Privacy

Privacy Policy

SuperSales

Effective date: January 7, 2026Last updated: June 8, 2026
Authoritative language: English

This Privacy Policy explains how SuperSales, operated by SAAS IA SM, processes personal data in connection with the SuperSales platform and services (the "Services").

This Privacy Policy applies exclusively to business users (B2B) and must be read together with the Terms of Service.

1. Data Controller vs Data Processor

1.1 Roles

For the purposes of applicable data protection laws, including the EU General Data Protection Regulation (GDPR):

Customer

Data Controller

SuperSales (SAAS IA SM)

Data Processor

SuperSales processes personal data solely on behalf of and under the instructions of the Customer.

2. Who We Are

SAAS IA SM

Commercial Registration No.: 4422325.01

Mittlestrasse 20

2502 Biel, Switzerland

📩Contact (privacy & legal): info@supersales.dev

3. Categories of Data Processed

SuperSales does not collect data from individuals in a consumer capacity.

The Services may process, on behalf of Customers, the following categories of data:

3.1 Sales Call Data (Provided by Customers)

  • Audio recordings of sales calls
  • Transcriptions of sales calls
  • Associated metadata (date, duration, speaker roles)

⚠️These recordings and transcriptions are provided by Customers, often via third-party tools. SuperSales does not initiate or control recording.

3.2 Analytical Data

  • AI-generated scores
  • Coaching insights
  • Performance indicators
  • Session-level analytical summaries

3.3 Account & Administrative Data

  • Business contact information (name, business email, role)
  • Account identifiers
  • Billing and subscription metadata (via Stripe)

4. Data We Do Not Intentionally Process

SuperSales does not intentionally process:

  • Sensitive personal data (as defined by GDPR Article 9)
  • Health data
  • Biometric identifiers
  • Financial or banking data of call participants

If such data is included in Content by the Customer, it is processed solely at the Customer's responsibility.

5. Purpose of Processing

SuperSales processes personal data only for the following purposes:

  • Providing AI-driven sales analysis and coaching insights
  • Generating informational scores and recommendations
  • Maintaining platform security and integrity
  • Providing customer support
  • Managing subscriptions and billing

SuperSales does not use personal data for advertising, profiling individuals, or automated decision-making.

6. Legal Basis for Processing

As a Data Processor, SuperSales relies on the Customer's determination of the appropriate legal basis, which may include:

  • Consent obtained by the Customer
  • Performance of a contract
  • Legitimate interests pursued by the Customer

SuperSales does not independently determine or validate the legal basis for recording or processing call data.

7. Data Retention Policy (Strict)

SuperSales follows a data minimization approach.

7.1 Transcripts & Audio

  • ✓ Audio recordings and transcripts are not stored by SuperSales
  • ✓ They are processed transiently for analysis purposes only
  • ✓ They are deleted immediately after processing

7.2 Analytical Outputs

  • AI-generated analyses and session insights are retained only while the Customer account remains active
  • Upon account termination, all retained analytical data is deleted without delay

8. Data Subject Rights

As SuperSales acts as a Data Processor, requests from data subjects (e.g. sales call participants) must be handled by the Customer as Data Controller.

SuperSales will assist Customers, where legally required, in responding to requests relating to:

Access

Rectification

Erasure

Restriction

Data portability

Requests from Customers

Customers may request:

  • Deletion of retained analytical data
  • Export of available analytical outputs

📩Requests must be sent to info@supersales.dev

Response SLA: within 30 days

9. International Data Transfers

SuperSales operates from Switzerland and may process data outside the Customer's country of establishment.

Where required by applicable law, appropriate safeguards are implemented to ensure adequate protection of personal data.

Where required by applicable data protection laws, appropriate contractual safeguards are implemented to ensure an adequate level of protection for personal data transferred outside the European Economic Area.

10. Security Measures

SuperSales implements appropriate technical and organizational measures designed to protect personal data against:

  • Unauthorized access
  • Accidental loss
  • Destruction or alteration

No system is completely secure; however, SuperSales follows industry-standard security practices proportionate to the nature of the data processed.

11. Subprocessors and Data Sharing

SuperSales does not sell personal data and does not share, transfer, or disclose data — including any data obtained through Google APIs — except as described in this section.

To deliver the Services, SuperSales relies on the following subprocessors and service providers. Each of them processes data only on SuperSales' documented instructions and is contractually bound by confidentiality and data-protection obligations:

RecipientPurposeRegion
ClerkAuthentication & identity managementUSA
MongoDB AtlasAccount & calendar database hostingEU
VercelApplication hosting & content deliveryUSA / EU
Amazon Web Services (AWS)Cloud storage of meeting recordingsEU (Stockholm)
StripeSubscription billing & paymentsUSA / EU
InngestBackground job processing (orchestration of analysis)USA
TinybirdAnalytics data processing & storageEU
AI AnalysisAI processing of call content (transcripts) to generate analysis and coaching insights
Meeting recording & transcription providerJoins meetings (when the Customer enables automatic recording) to capture recordings and transcriptsEU

In addition, SuperSales may disclose data: (a) where required by applicable law, regulation, court order, or a valid governmental request; (b) to establish, exercise, or defend legal claims; and (c) to a successor entity in connection with a merger, acquisition, or sale of assets, in which case the data remains subject to this Privacy Policy.

Data obtained through Google APIs is never sold, never used for advertising, and never used to train generalized AI or machine-learning models. An up-to-date list of subprocessors is available on request at info@supersales.dev.

12. Google User Data (Google API Services)

Where a Customer chooses to connect a Google account, SuperSales accesses a limited set of Google user data through the Google API Services, strictly to provide the calendar-based meeting features of the Services.

12.1 Scopes Requested

  • .../auth/calendar.readonly — read calendar metadata to identify upcoming meetings
  • .../auth/calendar.events.readonly — read event details (title, time, attendees, meeting link)
  • .../auth/userinfo.email — identify the connected Google account by email address

12.2 Google User Data Accessed

  • Calendar event details: title, start/end time, location, description
  • Attendee information: names and email addresses
  • Online meeting links (e.g. Google Meet)
  • The connected Google account's email address

12.3 How Google User Data Is Used

  • To detect relevant sales meetings on the connected calendar
  • Where the Customer enables automatic recording, to schedule a notetaking assistant to join the meeting and capture a recording/transcript
  • To associate analyses with the correct meeting and participants

12.4 With Whom Google User Data Is Shared

Google user data is shared only with the subprocessors listed in Section 11, and only as necessary to provide the Services:

  • Stored using our hosting, database, and cloud-storage providers (Vercel, MongoDB Atlas, Amazon Web Services)
  • When automatic recording is enabled by the Customer, the meeting link is shared with our meeting recording & transcription provider solely so the notetaking assistant can join the meeting

Google Calendar data is used solely to identify and connect to the Customer's meetings. It is not used for the AI analysis (which operates on the call recording/transcript, not on Google data), not shared with any other third party, not sold, not used for advertising, and not used to train AI or machine-learning models.

12.5 Limited Use Disclosure

SuperSales' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

12.6 Revocation

A Customer may disconnect Google access at any time from within the Services or via their Google Account permissions. Upon disconnection, SuperSales stops accessing Google user data and deletes stored calendar data associated with that connection.

13. No Automated Decision-Making

SuperSales does not perform automated decision-making within the meaning of GDPR Article 22.

All AI Outputs are informational only and require human interpretation and validation.

14. Updates to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect legal, regulatory, or operational changes.

Material changes will be communicated through the Services or by email.

15. Contact

For privacy-related questions or requests:

📩info@supersales.dev