VocertVocert← Back to site

Privacy Policy

Vocert is operated by Vanillapha Inc. ("Vocert", "we", "us"). Questions: contact@vocert.com.

Your audio never leaves your device permanently. Your audio is stored only on your phone (the system of record; playback is always local). The cloud never permanently stores audio — for paid transcription it is forwarded transiently to the speech-to-text provider and the bytes are deleted immediately. The server keeps only the transcript, a SHA-256 hash chain, and a signed integrity receipt. On-device (free) transcription never sends audio anywhere — only the text is uploaded.

What we collect.

Account (email; password as a bcrypt hash, or a provider ID for Apple/Google sign-in); Audio (device-only; cloud receives it transiently and deletes it); Transcripts & Highlights (text retained, audio not); Consent/acknowledgment records; Integrity metadata (hashes, manifests, receipts, audit events). We collect no location data, run no advertising or tracking, and use no analytics SDKs.

How your data is processed.

Paid audio is transiently forwarded to Deepgram for transcription/diarization, then deleted. Transcript text only — never your identity, email, or audio — is sent to OpenAI for legal-content triage (no-retention/no-training options enabled where available).

Sub-processors.

Deepgram (speech-to-text, transient, paid only) · OpenAI (AI triage, transcript text only) · Resend (verification & password-reset emails) · Railway (hosting & database) · Apple (in-app purchases & billing). Payments are processed entirely by Apple; we never receive your card details.

International transfers.

Our sub-processors are in the United States; the limited data above may be processed in the U.S. under the providers' contractual safeguards.

Data retention.

Audio: not retained server-side. Transcripts, Highlights, integrity metadata, account data: retained while your account is active, then deleted as below.

Deletion.

There is no server-side audio to delete. Deleting a recording hard-deletes its transcript/Highlights (a hashes-only tombstone is kept for integrity). Deleting your account purges content within 30 days; a pseudonymized consent skeleton (no email, no content) is kept as a legal record of past consent.

Children.

Vocert is not directed to children; you must meet the minimum age of digital consent in your country (at least 16 in much of the EEA, never under 13). Contact contact@vocert.com to report a child's data.

Security.

TLS in transit; tokens in the device Keychain (this-device-only); iOS file protection on recordings; write-once integrity hashing with no durable audio retention.

Your rights.

Depending on your jurisdiction: access, rectification, erasure, portability — contact contact@vocert.com or use the app.


© 2026 Vanillapha Inc. · Vocert is a product of Vanillapha Inc.