Privacy Policy

• To provide, operate, and maintain the Service and your account
• To authenticate you securely via Google Sign-In
• To perform speech transcription as directed by you
• To improve the accuracy of our speech models — only where you have provided explicit consent for your audio and transcription data to be used for this purpose
• To track and enforce monthly usage quotas and calculate overage charges
• To process subscription payments and send transactional notifications
• To respond to support requests and inquiries
• To detect and prevent fraud, abuse, and security incidents
• To analyze aggregated, anonymous website usage and improve the Service
• To comply with applicable legal obligations

We do not sell your personal information or use it for advertising targeting.

We work with the following categories of third-party service providers. Each processes data under their own privacy policies:

• Authentication — Firebase (Google LLC): manages user sign-in via Google accounts. See Google Privacy Policy.
• Speech processing service: processes audio recordings to generate transcriptions. Audio is transmitted over encrypted connections. The service does not use your audio to train models for other customers and retains audio only as necessary to complete the transcription job.
• Payment — Lemon Squeezy (Merchant of Record): handles all subscription billing, tax collection, and payment data. See Lemon Squeezy Privacy Policy.
• Cloud infrastructure provider: hosts our API, database, and file storage in secure, access-controlled environments.
• Push notification service: delivers job-completion and usage-alert notifications to your device.
• Web analytics — Google Analytics (Google LLC): collects anonymized website usage statistics. See Section 1.6.

We do not use advertising networks or data brokers.

We do not sell, rent, lease, or otherwise share your personal information with third parties for their own commercial purposes, including advertising or marketing.

• Account data (email, display name, Firebase UID): retained for the duration of your account. Deleted within 30 days of account deletion request, except where required by law.
• Audio and transcription data (with consent): retained until you delete it in-app or request account deletion.
• Audio and transcription data (without consent): audio is deleted promptly upon completion of the transcription job, typically within minutes. Transcription text is retained in your account until you delete it in-app or request account deletion, but is not used for training.
• Usage and quota data: retained for 13 months for billing reconciliation and dispute resolution, then deleted.
• Device information: retained for the duration of your account and deleted upon account deletion.
• Analytics data: Google Analytics retains user-level data for up to 14 months by default. No personally-identifying analytics records are retained by us.
• Server logs: retained for up to 90 days then deleted.

Depending on your location, you may have some or all of the following rights regarding personal data we hold about you:

• Access — request a copy of your personal data
• Correction — request correction of inaccurate data
• Deletion — request deletion of your account and associated data
• Restriction — request that we limit how we process your data
• Objection — object to processing based on legitimate interests
• Portability — request a machine-readable copy of data you provided
• Withdraw AI training consent — you may withdraw consent for your audio to be used for model training at any time by deleting your recordings in-app or contacting us. Withdrawal does not affect data already processed prior to your request.

You may delete individual recordings directly within the application at any time. To exercise other rights or request full account deletion, contact us at [email protected]. We will respond within 30 days.

We implement industry-standard technical and organizational measures to protect your information, including TLS encryption for all data in transit and access-controlled storage for data at rest. Authentication is handled by Firebase, which maintains its own security certifications.

No method of transmission over the internet is completely secure. If you suspect unauthorized access to your account, contact us immediately at [email protected].

In the event of a personal data breach that is likely to result in a risk to your rights or freedoms, we will notify affected users and, where required, the competent supervisory authority, within the timeframe required by applicable law. Notification will be provided via email or by a prominent notice on our website.

The Service is not directed to children under the age of 13 (or the applicable minimum age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has registered an account, please notify us at [email protected] and we will delete the account promptly.

The Service is operated from Taiwan. Your data may be transferred to and processed in Taiwan or in the countries where our third-party service providers (including Google LLC and Lemon Squeezy in the United States) operate their infrastructure. These providers maintain appropriate security certifications and adhere to standard mechanisms for cross-border data transfers where required by applicable law.

This Privacy Policy is governed by the laws of the Republic of China (Taiwan). Any dispute arising from this Policy shall be submitted to the exclusive jurisdiction of the courts located in Taipei, Taiwan.

We may update this Privacy Policy from time to time. When we make material changes — particularly changes that affect how we use your audio data or expand data sharing with third parties — we will notify you by email and update the "Last updated" date above at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.

Questions, concerns, or requests regarding this Privacy Policy: