Important: Wisp operates a data platform in which user-submitted or recorded content (including audio recordings, transcripts, notes, and related metadata) may be processed, transformed, and licensed to third parties for artificial intelligence training, evaluation, and research purposes. In certain jurisdictions, this activity may constitute a "sale," "sharing," or similar disclosure of personal information. We provide applicable rights and honor Global Privacy Control (GPC) signals where required by law.
Wisp AI, Inc. ("Wisp," "we," "us," or "our") operates an AI-powered transcription, note-generation, and data platform. By using the Services, you acknowledge and consent to the practices described in this Privacy Policy.
1. Information We Collect
A. Personal Information
- Name
- Email address
- Phone number
- Account credentials
B. Content Data (Audio, Transcripts, and Notes)
- Audio recordings uploaded or recorded through the Services
- Transcripts generated from audio
- Notes, summaries, and other generated outputs
- Speaker segmentation (e.g., "Speaker 1")
- Timestamps and conversational structure
- Recording context (titles, descriptions)
C. Content Metadata & Technical Data
- File duration, size, and format
- Audio quality metrics
- Recording conditions (where available)
- System-generated technical attributes
D. Derived Data & Processing Outputs
- Summaries, highlights, and structured notes
- Keywords and semantic features
- Non-identifying embeddings used for processing
- Machine-learning-ready datasets
E. Integrity, Quality & Deduplication Data
- Content hashes (cryptographic and perceptual)
- Duplicate detection indicators
- Quality assurance and validation metrics
F. Content Analysis & Metadata Extraction
We may automatically extract:
- Technical specifications
- Content type and format
- Quality metrics
- Deduplication hashes
- Tagging and categorization
G. Consent & Compliance Records
- Consent logs
- Privacy preferences
- Opt-out signals (including GPC)
- Recording acknowledgments
H. Usage Data
- Device type and operating system
- IP address and approximate location
- Application activity and logs
- Usage patterns
I. Third-Party Integration Data (User Authorized)
If enabled:
- Google Calendar (event data)
- Google Docs/Drive (selected content and metadata)
This data is used solely to provide user-facing features and is not used to train generalized AI models.
J. Cookies and Tracking Technologies
We use:
- Essential cookies for authentication
- Analytics tools
- Local storage
We honor Global Privacy Control (GPC) signals where required.
2. Data Flow and Processing
A. Upload and Recording
- Users may upload audio files or record conversations through the Services
- For recordings involving multiple participants: a user may initiate a recording session; participants may be included or invited; users are responsible for obtaining all legally required consent prior to recording
- Audio may be captured in real time, processed and stored after recording, or segmented into speaker tracks where applicable
- All data is securely transmitted and stored
Validation includes file integrity checks, format validation, and duplicate detection.
B. Processing and Analysis
- Audio is transcribed into text
- Speaker segmentation and timestamps are generated
- AI systems produce summaries, notes, and structured outputs
Additional technical and analytical data may be extracted.
C. Transformation and Dataset Preparation
- Data may be transformed into machine-learning-ready formats
- Direct identifiers (e.g., names, emails, contact details) may be removed where applicable
- Data may be aggregated, structured, or pseudonymized
D. Data Licensing and Transfer
- Wisp may license datasets to third parties, including AI companies
- Licensed data may include audio recordings, transcripts, metadata, and derived datasets
- These disclosures may constitute a "sale" or "sharing" of personal information
- Data licensing occurs only where permitted by law and, where required, based on user consent or other valid legal bases
E. Post-Transfer Handling
- Wisp may retain metadata, logs, and transformed datasets
- Original content may be retained, archived, or deleted
F. Post-Licensing Data Control
Upon transfer or licensing, recipients may act as independent data controllers. Wisp does not control how such data is used or retained by recipients.
Once data has been incorporated into datasets or AI systems, it may not be technically feasible to retrieve, delete, or isolate individual contributions.
3. Biometric Information and Retention
Audio recordings may contain characteristics that could be considered biometric information under applicable laws.
- Wisp does not create, sell, or license biometric identifiers used for identification, such as persistent voiceprints
- Wisp does not use audio data to identify individuals across systems
Where applicable: notice is provided, consent is obtained, and data is used only for disclosed purposes.
Retention: Biometric-related data is retained only as necessary and then deleted or irreversibly de-identified.
4. How We Use Your Information
We use data to:
- Provide and improve the Services
- Transcribe and analyze audio
- Generate notes and outputs
- Maintain account functionality
- Ensure security and compliance
5. Data Licensing and AI Training
Where permitted by applicable law and user consent settings, Wisp may:
- Process and transform recordings, transcripts, and related data
- Remove direct identifiers (where applicable)
- Create structured datasets
- License such datasets to third parties
Third parties may use this data for machine learning model training, evaluation and benchmarking, and research and development.
Such data may retain inherent characteristics such as voice, tone, or conversational patterns.
7. Content Rights and Usage
By submitting content through the Services, you grant Wisp a worldwide, perpetual, sublicensable, transferable license to:
- Use, process, reproduce, modify, and distribute your content
- Transform your content into datasets
- License such content and datasets to third parties
This includes content that may contain voice recordings, conversational content, and personal or identifiable information within recordings.
Downstream Use
Third-party recipients may use data for AI training, research, and model development.
Important Limitations
- Once incorporated into datasets or AI systems, deletion may not be feasible
- Deletion requests apply prospectively only
8. Data Retention
- Account data: retained until account deletion
- Audio recordings: retained until deleted by the user
- Transcripts and notes: retained until deleted by the user
Dataset and AI Training Use
Derived datasets and transformed data may be retained indefinitely, including after account deletion, where data has been de-identified, aggregated, or incorporated into machine learning datasets.
Other Data Categories
- Metadata and quality assurance data: up to 3 years
- Analytics data: up to 2 years
- Consent and compliance records: up to 5 years
9. Your Rights and Choices
You may have rights to:
- Access your data
- Correct inaccuracies
- Delete your data
- Obtain a copy (portability)
- Opt out of sale or sharing
- Limit use of sensitive data
Contact: contact@wispai.app
9A. How to Exercise Privacy Choices
You may:
- Use account settings to enable or disable AI training and data licensing
- Submit requests via email
We honor Global Privacy Control (GPC) signals where required.
9B. Consent for AI Training and Data Licensing
Wisp provides users with a clear and granular choice regarding the use of their data for AI training and external data licensing.
Consent Mechanism
- During onboarding or initial use, users are presented with a dedicated consent interface requiring an active selection to either enable or disable the use of their data for AI training and data licensing
- No default selection is applied; users must make an explicit choice before proceeding
- This setting remains user-controlled and can be modified at any time through account settings
Scope of Consent
When enabled, users consent to processing of recordings, transcripts, and related data; transformation into datasets; and licensing to third parties for AI training, evaluation, and research.
Withdrawal of Consent
- Users may withdraw consent at any time through account settings
- Withdrawal applies prospectively and does not affect prior lawful processing or data already incorporated into datasets or AI systems
Limitations
Once data has been incorporated into datasets or AI systems, it may not be technically feasible to delete, retrieve, or isolate individual contributions.
10. State-Specific Privacy Rights
California (CCPA/CPRA)
- Right to know
- Right to delete
- Right to correct
- Right to opt out
- Right to limit sensitive data
- Non-discrimination
Other U.S. States
Residents may have rights including access, correction, deletion, portability, and opt-out.
Appeal Rights
Users may appeal decisions by contacting us.
Authorized Agents
Users may designate authorized agents where permitted.
Response Timing
Requests are handled within 30–45 days.
Illinois (Biometric Laws)
- Notice provided
- Purpose limited
- No sale of biometric identifiers used for identification
11. International Data Transfers
Data may be processed in the United States and other jurisdictions. We rely on Standard Contractual Clauses (SCCs), the Data Privacy Framework (DPF), and other safeguards.
12. AI Training and Ethical Use
We work with partners that comply with applicable laws and do not attempt unauthorized re-identification.
13. Data Security and Breach Notification
We implement encryption, access controls, and monitoring systems.
We notify users and authorities without undue delay and within required timeframes (e.g., 72 hours).
14. Children's Privacy
The Services are not intended for users under 18.
15. Changes to This Policy
We may update this policy periodically. Continued use of the Services after changes constitutes acceptance of the updated policy.