Privacy Policy

AI Data Sharing & Consent

MindVoice sends your data to third-party AI services for processing. On first launch, the app presents a consent screen that explains:

• What data is sent: Transcribed text (for categorization, formatting, and summaries). Premium/trial users may also send audio recordings for cloud transcription.
• Who receives your data: Third-party AI services including Anthropic, Cerebras, Groq, and ElevenLabs, routed through our secure Cloudflare Workers proxy.
• How it is protected: All data is transmitted over encrypted HTTPS/TLS connections and is processed in real time — it is never permanently stored on any third-party server.

You must agree to this data sharing before using the app. You can reduce cloud data sharing by switching to on-device transcription in Settings.

1. Who We Are

MindVoice is developed by Forward Alpha, LLC ("we", "our", "us"). This privacy policy explains how we handle your data when you use the MindVoice application.

2. What Data We Collect

Free Tier

When using MindVoice's free tier:

• Voice recordings are transcribed locally on your device using WhisperKit (iOS) or whisper.cpp (Android)
• Transcribed text is sent to cloud AI services (Anthropic) for categorization. This happens automatically after each recording
• Text formatting uses on-device AI (Apple Intelligence on iOS) when available
• Free users receive a limited number of cloud AI summary calls per day (2/day)
• Audio recordings are never uploaded to any server on the free tier
• On Android, free-tier users also receive limited cloud transcription calls per day

Premium Tier

When you subscribe to Premium ($4.99/month or $49.99/year), the following data is sent to cloud services for processing:

• Audio recordings — sent to our Cloudflare Worker proxy, which forwards them to transcription providers (ElevenLabs for real-time streaming, Groq for batch uploads) for conversion to text. Audio is processed transiently and never stored on any server.
• Transcribed text — sent to AI services (Anthropic Claude or Groq) for categorization and summary generation. Text is processed and immediately discarded.
• iCloud sync (iOS) — your entries sync across devices via Apple's private CloudKit database. This is managed entirely by Apple and governed by Apple's Privacy Policy.
• Firebase Firestore sync (Android) — your entries and daily summaries sync to Google's Firebase Firestore under your Google account. Data is stored in a private, per-user collection. See the Android-specific section below for details.

All cloud-processed data is:

• Transmitted over encrypted connections (HTTPS/TLS)
• Processed in real-time and not permanently stored on our servers or by our providers
• Used solely for providing the transcription and summarization service
• Never sold, shared with advertisers, or used for any other purpose

Free Trial

New users receive a free trial with full Premium access (7 days standard, up to 30 days for early adopters). During the trial, audio and text are processed the same way as Premium. Trial status is tracked on our server using your device identifier — no personal information is collected.

Device Identifier

iOS: We generate a random UUID on first app launch, stored on your device. This identifier is used for:

• Authenticating requests to our cloud services (via HMAC-signed device tokens)
• Tracking trial status and eligibility
• Rate limiting to prevent abuse

This identifier is not linked to your personal identity, Apple ID, or hardware. It can be reset by reinstalling the app.

Android: We use the Android ID (a system-provided device identifier) for trial tracking and rate limiting. The Android ID is unique per app signing key and user — it is not a hardware serial number and resets on factory reset. It is not linked to your Google account or personal identity.

Android-Specific Data Practices

The Android version of MindVoice uses the following additional services:

• Google Sign-In & Firebase Authentication — Used to authenticate you for cloud sync. We receive your email address and a unique user ID (UID) from Google. We do not access or store your profile photo, contacts, or any other Google account data. Your email is used solely to identify your sync account.
• Firebase Firestore — Stores your voice entries and daily summaries in a private, per-user document collection for cross-device sync. Data is encrypted in transit and at rest by Google. Only you can access your data through your authenticated Google account. (Firebase Privacy)
• Google Play Billing — Subscription payments on Android are processed entirely by Google Play. We never receive, process, or store your payment details. (Google Privacy Policy)
• Audio processing — Same as iOS Premium: audio is sent to our Cloudflare Worker proxy for transcription, processed transiently, and never stored on any server.

What We Never Collect

• Your name, email address, or phone number (iOS); on Android, only the email associated with Google Sign-In is received for sync purposes
• Location data
• Contacts or photos
• Browsing history or app usage patterns
• Advertising identifiers
• Hardware identifiers (serial number, UDID, etc.)

3. Third-Party Services

Premium features use the following services for processing. Data sent to these services is used only to fulfill your request and is not retained:

• ElevenLabs — Real-time speech-to-text transcription via WebSocket. Audio is processed in real time and not stored. (Privacy Policy)
• Groq — Batch transcription fallback and AI processing fallback. (Privacy Policy)
• Anthropic (Claude) — AI categorization and daily summaries. (Privacy Policy)
• Cloudflare — Proxy infrastructure and trial data storage (KV). (Privacy Policy)
• Apple (iCloud/CloudKit) — Entry sync across devices for iOS Premium subscribers. (Privacy Policy)
• Google (Firebase Authentication, Firestore) — User authentication and entry sync for Android subscribers. (Firebase Privacy)
• Google Play Billing — Subscription management on Android. (Privacy Policy)

4. Data Storage

iOS: All voice entries, transcriptions, categories, and summaries are stored locally on your device using Apple's SwiftData framework. Audio recordings (WAV files) are stored locally and never uploaded to our servers. If you subscribe to Premium, your entries also sync to your personal iCloud account via Apple's private CloudKit database. We do not have access to your iCloud data.

Android: All voice entries and summaries are stored locally on your device using Room database. Audio recordings are stored locally and never uploaded to our servers. If you sign in with Google, your entries and summaries sync to Firebase Firestore under your authenticated Google account. This data is stored in Google's cloud infrastructure, encrypted at rest, and accessible only through your Google account.

We do not maintain a general database of user content on our servers. The only server-side data we store is your device identifier and trial status. On Android, synced entries are stored in Firebase Firestore under your Google account's private collection.

5. Subscriptions & Payments

Subscriptions are processed through Apple's App Store (iOS) or Google Play (Android). All payment information is handled entirely by Apple or Google respectively. We never receive, process, or store your credit card details, bank information, or other payment data.

Available plans:

• Premium Monthly — $4.99/month
• Premium Annual — $49.99/year

6. Data Retention

• On-device data: Retained until you delete it within the app or uninstall the app
• Audio recordings: Stored locally on your device. Never uploaded to our servers
• Cloud-processed data: Not retained after processing is complete — discarded immediately
• Device identifier & trial status: Stored on our server for the duration of the trial period
• iCloud data (iOS): Retained in your iCloud account until you delete it. Governed by Apple's data retention policies
• Firebase Firestore data (Android): Retained under your Google account until you delete it within the app or request deletion by contacting us. Governed by Google's data retention policies

7. Your Rights

Regardless of where you live, you have the right to:

• Access your data — Contact us to ask what data, if any, we have associated with your device
• Delete your data — Remove individual entries or all data within the app at any time. To delete server-side data (device identifier, trial status), contact us
• Use offline only — The free tier requires no network access. You remain in full control
• Cancel subscriptions — Manage or cancel through your device's Settings → Subscriptions (iOS) or Google Play → Subscriptions (Android)

We respond to all data requests within 30 days.

8. Children's Privacy

MindVoice is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with data, please contact us and we will delete it.

9. Security

We protect data in transit using TLS encryption. Our cloud infrastructure runs on Cloudflare Workers, which provides DDoS protection and edge security. Device authentication uses HMAC-SHA256 tokens. All endpoints are rate-limited. No user accounts or passwords are required.

10. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated through an update to the app. The "Last updated" date at the top of this page indicates when the policy was last revised.

11. Contact Us

If you have questions or concerns about this privacy policy:

• Email: support@getmindvoice.com
• Developer: Forward Alpha, LLC