Effective Date: 2025-04-22
Welcome to MeetVista, a product operated by Borgware AB (“MeetVista”, “we”, “our”, or “us”). Your privacy is important to us, and this Privacy Policy describes how we collect, use, share, and protect your personal information when you use MeetVista. By accessing or using MeetVista, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of our Service.
1. Information We Collect
When you use MeetVista, we collect various types of information to provide, maintain, and enhance our services. This includes personal information such as your name, email address, and company name, typically provided during account registration or profile customization. You may also upload a profile image or other optional information.
We collect the content you create and interact with on the whiteboard, including boards, sticky notes, notes, tasks, comments, and associated metadata like timestamps and change history. We automatically collect technical data including IP address, browser and device details, and usage statistics. These help us troubleshoot issues, improve functionality, and understand how our platform is used.
If you connect third-party services like monday.com, we collect data relevant to that integration—such as linked boards, issues, or account metadata—only after your explicit authorization.
When you connect your monday.com account to MeetVista, we access only the minimum necessary data through monday.com’s API to enable core features of the app. This may include:
- Board and item metadata (board names, item IDs, group names)
- Column values (e.g., status, date, or text fields relevant to your workflow)
- User profile information (e.g., name, email, role)
We access this information only after you authorize the integration. The data is processed solely to provide functionality within MeetVista and is never used for advertising or sold to third parties.
We do not persist any monday.com data unless necessary for the specific features you’ve activated, and any stored data is deleted upon disconnection or upon request.
You can revoke access to MeetVista at any time via the monday.com admin panel, and request deletion of any associated data by contacting us at privacy@meetvista.io.
2. How We Collect Information
We collect information when you sign up, create or modify content, connect integrations, or contact support. We also use cookies and similar technologies to track usage behavior and gather analytics. Information is gathered directly from user input (e.g., through sign-up forms or in-app actions), and automatically through system logging, cookies, and analytics tools. If you choose to connect to third-party platforms like monday.com, we collect information from those integrations, with your explicit consent. If you contact us via support forms, surveys, or feedback tools, we may store the contents of those communications for future reference and quality improvement.
3. How We Use Information
The information we collect allows us to deliver and operate MeetVista. We use your information to provide user support, deliver service updates, and personalize your experience based on usage patterns.
We also process your data to maintain system integrity, detect and respond to abuse, and comply with our legal obligations. With your consent, we may send you occasional updates, onboarding guides, or promotional messages. You may unsubscribe from such communications at any time.
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process personal data under the following legal bases: with your consent (for marketing communications or optional integrations); as necessary to fulfill our contract with you (i.e., to provide the core functionality of MeetVista); to comply with legal obligations; and in our legitimate interests to improve the Service and secure user data.
5. Sharing and Disclosure of Information
We do not sell your personal data. We may share your information with trusted service providers who support us in operating the platform. This includes providers of hosting, analytics, customer support, and infrastructure services. If you integrate with monday.com or other platforms, we may share relevant data with those services in accordance with the permissions you grant.
For monday.com users, payments are handled directly by monday.com. In the case of other integrations or standalone use, payments may be processed through Stripe. We only share billing-related data with payment providers as necessary to complete transactions.
We may disclose your information if required by law, in response to valid legal requests, or to protect our rights and those of our users. In the event of a merger, acquisition, or sale of all or part of our business, your data may be transferred as part of the transaction, with appropriate notice provided.
6. Cookies and Tracking Technologies
MeetVista uses cookies and similar tracking technologies to ensure a secure, smooth, and personalized user experience. These technologies help us manage sessions, remember user preferences, and analyze interactions with the platform. Some cookies are essential to the operation of the Service, while others help us understand performance or user behavior. We use HttpOnly and Secure cookies where applicable to protect session data. No authentication tokens are stored in non-HttpOnly cookies. Tracking cookies, where used, require user consent and are disclosed in our cookie banner and this Privacy Policy.
You can manage your cookie settings through your browser, although disabling certain cookies may affect your ability to use some features of MeetVista.
7. Data Retention
We retain your personal data for as long as your account is active or as needed to provide you with the Service. When an account or whiteboard is deleted, the associated data is removed from active systems, and backups are retained for a period of 30 days. After this period, the data is permanently deleted from our infrastructure. Log files containing system activity and diagnostic data are also retained for 30 days.
If you wish to permanently delete your personal data, you can contact us and we will process your request in accordance with applicable data protection laws.
We maintain internal logs of system activity, authentication events, and error traces for the purposes of security, auditing, and performance monitoring. These logs do not contain sensitive personal information and are retained for no more than 30 days unless required for security or compliance investigations.
When a user deactivates or uninstalls the MeetVista app from monday.com, all associated data (including tokens, identifiers, and stored monday.com content) is permanently deleted from our systems within 10 days, unless otherwise required by law or unless the user has explicitly consented to longer retention.
8. Data Security
We take data security seriously and use industry-standard measures to protect your personal information. All data is encrypted in transit using HTTPS and encrypted at rest on our servers. Access to personal data is strictly controlled and monitored to prevent unauthorized access, misuse, or disclosure.
All sensitive credentials, including API tokens and monday.com access tokens, are stored in encrypted form using industry-standard encryption (AES-256). Tokens are never stored in source code or public repositories. We utilize secure environment variables and encrypted storage to manage secrets safely.
All user-provided data is sanitized and validated both client-side and server-side. We encode HTML and use strict content-type enforcement to prevent injection attacks, including SQL injection and XSS. We regularly test the app against common web vulnerabilities using automated security tools and peer reviews.
While we strive to implement best-in-class security practices, no system is entirely immune to risk. We encourage you to use strong passwords and notify us immediately of any suspicious activity.
9. Your Rights Under GDPR
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights regarding your personal data:
- Access: You can request a copy of the personal data we hold about you.
- Correction: You can request correction of inaccurate or incomplete data.
- Erasure: You can ask us to delete your data, including after uninstalling the app.
- Portability: You may request your data in a structured, commonly used format.
- Restriction/Objection: You can ask us to restrict or stop processing under certain conditions.
- Withdraw Consent: If we rely on your consent to process your data, you can withdraw it at any time.
To exercise these rights, please contact us at privacy@meetvista.io. We will respond within 30 days or as otherwise required by law.
We may need to verify your identity before fulfilling certain requests to protect your data from unauthorized access.
You also have the right to file a complaint with your local data protection authority if you believe your data has been processed in violation of applicable laws.
10. Your Rights Under the California Consumer Privacy Act (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These include:
- Right to Know: You can request information about the personal data we collect, use, disclose, or share about you.
- Right to Access: You may request a copy of the specific pieces of personal data we have collected about you.
- Right to Deletion: You may request that we delete your personal data, subject to certain legal exceptions.
- Right to Correction: You may request that we correct inaccurate personal information.
- Right to Opt Out of Sale or Sharing: We do not sell your personal data, but we may use tracking technologies for analytics or advertising purposes. You may opt out of this type of sharing via our cookie settings.
- Right to Non-Discrimination: We will never discriminate against you for exercising your privacy rights.
You may make a request by emailing us at privacy@meetvista.io. To protect your information, we may need to verify your identity before processing your request. If you use an authorized agent to submit a request, we may require proof of your agent’s authority.
We will respond within the timeframes required by law, typically within 45 days. If we require more time, we will notify you with an explanation.
For more information about how we collect and use personal data, please see Sections 1 through 5 of this Privacy Policy.
11. Third-Party Services
MeetVista relies on trusted third-party services to support key functionality. Any data shared with these services is governed by their respective privacy policies.
These providers are contractually bound to implement adequate technical and organizational safeguards to protect your data, and we carefully vet them for compliance with data protection laws.
You can contact us at privacy@meetvista.io to request more details about our subprocessors or to receive notifications of changes to this list.
The following third-party domains or services are used by MeetVista:
• *.amazonaws.com (hosting and infrastructure via AWS)
• *.stripe.com (payment processing for non-Monday users)
• *.sentry.io (error tracking)
• *.google-analytics.com (usage analytics)
12. Children’s Privacy
Our Service is not intended for children under the age of 13, or under 16 in jurisdictions where that is the minimum age for data consent. We do not knowingly collect personal data from children. If we become aware that a child has submitted personal information, we will take steps to delete it promptly. Parents or guardians who believe their child has provided us with personal data should contact us immediately.
13. International Data Transfers
Your personal data may be transferred to and processed in countries outside of your jurisdiction, including countries that may not offer the same level of data protection as your home country.
Where we transfer personal data outside the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, we ensure appropriate safeguards are in place to protect your data. These may include:
- Standard Contractual Clauses (SCCs) approved by the European Commission or UK authorities,
- Data Privacy Framework (DPF) certification (if applicable), or
- Other lawful mechanisms recognized under applicable data protection laws.
These measures are designed to ensure that your personal information remains protected and that your rights are upheld, regardless of where your data is processed.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in technology, legal requirements, or our operations. When we make material changes, we will notify you via email or by displaying a notice within the service. The effective date at the top of this page indicates when this policy was last revised.
We encourage you to review this policy periodically to stay informed about how we are protecting your information.
15. Contact Us
If you have any questions or concerns about this Privacy Policy, or if you wish to exercise your data rights under GDPR or CCPA, you can contact us at:
Email: privacy@meetvista.io