Privacy Policy

Last Updated: July 26, 2024

1. Introduction

Welcome to Wisp, an AI-powered transcription service. Your privacy is important to us. This Privacy Policy explains how we collect, use, protect, and share your information when you use our services, including integrations with third-party services like Google Calendar and Google Docs. By using our services, you agree to the terms outlined in this policy.

2. Information We Collect

We collect the following types of information to provide, maintain, and improve our services:

• Personal Information: Name, email address, phone number (for authentication/verification), and payment details (processed securely by our payment partners).
• Account Information: Your user credentials and settings.
• Audio & Transcription Data: Audio files you upload (stored securely on Google Cloud Firebase), the resulting transcripts, speaker labels, and timestamps generated by AssemblyAI, and associated metadata.
• Generated Content: Content derived from your transcriptions, such as titles, summaries, emojis, or action items, which may be generated using services like OpenAI.
• Usage Data: Information about how you interact with our app, including device type, operating system, IP address, access times, and usage logs.
• Google Calendar Data (Optional, User-Authorized): If you authorize access, we may access your calendar list and event details (such as title, start/end times, attendees, Wispion) to display relevant information within our application.
• Google Docs Data (Optional, User-Authorized): If you authorize access, we may access specified Google Docs content and metadata (like titles) to enable import or export functionality between our service and your Google Docs account.
• Cookies and Tracking Technologies: We use cookies and similar technologies to enhance user experience, maintain sessions, and analyze application usage trends.

Disclaimer: While we employ security measures, Wisp is not responsible for the privacy or confidentiality of any material you choose to upload or share. By using our services, you acknowledge and accept that you bear full responsibility for the content you handle and any consequences, including potential data leaks or unauthorized access.

Note: It is your responsibility to ensure you have obtained the necessary consent from all participants before recording or uploading any audio content containing personal information to our platform.

3. How We Use Your Information

We use your information for the following purposes:

• To provide, personalize, operate, and improve our transcription and related services.
• To authenticate users and ensure the security of your account.
• To process payments and facilitate transactions securely.
• To transcribe your audio files using our third-party provider, AssemblyAI.
• To analyze transcription text and generate relevant content (like titles, summaries, or action items) using third-party AI services like OpenAI.
• To facilitate email sharing and notifications using our third-party email delivery provider, Brevo.
• To securely store your account information, uploaded files, transcripts, and other application data using Google Cloud Firebase infrastructure.
• If authorized by you: To display your upcoming Google Calendar events within the app, allowing you to potentially link notes or recordings to specific events.
• If authorized by you: To enable you to import content from or export notes/transcripts to your Google Docs account.
• To provide customer support and respond to your inquiries.
• To monitor usage, detect and prevent fraudulent activities, security threats, and technical issues.
• To analyze usage trends and enhance user experience through analytics.
• To comply with legal obligations and enforce our Terms of Service.

Important Note on Google Data: Our application's use and transfer of information received from Google APIs adhere to the Google API Services User Data Policy, including the Limited Use requirements. Information obtained from Google Calendar or Google Docs is used solely to provide or improve user-facing features visible within our application and is not transferred to others unless necessary for providing these features, complying with law, or as part of a merger/acquisition. Furthermore, we affirm that data obtained via Google Workspace APIs is not used to develop, improve, or train generalized AI and/or ML models.

4. Data Sharing & Third-Party Services

We do not sell or rent your personal information. We share information only as described below and work with trusted third-party service providers under strict confidentiality terms:

• Google APIs (Calendar & Docs): If you choose to connect your Google account, our application requests authorization (via Google's standard OAuth process) to access specific data from Google Calendar and/or Google Docs APIs based on the permissions you grant. This data is used solely to provide the integrated features described in Section 3 (e.g., displaying calendar events, enabling Docs import/export) within our app. We only request the minimum necessary permissions. This data is handled according to Google's API Services User Data Policy. You can manage or revoke access via your Google account settings at any time. Google Privacy Policy.
• Google Cloud Firebase: Used for backend infrastructure, including user authentication, secure data storage (audio files, transcripts, user data), and database management. Your data is stored within Google Cloud's secure environment. Google Cloud Privacy.
• AssemblyAI: Our primary provider for audio transcription. We provide AssemblyAI with access to your audio files (via secure URLs hosted on Firebase) solely for the purpose of generating transcriptions, speaker labels, and timestamps. AssemblyAI Privacy Policy.
• OpenAI: Used to process transcription text to generate helpful content like titles, summaries, and action items. We may send transcript text to OpenAI's API for this purpose. We encourage you to review their policies regarding API data usage. OpenAI API Data Usage Policies.
• Brevo: Our email service provider. When you share content via email or use automated email features, we provide Brevo with recipient email addresses, subject lines, and email content (which might include generated notes or transcripts, possibly as PDF attachments) to facilitate delivery. Brevo Privacy Policy.
• Payment Processors: We use third-party payment processors (e.g., Stripe, Apple App Store In-App Purchases) to handle transactions. Your payment information is provided directly to them, and their use of your information is governed by their privacy policies.
• Legal Compliance: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Wisp, our users, or others.
• Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction, subject to standard confidentiality arrangements.

5. Data Security

We implement industry-standard administrative, technical, and physical security measures designed to protect your data from unauthorized access, alteration, disclosure, or loss. These measures include:

• Utilizing secure cloud infrastructure provided by Google Cloud Firebase.
• Implementing access controls to limit data access to authorized personnel.
• Encrypting sensitive data where appropriate.
• Adhering to secure protocols (like OAuth) for accessing third-party data like Google Calendar and Docs.
• Providing users with controls to manage, edit, or delete their data.

We also rely on the security practices of our third-party providers (Google, AssemblyAI, OpenAI, Brevo). However, please be aware that no security measure is 100% impenetrable, and we cannot guarantee the absolute security of your information.

6. Your Rights and Choices

You have the following rights regarding your personal data, subject to applicable law:

• Access: Request access to the personal data we hold about you.
• Correction: Request correction of any inaccurate or incomplete data.
• Deletion: Request deletion of your personal data and content stored in your account, subject to legal or operational retention needs.
• Control Third-Party Access: You can manage or revoke our access to your Google account data (Calendar, Docs) at any time directly through your Google account security settings.
• Opt-Out: Manage cookie preferences through your browser settings and opt out of non-essential marketing communications.

To exercise these rights or inquire about your data, please contact us at contact@wispai.app.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide you with our services, comply with our legal obligations, resolve disputes, and enforce our agreements. Data accessed via Google APIs (Calendar, Docs) is generally not stored persistently by us, except potentially temporarily cached for performance or when explicitly saved by you within our application (e.g., linking a note to a calendar event). When data is no longer needed, we securely delete or anonymize it. Note that data processed by third-party services may be subject to their own retention policies.

8. Third-Party Links

Our service may contain links to third-party websites or services (including the privacy policies linked in Section 4). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read their privacy policies before providing any information.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, service offerings, or relevant regulations. We will post any changes on this page and update the "Last Updated" date. We encourage you to review this policy periodically.

10. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy or our data practices, please contact us at contact@wispai.app.