Privacy Policy

1. Controller Information

Company: Vibe Typer
Contact: support@vibetyper.com
Data Protection Officer: support@vibetyper.com
Jurisdiction: Australia

2. Introduction

Vibe Typer (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our desktop application, website, and related services (“Service”).

This Privacy Policy complies with the General Data Protection Regulation (GDPR) and other applicable privacy laws. If you are located in the European Union, you have specific rights regarding your personal data as outlined in this policy.

3. Information We Collect

3.1 Personal Information You Provide

• Email Address: Required for account creation and authentication; also used to send important service updates and occasional marketing communications (opt-out available).

3.2 Automatically Collected Information

• Audio Data: Processed in memory for speech-to-text conversion; we do not store or retain recordings.
• Transcription & AI Content: Returned to your device; we do not store transcripts, prompts, or AI outputs on our servers (except a short-lived in-memory cache of the final transcript for delivery retries).
• Usage Statistics: Audio duration and transcription word count
• Technical Data: Operating system/platform identifier and application version
• Log Data: IP address, user agent, and request metadata in server logs (for security and troubleshooting)
• Authentication Data: Session tokens and authentication timestamps

3.3 Analytics Information

• Website Analytics: Website usage patterns and performance metrics

4. How We Use Your Information

4.1 Service Provision (Legal Basis: Contract)

• Authenticate your account and provide access to the Service
• Process audio for speech-to-text transcription
• Insert transcribed text into your applications
• Provide AI-powered text enhancement features

4.2 Service Improvement (Legal Basis: Legitimate Interest)

• Analyze usage patterns to improve features
• Monitor system performance and reliability
• Develop new features and capabilities
• Ensure security and prevent fraud

4.3 Communication (Legal Basis: Contract/Legitimate Interest)

• Send service-related notifications
• Provide customer support
• Communicate about account issues or updates
• Share product updates and occasional marketing communications (you can opt out at any time)

5. Data Processing and Storage

5.1 Audio Processing

• Temporary Processing: Audio is buffered in memory only while transcription is running
• Routing: Audio is sent to our backend and forwarded to a third-party inference provider to produce a transcript
• No Persistent Storage: We do not store or retain recordings on our servers
• Transcript Delivery: The final transcript is sent back to your device and cleared from memory. If delivery fails (for example, a disconnect), we may keep a short-lived in-memory cache (up to 2 minutes) to retry delivery.
• Provider Switching: We may automatically switch inference providers for reliability and performance

5.2 Personal Data Storage

• Database: Account and usage information is stored in a managed database/auth provider
• Desktop App Storage: Authentication tokens are stored using OS-level secure storage (encryption) when available
• Desktop App Transcription History: The desktop app stores a short history of your transcription and AI history locally on your device for convenience (for example, to copy recent results); you can clear it at any time from within the app
• Website Storage: Authentication sessions may be stored in your browser (for example, in local storage)
• Backup: Regular backups maintained for data protection

5.3 Data Retention

• User Accounts: Retained until deletion requested at support@vibetyper.com
• Usage and Security Logs: Retained as needed to operate the Service, prevent abuse, provide support, and improve reliability
• Authentication Data: Tokens expire and are refreshed automatically
• Transcription & AI Content: Not retained on our servers; processed in memory and discarded after the operation completes (with a short-lived in-memory fallback cache as described above).

6. Data Sharing and Third Parties

6.1 Service Providers

We share data with third-party service providers to operate and improve the Service (for example: hosting, database/authentication, billing, analytics, and AI inference).

6.2 Legal Requirements

We may disclose your information if required by law, regulation, or court order, or to protect our rights, property, or safety.

7. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction, including the United States. These transfers are necessary for service provision and are protected by:

• Standard Contractual Clauses: EU-approved data transfer mechanisms
• Adequacy Decisions: Where applicable for certain jurisdictions
• Service Provider Safeguards: Privacy and security commitments from processors

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: Data encrypted in transit and at rest
• Access Controls: Restricted access to personal data
• Authentication: Secure user authentication with JWT tokens
• Monitoring: Regular security monitoring and updates
• Compliance: Regular security audits and compliance checks

9. Your Rights (GDPR)

If you are located in the EU, you have the following rights:

9.1 Access Right

Request access to your personal data and information about how it's processed.

9.2 Rectification Right

Request correction of inaccurate or incomplete personal data.

9.3 Erasure Right

Request deletion of your personal data under certain circumstances.

9.4 Restriction Right

Request restriction of processing under certain circumstances.

9.5 Data Portability Right

Request transfer of your data to another service provider.

9.6 Objection Right

Object to processing based on legitimate interests.

9.7 Complaint Right

Lodge a complaint with your local data protection authority.

To Exercise Your Rights: Contact us at support@vibetyper.com

10. Age Restrictions

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you are under 16, please do not use our Service or provide any personal information.

11. Cookies and Tracking

11.1 Application Cookies

The desktop application stores certain data locally for:

• Authentication tokens (stored using OS-level secure storage when available; authentication does not initialize if secure storage is unavailable)
• Application configuration and runtime settings

11.2 Website Cookies

Our website may use cookies and similar technologies to:

• Analyze website usage
• Improve user experience
• Measure marketing and conversion performance

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make material changes, we will update the “Last Updated” date.

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information

For privacy-related questions, concerns, or requests:

Email: support@vibetyper.com
Subject Line: Privacy Policy Inquiry

Response Time: We aim to respond within 30 days of receiving your request.

14. Legal Basis Summary

15. Data Protection Officer

Questions about data protection can be directed to our Data Protection Officer:

Email: support@vibetyper.com
Subject Line: Data Protection Officer