Privacy Policy

How Transcription Works

• Transcription is performed offline on-device. We do not upload raw audio recordings to OpenAI or Google Gemini for transcription.
• Audio is only shared outside your device if you explicitly choose another feature that requires sharing (for example, export or sync features you initiate).

Data We Collect and How We Collect It

• Data you provide directly: account details (such as email), transcript text, notes, and prompts/instructions you enter for summaries.
• Data collected automatically: app interactions, device type, OS, IP address, crash logs, and performance diagnostics.
• Payment data: subscriptions are handled by app stores or payment processors. We do not store full payment card numbers.

How We Use Data

• Provide core features such as offline transcription, AI summaries, note organization, and sync.
• Improve accuracy, reliability, and performance.
• Protect the service and users (security monitoring, fraud/abuse prevention).
• Provide customer support and service communications.

Third-Party AI Processing for Summaries

• Who receives data: OpenAI, LLC (OpenAI API) and Google LLC (Google Gemini API).
• What we send: transcript text (or selected text), your summary prompt, and minimal technical metadata needed to process the request.
• What we do not send: raw audio recordings for transcription.
• Why we send it: to generate summaries, action items, and related text-based outputs you request.

Permission Before Sharing with AI Providers

• Before any personal data is sent to OpenAI or Google Gemini, we request your explicit in-app permission.
• If you do not grant permission, transcript text is not sent to third-party AI providers and you can continue using non-AI features.
• You can withdraw this permission in app settings at any time for future requests.

Sharing, Protection, and Retention

• We do not sell your personal data.
• We use trusted service providers (such as hosting, analytics, and payments) only to operate Noota and under data protection obligations.
• We require third-party processors, including AI providers, to provide the same or equivalent level of privacy and security protection for data we share with them.
• You can delete content or your account in the app. We delete associated personal data unless retention is required by law or for legitimate dispute/security handling.
• Backups may retain deleted data for a limited period before automatic expiration.

Security

We use industry-standard safeguards such as encryption in transit, access controls, and monitoring. No system is 100% secure, so please keep your account credentials secure.

Your Rights

You may request access, correction, export, or deletion of your personal data by contacting us.

Children

Noota is not directed to children under 16. We do not knowingly collect personal data from children under 16. If you believe a child provided data, contact us and we will delete it.

Third-Party Policies

For more information about third-party AI providers:

• OpenAI: https://openai.com/policies/privacy-policy
• Google Gemini: https://policies.google.com/privacy

Changes

We may update this Privacy Policy from time to time. We will post updates on this page and revise the “Last updated” date.