Legal

Privacy Policy

Last updated: April 2026

VoiceLogs ("we", "our", or "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights as a user of VoiceLogs.

1. What we collect

• Account information: Your email address and password, stored securely via Supabase Auth.
• Voice recordings: Audio you record in the app is sent to Deepgram for real-time transcription and immediately discarded. We do not store your audio recordings.
• Voice action data: The text transcripts and extracted actions (time entries, expenses, reminders) you create are stored to power the app's features.
• Xero data: With your permission, we read and write to your Xero account — contacts, invoices, and time entries. We store OAuth tokens to maintain your connection.
• Google Calendar data: With your permission, we create calendar events on your behalf. We store OAuth tokens to maintain your connection.
• Usage data: Basic analytics to help us improve the app. We do not sell personal data to advertisers.

2. How we use your data

• To provide and improve the VoiceLogs service
• To sync your voice actions with Xero and Google Calendar
• To send daily summary push notifications (if you enable them)
• To manage your subscription via RevenueCat
• To respond to support requests

3. Data sharing

We do not sell your personal data. We share data only with the following service providers who help us operate VoiceLogs:

• Deepgram — voice transcription. Audio is processed in real-time and not stored by Deepgram on our behalf.
• Anthropic — AI intent extraction from your transcripts.
• Supabase — database and authentication infrastructure.
• Xero — accounting integration, with your explicit consent.
• Google — calendar integration, with your explicit consent.
• RevenueCat — subscription and purchase management.
• Expo / EAS — app delivery and push notification infrastructure.
• Railway — backend hosting infrastructure.

4. Data retention

We retain your data for as long as your account is active. When you delete your account, we delete all associated data within 30 days. You can request account deletion at any time by contacting us at [email protected].

5. Security

We use industry-standard security practices including encrypted connections (HTTPS and WSS), secure token storage, and row-level security on all database tables. OAuth tokens for Xero and Google are stored encrypted. We regularly review our security practices.

6. Your rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your account and data
• Disconnect Xero or Google at any time from the Settings screen in the app
• Withdraw consent for any data processing at any time

To exercise any of these rights, contact us at [email protected].

7. Children's privacy

VoiceLogs is not intended for users under 16 years of age. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. International transfers

VoiceLogs is operated from New Zealand. Our service providers may process data in other countries including the United States. Where we transfer data internationally, we ensure appropriate safeguards are in place.

9. Cookies

The VoiceLogs mobile app does not use cookies. Our website (voicelogs.app) uses only essential cookies required for the site to function. We do not use tracking or advertising cookies.

10. Changes to this policy

We may update this policy from time to time. We'll notify you of significant changes via email or an in-app notification. Continued use of VoiceLogs after changes are posted constitutes your acceptance of the updated policy.

11. Contact us

If you have any questions about this privacy policy or how we handle your data, please contact us at [email protected].