Privacy isn't a feature tier or a marketing checkbox. It's a design constraint that shapes every decision we make — from the services we use to the data we choose not to collect.
These aren't aspirational. They're how we build and operate today.
The best way to protect data is to not have it. We store room configurations and admin email addresses. Calendar data is fetched in real-time and never persisted on our servers. We don't build user profiles, track behavior across sessions, or maintain shadow profiles on people who haven't signed up.
Every external service is a potential data leak. We are actively reducing our third-party dependencies — not adding them. We've removed Google Analytics, Hotjar, retargeting pixels, and external analytics hosting in favor of self-hosted and EU-hosted alternatives.
All data sharing and internal analytics from room displays can be toggled off in the admin portal. Diagnostic data is only used for troubleshooting when you contact support. We don't make privacy decisions for you — we give you the switches.
We think what a company chooses not to do says more than what it claims to do.
We do not sell, share, or provide your data to advertisers, data brokers, or any third party. Ever. Not anonymized, not aggregated, not in any form.
We do not embed tracking pixels in emails we send you. We don't track whether you opened an email, when you opened it, or what device you used.
We send a handful of emails a year, not one a week. No upsell campaigns, no re-engagement drips, no endless feature announcements. If you hear from us, it's either a critical service notification or something we genuinely think matters.
We don't run retargeting campaigns. We've removed Facebook Pixel, Google Ads conversion tracking, and all similar scripts. Visiting our website doesn't follow you around the internet.
We don't use canvas fingerprinting, device fingerprinting, or any technique designed to identify you beyond a standard session. We don't build behavioral profiles.
No guilt trips when you cancel. No hiding the unsubscribe button. No 14-step cancellation flows. Our pricing is public, and leaving is as simple as arriving.
Your calendar data, room configurations, and account information are never used to train machine learning models or AI systems. Your data is yours.
If you haven't signed up, we don't have a profile on you. We don't scrape, infer, or collect data about people who aren't our customers.
Most companies announce what they've added. We think it's more important to show what we've taken away.
| Service Removed | What It Did | Why We Removed It |
|---|---|---|
| Google Analytics | Website analytics | Replaced with EU-hosted PostHog. No data sent to Google. |
| Hotjar | Session recordings, heatmaps | Unnecessary surveillance of user behavior. Removed entirely. |
| Headway | Changelog widget | Third-party script loading on every page. Replaced with internal solution. |
| Cookiebot | Cookie consent management | Fewer tracking cookies means less need for a consent manager. |
| Facebook Pixel | Ad conversion tracking | We don't run retargeting campaigns. |
| Bing UET | Ad conversion tracking | Same reason. Removed all ad tracking scripts. |
| External ClickHouse | User analytics hosting | Moved to internal analytics infrastructure. Data stays in-house. |
| Sentry (most usage) | Error tracking | Reduced to minimal usage. Moving toward internal error logging. |
Most customers authenticate via OAuth 2.0 through Microsoft or Google — SSO by default, no separate password to manage. For customers who need a password (such as EWS-only deployments), authentication is handled by Google Firebase. We don't store or manage passwords ourselves.
When you delete your account, your data is actually deleted. Not soft-deleted, not archived, not retained for years. Configuration data is removed and calendar data was never stored in the first place.
We are moving log aggregation, error tracking, and monitoring to internal infrastructure to prevent data from passing through unnecessary third-party services. Fewer external services means fewer places your data could end up.
Room displays can share diagnostic data like online/offline status and occupancy for troubleshooting purposes. Every data-sharing feature has a toggle switch in the admin portal. Turn it off and we collect nothing.
We set only the cookies necessary for authentication and session management. We don't use tracking cookies, and we don't set third-party advertising cookies.
As of this page's last update, Meeting Room 365 has never received a government request for customer data, a national security letter, or a gag order.
Single sign-on through Microsoft or Google is included for all customers. We don't charge extra for the security feature your IT team requires.
Our pricing is on the website. No sales calls required, no "contact us for enterprise pricing." You can evaluate and purchase without talking to anyone.
Cancel from the admin portal. No retention calls, no emails asking you to reconsider, no countdown timers. Your subscription, your choice.