.  However, the transfer of Personal Information through the internet will carry its own inherent risks and we do not guarantee the security of your data transmitted through the internet.  You make any such transfer at your own risk.

The Website and Service may provide features or links to websites and services provided by third parties.  Any information you provide on Apps, third-party websites or services is provided directly to the operators of such websites or services and is subject to their policies governing privacy and security, even if accessed via our Website or in connection with our Service.

11. CROSS-BORDER DATA TRANSFERS

To facilitate our global operations, Otter.ai may transfer, store and process your operations with our partners and service providers based outside of the country in which you are based.  Laws in those countries may differ from the laws applicable to your country of residence.  Where we transfer, store and process your Personal Information outside of the EEA or the UK we will ensure that the appropriate safeguards are in place to ensure an adequate level of protection such as through acceding to the Standard Contractual Clauses.  Further details regarding the relevant safeguards can be obtained from us on request.

12. CHANGES

Where required, we will update this Policy from time to time.  When we do so, we will make it available on this page and indicate the date of the latest revision.  Please check this page frequently to see any updates or changes to this Policy.

13. ABOUT US

If you have any questions, comments or concerns about our Privacy Policy, you may contact us by email at privacy@otter.ai attn: Privacy Officer or by mail to:

Otter.ai, Inc.
Attn: Privacy Officer
800 W El Camino Real,
Suite 170,
Mountain View, CA 94040

‍

APPENDIX

Otter.ai Data Privacy Framework Principles

Effective June 16, 2026

Otter.ai has created this Data Privacy Framework Principles Notice (“Notice”) to describe our standards and procedures for handling Personal Information in accordance with the Data Privacy Framework (“DPF”) Principles.

This Notice supplements our Policy.  Unless specifically defined in this Notice, the terms in this Notice have the same meaning as in our Policy.  In case of conflict between the Policy and this Notice, this Notice prevails.  In case of conflict between this Notice and the Principles, the Principles will govern.

How we obtain Personal Information

We obtain and Process Personal Information from the European Union (“EU”), United Kingdom (“UK”) (and Gibraltar), or Switzerland in different capacities:

• As a data controller, we collect and Process EU, UK and Swiss Personal Information directly from individuals, either via our publicly available website https://otter.ai, or through our mobile applications, or in connection with our customer relationships.
• Where we provide our Services in connection with an enterprise agreement, we may obtain and process EU, UK, and Swiss Personal Information on behalf of and at the instructions of our enterprise customers.  In that context, such customers are the data controllers and we encourage you to read their privacy policies.

Otter.ai commits to subject to the EU-U.S.  DPF Principles, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles (collectively, the “DPF Principles”), all Personal Information received from the EU, the UK (and Gibraltar), or Switzerland in reliance on the DPF Principles (which includes both types of activities).

Data Privacy Framework Principles

1. Notice. Our Policy in combination with this Notice describes our privacy practices.  When providing our Services as a Data Processor, our customers determine the categories of Personal Information we Process and the purposes of the processing.  Accordingly, our customers are responsible for providing notice to individuals.  Please see our customers’ privacy policies for more information.

2. Data Integrity and Purpose Limitation. Any Personal Information we receive may be processed by Otter.ai for the purposes indicated in our Policy or as otherwise notified to you.  We will not process Personal Information in a way that is incompatible with these purposes unless subsequently authorized by you.

We take reasonable steps to limit the collection and usage of Personal Information to that which is relevant for the purposes for which it was collected, and to ensure that such Personal Information is reliable, accurate, complete and current.  Individuals are encouraged to keep their Personal Information with Otter.ai up to date and may contact Otter.ai as indicated below or in the Policy to request that their Personal Information be updated or corrected.

We will adhere to the DPF Principles for as long as we retain the Personal Information collected under DPF Principles.

When providing our Services as a data processor, we process and retain Personal Information as necessary to provide our Services as permitted in our agreements, or as required or permitted under applicable law.

3. Accountability for Onward Transfer of Personal Information. Otter.ai may transfer Personal Information as described in the Policy.  When providing our Services as a data processor, we disclose Personal Information as provided in our agreement with customers.

We remain responsible for the processing of Personal Information received under the DPF Principles and subsequently transferred to a third party acting as an agent if the agent Processes such Personal Information in a manner inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage.

4. Security. Otter.ai takes reasonable and appropriate precautions, taking into account the risks involved in the Processing and the nature of the Personal Information, to help protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.

5. Access and Choice. If we intend to use your Personal Information for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized, or if we intend to disclose it to a third party acting as a Data Controller not previously identified, we will offer you the opportunity to opt out of such uses and/or disclosures where it involves non-sensitive information or opt in where sensitive information is involved.

Where appropriate, you have the right to access to the Personal Information we maintain about you and to correct, amend or delete that information when it is inaccurate or has been processed in violation of the DPF Principles by sending a written request as indicated in “Contact Us” below.  We will review your request in accordance with the DPF Principles, and may limit or deny access to Personal Information as permitted by the DPF Principles.

When providing our Services as a Data Processor, we only Process and disclose the Personal Information as specified in our agreements.  Our customers control how Personal Information is disclosed to us and Processed, and how it can be modified.  Accordingly, if you want to request access, or to limit use or disclosure of your Personal Information, please contact the company to whom you submitted your Personal Information and that uses our Services.  If you provide us with the name of the company to whom you provided your Personal Information and who is our customer, we will refer your request to that customer and support them in responding to your request.

6. Recourse, Enforcement and Liability. We conduct an annual self-assessment of our practices regarding Personal Information intended to verify that the assertions we make about our practices are true and that such practices have been implemented as represented.

If you have any questions or concerns, we encourage you to first write to us as indicated below.  We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the DPF Principles.

If an issue cannot be resolved through Otter.ai’s internal dispute resolution mechanism, you may submit a complaint to https://www.jamsadr.com/DPF-Dispute-Resolution, who serves as Otter.ai’s alternative dispute resolution provider, at no cost to you.

For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in the DPF Principles available here.

Otter.ai is subject to the investigatory and enforcement powers of the U.S.  Federal Trade Commission.

Changes to this Notice

This Notice may be amended consistent with the requirements of the DPF Principles.  When we update this Notice, we will also revise the “Last updated” date at the top of this document.  Any changes to this Notice will become effective when we post the revised version on our website.

Contact Us If you have any questions, concerns or complaints regarding our privacy practices, or if you’d like to exercise your choices or rights, you can contact us:

• via email at privacy@otter.ai (Attn: Privacy Officer)
• by mail to

Otter.ai, Inc.

Attn: Privacy Officer
800 W El Camino Real,
Suite 170,
Mountain View, CA 94040

To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/