Session Monster

Sign in
Home

Legal

Privacy Policy

Last updated: February 10, 2026

Session Monster ("we," "us," or "our") is operated by Chris Meisner LLC. This Privacy Policy describes how we collect, use, share, retain, and otherwise process personal information when you use our platform at sessionmonster.com and related services.

1. Information We Collect

Account information: Name, email address, profile picture, and authentication credentials when you sign up or sign in via Google.

Subscriber contact details: Email addresses, names, and optional phone numbers collected when subscribers join a series.

Billing identifiers: Stripe account IDs, subscription IDs, and price IDs. We do not store raw payment card numbers.

Zoom integration data: When you connect your Zoom account, we collect your Zoom user ID, display name, and email address via the Zoom API. We store OAuth access and refresh tokens encrypted using AES-256 encryption. We use Zoom's API to create meetings on your behalf; meeting join URLs and meeting IDs are stored in our database.

Device and log data: IP addresses, browser type, operating system, referring URLs, and timestamps collected automatically when you interact with the service.

Support communications: Messages and metadata from emails or support requests you send us.

2. How We Use Information

  • Provide, operate, and improve the service
  • Process subscriptions and send transactional emails (reminders, join links, billing notices)
  • Create and manage Zoom meetings on your behalf when you connect your Zoom account
  • Display your connected Zoom account information in your dashboard
  • Protect against fraud, abuse, and unauthorized access
  • Comply with legal obligations
  • Communicate with you about updates, changes, or support inquiries

3. Sharing & Service Providers

We share data with vendors that help operate the platform. These partners act on our behalf and are contractually required to protect the data:

  • Stripe for payment processing
  • Zoom for video meeting creation and management
  • Mailgun for transactional email delivery
  • Hosting providers for infrastructure and data storage
  • Analytics tools for understanding usage patterns

We never sell personal information to third parties.

4. Data from Third-Party Integrations

Zoom: When you authorize the Zoom integration, we access your Zoom account to create meetings and retrieve your user profile. Specifically:

  • OAuth access and refresh tokens are stored encrypted (AES-256) in our database
  • Your Zoom user ID is stored in plain text to associate meetings with your account
  • Meeting join URLs and meeting IDs are stored in plain text so subscribers can access sessions
  • Your Zoom display name and email are retrieved on-demand for UI display and are not permanently stored

You can disconnect your Zoom account at any time from your dashboard. When you disconnect, all stored Zoom tokens and account identifiers are permanently deleted from our database.

5. Security & Retention

Data is encrypted in transit (TLS) and sensitive credentials are encrypted at rest (AES-256). We retain personal information for as long as your account remains active or as required for legal and compliance purposes, after which it is deleted or anonymized.

Zoom OAuth tokens are retained only while your Zoom connection is active and are immediately deleted upon disconnection.

6. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request that we correct inaccurate or incomplete data
  • Deletion: Request that we delete your personal data
  • Portability: Request a machine-readable copy of your data
  • Objection: Object to certain types of data processing
  • Restriction: Request that we limit how we use your data
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at privacy@sessionmonster.com. We will respond within 30 days.

Additionally, you can take the following actions directly:

  • Disconnect Zoom or Stripe from your dashboard at any time
  • Delete series and subscriber data from your dashboard
  • Unsubscribe from emails via the link in any email
  • Request full account deletion by contacting support

7. International Transfers

If you access the service from outside the United States, information may be processed in the United States or other countries that may not have the same data protection laws as your jurisdiction. By using the service, you consent to the transfer of your data to these countries.

8. Children's Privacy

Session Monster is not directed at children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Continued use of the service after changes become effective constitutes acceptance of the revised policy.

10. Contact

Privacy questions, data subject requests, or complaints can be sent to:

Chris Meisner LLC
Email: privacy@sessionmonster.com