Trust & Compliance

Your data is safe with us

We take privacy seriously. Here's how we protect your information and comply with global data protection regulations.

Regulatory Compliance

GDPRCompliant

We process data with a lawful basis, honor data subject rights, and provide full transparency.

CCPACompliant

We do not sell personal data. California residents can exercise their rights under CCPA.

DPDPAAware

We comply with India's Digital Personal Data Protection Act, 2023, including consent and grievance mechanisms.

Google APICompliant

We adhere to Google API Services User Data Policy, including Limited Use requirements.

All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Your notes, recordings, and personal data are always protected.

You can permanently delete your account and all associated data at any time from your settings. Deletion is processed within 30 days.

Your personal information is never sold, rented, or traded to third parties. We generate revenue from our product, not your data.

Export your notes and data in standard formats. Your data belongs to you, and you can take it with you anytime.

We use PostHog for product analytics — with your explicit consent via our cookie banner. You can opt out at any time.

We use a GDPR-compliant cookie consent banner. Only essential cookies are used without consent. Analytics require your opt-in.

We use Google Sign-In for secure authentication. We never store or see your password. Adheres to Google API Limited Use policy.

Your data is stored on Google Cloud (Firebase), which is certified for SOC 1/2/3, ISO 27001, and HIPAA. Enterprise-grade infrastructure.

We rely on the following trusted sub-processors to deliver our service:

Service	Purpose	Location
Google Firebase	Authentication, database, storage	US (multi-region)
Google Gemini AI	AI summaries, transcription, chat	US
PostHog	Product analytics (consent-based)	US / EU
Vercel	Web hosting, edge network	Global CDN

We're happy to answer any questions about data privacy and security.