1. Controller Information

Company: Vibe Typer
Contact: [email protected]
Data Protection Officer: [email protected]
Jurisdiction: Australia

2. Introduction

Vibe Typer ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our speech-to-text desktop application ("Service").

This Privacy Policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws. If you are located in the European Union, you have specific rights regarding your personal data as outlined in this policy.

3. Information We Collect

3.1 Personal Information You Provide

• Email Address: Required for account creation and authentication

3.2 Automatically Collected Information

• Audio Data: Temporarily processed for speech-to-text conversion (not stored)
• Usage Statistics: Audio duration, transcription word count, processing time
• Technical Data: Device information, operating system, application version
• Authentication Data: Session tokens and login timestamps

3.3 Analytics Information

• Google Analytics: Website and application usage patterns, performance metrics
• Application Events: Feature usage, error reports, performance data

4. How We Use Your Information

4.1 Service Provision (Legal Basis: Contract)

• Authenticate your account and provide access to the Service
• Process audio for speech-to-text transcription
• Insert transcribed text into your applications
• Provide AI-powered text enhancement features

4.2 Service Improvement (Legal Basis: Legitimate Interest)

• Analyze usage patterns to improve features
• Monitor system performance and reliability
• Develop new features and capabilities
• Ensure security and prevent fraud

4.3 Communication (Legal Basis: Contract/Legitimate Interest)

• Send service-related notifications
• Provide customer support
• Communicate about account issues or updates

5. Data Processing and Storage

5.1 Audio Processing

• Temporary Processing: Audio files are created temporarily during transcription
• No Persistent Storage: Audio files are deleted immediately after processing
• Third-Party Processing: Audio is sent to Fireworks AI for transcription
• Location: Audio processing occurs on your device and Fireworks AI servers

5.2 Personal Data Storage

• Database: Stored securely in Supabase (PostgreSQL)
• Local Storage: Authentication tokens encrypted using OS-level security
• Backup: Regular backups maintained for data protection

5.3 Data Retention

• User Accounts: Retained until deletion requested at [email protected]
• Usage Logs: Retained indefinitely for analytics purposes
• Authentication Data: Tokens expire and are refreshed automatically
• Temporary Files: Deleted immediately after processing

6. Data Sharing and Third Parties

6.1 Service Providers

We share data with the following third parties to provide our Service:

6.2 Legal Requirements

We may disclose your information if required by law, regulation, or court order, or to protect our rights, property, or safety.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States. These transfers are necessary for service provision and are protected by:

• Standard Contractual Clauses: EU-approved data transfer mechanisms
• Adequacy Decisions: Where applicable for certain jurisdictions
• Service Provider Safeguards: Privacy and security commitments from processors

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: Data encrypted in transit and at rest
• Access Controls: Restricted access to personal data
• Authentication: Secure user authentication with JWT tokens
• Monitoring: Regular security monitoring and updates
• Compliance: Regular security audits and compliance checks

9. Your Rights (GDPR)

If you are located in the EU, you have the following rights:

9.1 Access Right

Request access to your personal data and information about how it's processed.

9.2 Rectification Right

Request correction of inaccurate or incomplete personal data.

9.3 Erasure Right

Request deletion of your personal data under certain circumstances.

9.4 Restriction Right

Request restriction of processing under certain circumstances.

9.5 Data Portability Right

Request transfer of your data to another service provider.

9.6 Objection Right

Object to processing based on legitimate interests.

9.7 Complaint Right

Lodge a complaint with your local data protection authority.

To Exercise Your Rights: Contact us at [email protected]

10. Age Restrictions

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you are under 16, please do not use our Service or provide any personal information.

11. Cookies and Tracking

11.1 Application Cookies

The desktop application uses local storage for:

• Authentication tokens (encrypted)
• Application configuration and runtime settings

11.2 Website Cookies

Our website uses Google Analytics cookies to:

• Analyze website usage
• Improve user experience
• Track conversion metrics

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make material changes, we will:

• Update the "Last Updated" date
• Notify you via email or application notification
• Provide a summary of key changes

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

For privacy-related questions, concerns, or requests:

Email: [email protected]
Subject Line: Privacy Policy Inquiry

Response Time: We aim to respond within 30 days of receiving your request.

14. Legal Basis Summary

15. Data Protection Officer

Questions about data protection can be directed to our Data Protection Officer:

Email: [email protected]
Subject Line: Data Protection Officer