Privacy Policy

Last updated: May 5, 2026

This Privacy Policy explains how GrumbusVoice (“we”, “us”, “our”) collects, uses, discloses, and protects information about you when you use our software, applications, websites, APIs, and any related services (collectively, the “Service”). It applies to all users of the Service worldwide. By using the Service you consent to the practices described here. If you do not agree, do not use the Service.

1. Scope and definitions

“Personal information” means any information that identifies, relates to, or could reasonably be linked to an identified or identifiable individual. This Policy does not apply to data that is fully aggregated or anonymized such that it cannot be linked back to any individual.

2. What we collect

  • Account data: your email address, OAuth provider ID (if you sign in with Google or Apple), a hashed password (if you sign in with email/password), and account preferences (e.g., dictation mode, hotkey).
  • Voice audio: while you hold the dictation hotkey, your microphone audio streams to our servers. Audio is forwarded to our speech-recognition provider for transcription. Audio is not retained after the transcription is returned.
  • Transcripts: the text resulting from transcription is returned to your device. We do not store the transcript on our servers beyond the request lifecycle, except as needed to enforce abuse limits or as you opt to enable cross-device sync (when offered).
  • AI cleanup metadata: when you use Polished or Balanced modes, the raw transcript is sent to an AI language-model provider for cleanup. Only the transcript text is sent; we do not transmit audio, account identifiers, or other personal information beyond what is needed to format the output.
  • Usage data: we count the duration of each transcription, mode used, and timestamp so we can enforce your subscription's monthly quota and provide you with usage Insights inside the app.
  • Billing data: handled directly by Stripe. We never see, transmit, or store your card number, CVV, or banking details. We store your Stripe customer ID, subscription status, and billing-cycle dates.
  • Diagnostic data: when an error or crash occurs, we log the error type, route, request ID, software version, and operating-system version. We do NOT log audio, transcript content, account passwords, or payment data.
  • Device identifiers: a device-scoped token used to authenticate the app to our backend, generated locally on first sign-in.

3. What we don't collect

  • We don't store recorded audio after transcription completes.
  • We don't share your transcripts with third parties beyond the AI cleanup provider when you enable polishing modes (and even then only the transcript text is sent, anonymized of account context).
  • We don't sell, rent, or trade personal information to advertisers or data brokers.
  • We don't use third-party advertising or behavioral-tracking cookies.
  • We don't engage in cross-context behavioral advertising.
  • We don't collect biometric identifiers, geolocation data, or contacts.

4. How we use information

We use the information we collect to: (a) provide, maintain, and improve the Service; (b) authenticate you and prevent unauthorized access; (c) process payments and enforce subscription limits; (d) send you transactional and account-related communications; (e) detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms of Service; (f) comply with legal obligations; and (g) generate aggregated, de-identified statistics about Service performance and usage.

5. Legal bases for processing (EU/UK/EEA users)

If you are in the EU, UK, or EEA, our legal bases for processing your personal information are: (i) contract performance — to deliver the Service you have subscribed to; (ii) legitimate interests — to operate, improve, and secure the Service; (iii) legal obligation — to comply with applicable law; and (iv) consent — for any processing for which we ask your consent (which you may withdraw at any time).

6. Service providers (subprocessors)

We use the following providers to operate the Service. Each is bound by their own privacy policy and (where applicable) by data-processing agreements with us. The list may change over time; the version current at the time you read this page is authoritative.

  • Deepgram (US) — speech-to-text transcription provider. Receives audio during dictation; does not retain audio after transcription per our agreement and their stated policy.
  • OpenAI / Anthropic (US) — AI language-model providers used for transcript cleanup in Polished and Balanced modes. Receives transcript text only; subject to provider data-handling commitments (no training on input by default).
  • Stripe (US) — payment processing. Subject to Stripe's privacy policy.
  • Resend (US) — transactional email delivery. Receives only the recipient email address and message contents.
  • Sentry (US) — error and crash reporting. Receives error metadata; does not receive audio, transcripts, passwords, or payment data.
  • Vercel (US) — application hosting and edge networking.
  • Neon (US) — managed Postgres database.
  • Cloudflare (US) — domain DNS and email routing.
  • Apple App Store / TestFlight (US) — for iOS app distribution and testing (where applicable).
  • GitHub (US) — for software releases and update distribution.

We may add or replace subprocessors from time to time as needed to operate the Service. Material changes will be reflected in this list.

7. International data transfers

GrumbusVoice is operated from Canada and our subprocessors are primarily in the United States. If you access the Service from outside Canada or the United States — including from the European Union, United Kingdom, EEA, or any other jurisdiction — you acknowledge and consent to the transfer of your personal information to and processing in Canada, the United States, and other jurisdictions where we or our subprocessors operate, which may have data-protection laws different from those of your country. Where required, we rely on Standard Contractual Clauses or other approved transfer mechanisms.

8. Data security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from loss, unauthorized access, disclosure, alteration, or destruction. These include encryption in transit (HTTPS/TLS), encryption at rest where supported by our infrastructure providers, access controls, and routine review of security practices. No method of transmission or storage is 100% secure, and we cannot and do not guarantee the absolute security of any information. You acknowledge that the Service is provided over the public internet and that you bear responsibility for the security of your own devices, account credentials, and network. To the maximum extent permitted by law, we disclaim all liability for any unauthorized access to or disclosure of your personal information that occurs despite our reasonable security measures. In the event of a breach affecting your personal information, we will notify you and, where required, the applicable regulator without undue delay in accordance with applicable law.

9. Children's privacy

The Service is not directed to and is not intended for use by children. You must be at least 13 years old (or the minimum age in your jurisdiction at which you can consent to online services without parental consent — 16 in much of the EU) to use the Service. We do not knowingly collect personal information from children under that age. If we become aware that we have inadvertently collected personal information from a child without verified parental consent, we will delete it promptly. If you believe a child has provided us personal information, contact privacy@grumbus.app.

10. Your rights

Depending on your jurisdiction, you may have some or all of the following rights regarding your personal information:

  • Access: request a copy of the personal information we hold about you.
  • Portability / export: receive your data in a structured, commonly used, machine-readable format.
  • Correction: ask us to correct inaccurate or incomplete information.
  • Deletion / erasure: ask us to delete your account and personal information, subject to legal retention requirements.
  • Restriction / objection: ask us to restrict or stop certain processing activities.
  • Withdraw consent: where processing is based on consent, withdraw it at any time (without affecting prior lawful processing).
  • Complain: lodge a complaint with your local data-protection authority. EU residents may complain to their national supervisory authority. Canadian residents may complain to the Office of the Privacy Commissioner of Canada.

To exercise any of these rights, email privacy@grumbus.app from the email address associated with your account, or use the in-app account management at grumbus.app/account. We will respond within 30 days (or any shorter period required by law). We may need to verify your identity before fulfilling certain requests.

11. California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act, collectively the “CCPA”) gives you specific rights:

  • Right to know the categories and specific pieces of personal information we collect, use, and disclose.
  • Right to delete personal information we have collected from you, subject to legal exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of sale or sharing of personal information. We do not sell or share personal information as those terms are defined under the CCPA.
  • Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes other than those permitted under the CCPA.
  • Right to non-discrimination for exercising your CCPA rights.

The categories of personal information we collect are: identifiers (email, account ID), commercial information (subscription status, payment history), audio/electronic information (during transcription only, not retained), internet activity (limited diagnostic data), and inferences derived from usage. We retain each category for the periods described in Section 13. To exercise your CCPA rights or designate an authorized agent to do so on your behalf, contact privacy@grumbus.app.

12. Canadian residents (PIPEDA and provincial laws)

If you are a Canadian resident, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and any applicable provincial privacy laws (including New Brunswick's Personal Health Information Privacy and Access Act, where applicable) govern our handling of your personal information. You have the right to access, correct, and challenge our use of your personal information, and to escalate complaints to the Office of the Privacy Commissioner of Canada or your provincial commissioner. We are located in New Brunswick, Canada.

13. Data retention

  • Account data: kept while your account is active and for up to 90 days after you delete your account, after which it is permanently removed (subject to legal-retention obligations such as tax record requirements).
  • Voice audio: not retained after transcription completes (typically a few seconds).
  • Transcripts: not retained on our servers beyond the request lifecycle, unless you have enabled an optional sync feature in which case they are retained encrypted until you delete them.
  • Usage minutes / billing records: retained for at least 24 months for billing reconciliation, tax, and audit purposes.
  • Diagnostic logs: retained for up to 90 days, then aggregated or deleted.
  • Backups: may persist for up to 30 days after deletion from primary storage; we do not restore deleted user data from backups except in the event of catastrophic data loss.

14. Cookies and tracking

Our website uses only strictly necessary cookies for authentication, session management, and basic security (e.g., CSRF protection). We do not use advertising, behavioral, or third-party tracking cookies. We do not currently respond to Do-Not-Track browser signals because no industry consensus on their meaning exists, but you may continue to use the Service without consent to optional tracking because we do not engage in optional tracking.

15. Aggregated and de-identified data

We may create aggregated or de-identified data (e.g., total dictations across all users in a given period) that does not identify any individual. We may use, disclose, and retain such data without restriction for any lawful purpose, including to improve the Service and to publish industry statistics.

16. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. The “Last updated” date at the top of this Policy indicates when it was last revised. Material changes will be communicated via email to your account address or via in-app notice at least 14 days before they take effect. Your continued use of the Service after the effective date constitutes acceptance.

17. Limitations

To the maximum extent permitted by applicable law, the privacy practices described in this Policy do not give rise to any contractual right of action against GrumbusVoice beyond the rights expressly granted by applicable privacy law. Any claim arising out of or relating to this Privacy Policy or our handling of your personal information shall be subject to the dispute resolution and limitation of liability provisions of our Terms of Service, including the binding arbitration clause and the cap on liability.

18. Contact and complaints

For privacy questions, requests to exercise your rights, or to file a complaint with us first (which we encourage before contacting a regulator):

Email: privacy@grumbus.app
Mailing address: GrumbusVoice, Fredericton, New Brunswick, Canada

We will acknowledge your inquiry within 30 days. If we are unable to resolve your complaint to your satisfaction, you may escalate to your local data-protection authority.