GDPR
If you care about privacy, that is absolutely normal. This page explains what really happens with your data in simple words, based on the current code.
Short version: we keep account and usage data that is needed to run the product and billing, but we do not keep full raw recordings or full transcript text in the database.
Last reviewed: February 20, 2026
When you use managed transcription or text processing, your request goes through our managed processing service and then to the AI provider for processing. If you choose EU routing, the managed path is the EU deployment (europe-west3 / Frankfurt).
This is done to return your transcript or processed text. After processing, the app receives the result and continues your workflow.
We store account and product data: your user ID, email, selected service mode/region, plan/subscription status, and related payment IDs needed for billing.
We also store usage metrics like minutes, words, tokens, model/provider, region, and timestamps. This is used for limits, billing logic, and usage dashboard features.
We do not store raw dictation audio files in the database.
We do not store full transcript text bodies or full prompt-processing text bodies in database tables.
Most personal app configuration stays local: prompts, glossary, custom commands, settings, and local history. Optional local audio clips for history playback are also on your device and can be cleared.
API keys and auth session tokens are stored via secure OS storage when available.
For checkout handoff, we use a one-time pricing session code flow. The related pricing-session record is short-lived and marked as consumed after use.
This flow exists to avoid exposing long-lived auth data in public URL parameters.
You can clear local app data on your device. If you delete your account, cloud profile/subscription/settings/usage rows are deleted.
For anti-abuse protection, only aggregated archived usage can remain in hashed form so free-trial abuse can be limited.