Legal
Privacy Policy
Last updated: April 2026
1. Overview
OKtoMeet (“we”, “us”) respects your privacy. This Privacy Policy explains how we collect, use, and share information when you use our beta networking service for professionals & business travelers.
2. Information we collect
We may collect:
- Account and profile: name, email, job title, company, bio, photo, and other fields you add to your profile.
- LinkedIn: if you connect LinkedIn, we receive and store information from your LinkedIn account as permitted by LinkedIn’s terms and your settings, including your name, profile photo, and LinkedIn profile URL (or equivalent public identifier). We use this to verify your professional identity and to show it to other members as described in our Terms of Service and in the product (for example, on your profile and in discovery).
- Location and travel: approximate location, city, or trip details you provide or approve (for example, to show overlap with other travelers).
- Messages and connections: content you send through in-app messaging and connection requests. In-app messages are not end-to-end encrypted; they are stored and processed on our systems (and through providers we use) so we can deliver the coordination inbox between connections. Do not use in-app chat for information that requires a dedicated secure or clinical channel.
- Events: if you create, browse, or RSVP to events in the product, we collect related information (for example, event details, attendance, and communications we host as part of the Service).
- Authentication data: credentials and security-related data such as session tokens, one-time codes, and, where you enable them, passkeys or other Web Authentication credentials (public keys and related metadata)—not your raw biometric data, which remains on your device where applicable.
- Device and usage: device type, browser, IP address, approximate location derived from IP, and product usage (for example, feature usage and crash diagnostics).
- Analytics and session replay (optional): if you turn on Analytics & performance in our Cookie notice (which updates Google Consent Mode
analytics_storagefor your browser), we may allow Microsoft Clarity—typically loaded through Google Tag Manager—to collect interaction data. That can include session replay (for example recordings of mouse movements, taps, scrolls, and on-screen content during your visit) to help us understand usability and fix issues. Clarity does not run for your session until that consent is granted. If you withdraw analytics consent later, new recordings do not start from that choice forward. Microsoft's role and retention are described in Microsoft's Clarity FAQ. - Communications: messages you send us (support, feedback).
- OKtoMeet Pro and waitlist: if you join a waitlist or express interest in Pro, we collect the information you submit (for example, email and optional details) and related identifiers (such as a waitlist number or tier snapshot) to operate the waitlist and, when available, subscription or billing as described at checkout.
- Referral links and the City Ambassador Program: if you arrive through an ambassador referral link, we collect click data (timestamp, referral identifier, IP address, user-agent, country derived from IP), and may set a first-party attribution cookie (up to sixty (60) days) as described in our Cookie notice. If you sign up, we process your account identifier, verified email domain, stated company and title, LinkedIn URL (if provided), and assigned tier and approval status for attribution and program integrity.
3. How we use information
We use information to:
- Provide, secure, and improve the Service (including beta testing).
- Show your profile and LinkedIn-derived fields to other members as described in our Terms and in-product settings.
- Operate location and travel features, messaging, connections, and events you choose to use.
- Authenticate you and protect accounts (including passkeys and fraud prevention where applicable).
- Communicate with you about the product, security, and legal notices.
- Operate waitlists and, when offered, Pro subscriptions and related billing in accordance with our Terms and checkout disclosures.
- Measure how the Service is used and improve usability—including, when you consent to analytics, session replay through Microsoft Clarity as described in Section 2 and our Cookie notice.
- Comply with law and enforce our terms.
- Operate referral attribution and the City Ambassador Program, including fraud prevention and commission accounting with our affiliate platform and payout providers.
Legal bases (where applicable): For users in the EU / UK / EEA, we rely on legitimate interests for fraud prevention and program integrity, and on consent (via our cookie banner) for non-essential attribution cookies before they are set. For California residents, this processing may constitute "sharing" or "sale" of personal information only to the extent needed to operate the affiliate platform; you may opt out via "Do Not Sell or Share My Personal Information" where provided. In India, Singapore, UAE, Canada, and Brazil, we process as permitted by contract and applicable law, with consent for non-essential cookies where required.
4. How we share information
We may share information:
- With other members as needed to operate the Service (for example, profile details, LinkedIn fields you authorize us to display, and messages you send).
- With service providers who help us host, secure, analyze, or operate the product (for example, cloud infrastructure, authentication, email delivery, analytics, and payment processing when Pro is offered). They are bound by contractual obligations appropriate to the processing. Where you consent to analytics, Microsoft (Clarity) may receive interaction and replay-related data as described in our Cookie notice.
- With LinkedIn only as needed for OAuth/connection and as described in LinkedIn’s terms and your LinkedIn settings.
- For legal reasons if we believe disclosure is required by law, to protect rights and safety, or to enforce our agreements.
- In a business transfer (for example, merger or acquisition), subject to appropriate safeguards.
- Affiliate and payout providers for the City Ambassador Program — for example Tolt (referral attribution and commission management), Stripe Connect and Wise Business (ambassador payouts in eligible regions). Categories may include hashed identifiers, click metadata, IP address, signup timestamps, ambassador identifiers, tier, country, and payout-related details. See our Sub-processors page for a summary.
We do not sell your personal information for money. Where “sale” or “sharing” has specific meanings under applicable privacy laws, we describe your choices below.
5. Retention
We retain information as long as your account is active and as needed to provide the Service, comply with law, resolve disputes, and enforce our agreements. Beta data may be deleted or migrated as the product evolves; we will give reasonable notice when practicable.
Referral and ambassador data: click and attribution records are retained for up to twenty-four (24) months from the click event, after which we anonymize or aggregate where feasible (for example, removing cookie identifiers and IP addresses). Commission and payout records may be retained for up to seven (7) years for tax and audit purposes.
Security-related data (such as passkey public keys and audit logs) may be retained for account recovery and fraud prevention for a period consistent with our security practices and legal obligations.
6. Your choices
You may update profile fields, disconnect LinkedIn where the product allows, manage cookies through your browser, and opt out of certain communications. You may also use Cookie settings in the site footer to turn off Analytics & performance, which stops new Microsoft Clarity session replay from starting for your browser (see our Cookie notice). Where applicable law grants rights (access, correction, deletion, portability, or objection), you may exercise them by contacting us as described below. We may need to verify your request.
You may contact us at [email protected] for privacy requests. If you are in the EU or UK, you may lodge a complaint with your supervisory authority.
7. Security
We use administrative, technical, and organizational measures designed to protect information. No method of transmission or storage is 100% secure. Passkeys and similar factors reduce phishing risk compared to passwords alone, but you should still protect your devices and recovery methods.
8. International users
We may process and store information in Canada, the United States, and other countries where we or our service providers operate. By using the Service, you understand that your information may be transferred to countries with different data protection laws.
9. Children
The Service is not directed at individuals under 18. We do not knowingly collect personal information from anyone under 18. If you believe we have, contact us and we will take appropriate steps to delete it.
The City Ambassador Program and referral attribution are not directed at minors. We do not knowingly process referral data for users under 18, and ambassadors are prohibited from referring individuals known to be ineligible (including minors).
10. Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated policy and revise the “Last updated” date when we do. Material changes may be communicated through the product or by email where appropriate.
11. Contact
For privacy questions or requests, use the channels provided in the product or contact us at the administrative email on file for your workspace.