Voice of Self

Voice of Self Privacy Policy

Effective Date: 2026-06-06 Version: 1.2.17

This Privacy Policy explains how Voice of Self processes personal information when you use the Voice of Self iOS app, the public website, direct contact channels, and other services that link to this policy.

Voice of Self is provided by Aleksander Jałtuszyk (“Developer”, “we”, “us”, or “our”).

Contact:

Summary Of Key Points

Table Of Contents

  1. What information do we collect?
  2. How do we process your information?
  3. What legal bases do we rely on to process your personal information?
  4. When and with whom do we share your personal information?
  5. Do we offer artificial intelligence-based products?
  6. How do we handle sign-in and social login features?
  7. Is your information transferred internationally?
  8. How long do we keep your information?
  9. How do we keep your information safe?
  10. What are your privacy rights?
  11. Advertising, tracking, and campaign measurement
  12. Controls for Do Not Track features
  13. Do United States residents have specific privacy rights?
  14. Do we make updates to this policy?
  15. How can you contact us about this policy?
  16. How can you review, update, or delete data?

1. What Information Do We Collect?

1.1 Information stored on your device

Voice of Self stores journal content locally after processing unless you choose to export, back up, share, or directly send it elsewhere. The app may store the following on your device:

Depending on your Apple or device settings, local app data may also appear in device backups, Finder/iTunes backups, iCloud backups, or other storage locations you choose when exporting or sharing files.

1.2 Account and sign-in information

If you create or use an account, we may process:

1.3 Subscription, access, and backend usage records

If you use account mode or paid features, we may process backend-linked records such as:

Our backend usage and accounting records are intended to track access, limits, cost, fraud prevention, and service operations. They are not intended to store raw transcript text, raw audio, or AI response content as account records.

1.4 Website and direct contact submissions

If you contact us through website or email channels, we may process:

Direct contact emails may be processed through your email provider and ours. Please avoid sending more personal information than needed when contacting us.

1.5 Sensitive information

Your journal content may contain sensitive personal information if you choose to say or write it. This is not because we ask you to create a sensitive profile; it is because an open-ended reflection app lets you talk about your life. This may include information about:

We do not ask you to create a separate sensitive-profile record for our backend. Instead, sensitive information may appear inside the content you create in the app or directly send to us. Managed AI requests process the content needed to answer the request, then the resulting journal content is stored locally by the app. If content appears to involve self-harm, abuse, illegal conduct, or other safety or acceptable-use risks, Voice of Self may block, hide, refuse, or leave some analysis incomplete.

1.6 Payment information

Paid subscriptions are sold through Apple’s in-app purchase system. Apple handles payment card or billing instrument details. We may receive limited subscription and transaction status information from Apple or RevenueCat, such as product identifiers, entitlement status, renewal state, and related timestamps, but we do not receive or store your full payment card number.

The app may use subscription status already available to it to schedule a local device reminder about 24 hours before an account-mode free trial ends or before a paid App Store subscription period ends. This reminder uses the app’s existing notification permission, is generated on your device, and does not add new backend data collection, retention, deletion, or third-party sharing.

1.7 Information processed automatically

When you use the website, sign in, call backend features, or use subscription or AI-connected services, we and our service providers may automatically process limited technical information such as:

If you use the app, it may also request access to features such as:

You can control device permissions in iOS Settings.

1.8 Information from other sources

We do not buy personal data from data brokers, public databases, or marketing partners.

We may receive limited information from third parties that help us deliver the service, including:

1.9 Children

Voice of Self is not intended for children under 16, and we do not knowingly seek to collect personal data from children under 16. If you believe a child under 16 has provided personal information through the app or direct contact channels, contact us and we will investigate and, where appropriate, delete the information.

2. How Do We Process Your Information?

We may process personal information to:

We do not sell personal data. We do not use your registered email address for optional marketing or giveaway campaigns without a separate consent flow.

Safety checks are automated. They may refuse, defer, block, or limit AI output or show safety-oriented language when content appears risky. Voice of Self is not live human monitoring, crisis support, therapy, or emergency response. Human review or disclosure is limited to situations such as support you request, security, abuse prevention, legal compliance, or urgent safety/legal circumstances described in this policy and the Terms.

If you are in the EEA, UK, Switzerland, or another jurisdiction that requires us to identify a legal basis, we generally rely on one or more of the following:

Where sensitive personal information is processed, it is processed because you chose to include it in content you ask the app to process or because you directly sent it to us. We rely on your explicit action, instructions, consent where required, or other grounds permitted by applicable law.

4. When And With Whom Do We Share Your Personal Information?

We may share information with service providers or infrastructure partners when needed to operate the service. Categories include:

We may also disclose personal information when reasonably necessary to:

We do not sell personal data, and we do not share personal data for cross-context behavioral advertising.

5. Do We Offer Artificial Intelligence-Based Products?

Yes. Voice of Self includes AI-assisted features such as:

AI features are for non-authoritative reflection only. They are not advice, guidance, therapy, crisis support, emergency support, safety-critical decision support, or proof that progress is truly present or absent. Additional safety and acceptable-use limits appear in the Terms of Service.

5.1 Managed account-mode AI

If you use account mode, content needed to fulfill the request may pass through our Firebase backend to the managed AI provider selected by our backend configuration for that workflow. Managed AI processing may use Amazon Bedrock / AWS or Groq depending on the workflow and operational routing configuration. The current default backend configuration uses Amazon Bedrock / AWS for analysis workflows and Groq for live-question workflows. This may include transcript text and, in some flows, live transcript excerpts while a recording session is still in progress.

Our systems are designed so raw audio, raw transcript text, and AI output are not stored as persistent backend account records after the request is fulfilled. We do, however, retain limited security, subscription, diagnostic, and usage/accounting metadata such as token counts, workflow labels, timestamps, processing duration, and derived cost. Transient handling, provider-side processing, retries, abuse/security tooling, and short-lived logs or caches may still occur as part of ordinary service operation. Where a managed provider offers privacy or retention controls, such as reduced or disabled retention settings, we may enable those operational controls, but third-party provider handling is still governed by that provider’s service, privacy, and infrastructure terms.

We do not intentionally store raw managed-AI request content or raw AI output as persistent backend account records. Our app and backend code do not add Bedrock prompt cache checkpoints for these managed requests, and our operational policy is not to enable Bedrock model invocation logging for raw request or response bodies. We do not use Groq batch processing, fine-tuning, or other application-state features that require customer-data retention for normal live-question requests. Provider-side processing, reliability safeguards, abuse monitoring, regional routing, account settings, and retention controls remain subject to the applicable AWS, Groq, and other provider terms and settings.

5.2 On-device and Apple-assisted processing

Depending on the feature and your device capability:

5.3 How to limit or avoid AI processing

Voice of Self does not currently offer a user-selected custom AI provider or bring-your-own API key mode. You can reduce or avoid off-device AI processing only by:

We do not use your personal content to train our own models. Managed AI providers process data under their own API terms, privacy policies, and service settings.

6. How Do We Handle Sign-In And Social Login Features?

Voice of Self currently supports:

If you use Google or Apple sign-in, we receive only the limited account information needed to authenticate and operate your account. We do not currently support Facebook, X, or other general social-media login systems.

Third-party sign-in providers control their own processing of your data under their own policies.

7. Is Your Information Transferred Internationally?

Yes. Depending on the feature you use and the provider involved, your information may be processed in countries other than your own, including the United States, AWS regions used for managed analysis processing, regions used by Firebase / Google infrastructure, and other regions where our service providers operate. If you export or share files, transfer and storage locations also depend on the apps and storage destinations you choose.

If you are in the EEA, UK, or Switzerland, these countries may not always have privacy laws identical to those in your jurisdiction. Where applicable, we rely on the safeguards, contractual commitments, or transfer mechanisms offered by our service providers under their terms and data-processing commitments.

8. How Long Do We Keep Your Information?

We keep personal information for as long as reasonably necessary for the purposes described in this policy, unless a longer period is required by law.

8.1 Local data

Local journal data remains on your device until you delete it, remove the app, or otherwise clear it yourself. Copies may also remain in exported .vos files, Files/iCloud locations, email drafts, sent-mail folders, or device backups until you delete those copies too.

8.2 Recordings

Recordings may be retained locally for playback, transcript repair, or re-transcription.

8.3 Backend-linked account data

Backend-linked records remain until you delete your account, ask us to delete applicable data, or we remove the records for fraud, safety, security, legal, or service-operation reasons. These records may include:

8.4 Diagnostic, security, and platform log records

Operational, security, anti-abuse, and deletion-request records may persist for as long as reasonably necessary to detect incidents, enforce limits, document requests, and satisfy legal or compliance obligations. These records are intended to be limited in content and are not intended as a journal archive. They may contain identifiers, timestamps, request metadata, status codes, model or workflow labels, error names, file paths, or other technical context.

Firebase / Google platform logs for backend functions are handled by Cloud Logging according to the project’s configured Google/Firebase retention settings. Under standard Firebase / Cloud Logging defaults, Cloud Functions for Firebase logs are automatically deleted after 30 days unless custom retention or export settings are configured. Our backend code is designed not to log raw journal text, raw audio, or raw AI output.

8.5 Raw managed-AI content

For managed account-mode AI requests, our backend is designed not to retain raw audio, transcript text, or AI response content as persistent backend account records after fulfilling the request. Limited transient processing, in-memory handling, provider-side processing, retries, or short-lived system-level logs or caches may still occur as part of ordinary service operation.

8.6 Direct contact data

Direct emails or website messages may remain until we no longer need them for follow-up, service-related replies, or legal/business recordkeeping, unless you ask us to delete them sooner and we are not legally required to keep them.

9. How Do We Keep Your Information Safe?

We use commercially reasonable technical and organizational measures, including where applicable:

No system can guarantee absolute security. Local-first storage may reduce some backend exposure compared with persistent server storage, but it does not eliminate risk if your unlocked device, exported files, backups, email account, or third-party provider accounts are compromised.

10. What Are Your Privacy Rights?

Depending on where you live, you may have rights to:

Because journal content is stored locally on your device after processing, you already control much of that data directly. For backend-linked account data or direct-contact data, contact us using the details below.

We do not currently use solely automated decision-making to make legal or similarly significant decisions about you in the sense used by privacy law. However, automatic entitlement, rate-limit, integrity, and safety checks may still enable, disable, delay, or block some app features.

If you are in the EEA, UK, Switzerland, Canada, or another jurisdiction that grants it, you may also have the right to complain to your local privacy or data protection regulator.

If processing depends on your consent, you can withdraw that consent at any time. This does not affect the lawfulness of processing before withdrawal or processing based on another lawful basis.

11. Advertising, Tracking, And Campaign Measurement

Voice of Self may be promoted through paid or organic campaigns on third-party platforms such as Meta, Instagram, TikTok, Apple Search Ads, Google, or similar services. We may choose campaign settings inside those platforms, such as region, language, placement, keyword, interest, app-category, campaign objective, budget, schedule, creative, and similar platform-provided targeting or optimization settings, where lawful.

For clarity, advertising Voice of Self on external platforms is different from showing ads inside the app. Voice of Self is not an ad-supported app: we do not display third-party ads, sponsored placements, ad-network content, or paid promotions inside the Voice of Self app.

If you see, click, view, save, share, comment on, install from, or otherwise interact with a Voice of Self ad on one of those platforms, the platform may process information about that interaction under its own terms and privacy policy. We may receive campaign reports from those platforms, such as impressions, clicks, installs, video views, engagement, spend, and other aggregated or campaign-level performance information.

We may use non-sensitive campaign links or parameters, such as UTM parameters, referral source, landing-page path, and aggregated platform reports, to understand whether a campaign is working. Website hosting, browser, and security systems may also receive ordinary request metadata such as IP address, user agent, request time, and the page requested.

Today, the Voice of Self app and website do not include Meta Pixel, TikTok Pixel, Google advertising tags, third-party ad SDKs, server-side conversion APIs, or similar ad-tracking code. We do not currently upload customer lists, account email addresses, support email addresses, device advertising identifiers, app activity, website activity, journal text, raw audio, transcripts, AI outputs, or similar user data to ad platforms for custom audiences, lookalike audiences, retargeting, attribution, or conversion measurement.

If we later add a website pixel, app event SDK, server-side conversion API, custom audience upload, retargeting audience, lookalike audience, or similar advertising measurement tool, we will treat that as a material advertising-data practice. Before activating that tool, we will update this policy and App Store privacy disclosures, use legally required cookie or tracking consent controls, and comply with Apple App Tracking Transparency where the iOS app tracks users across other companies’ apps or websites.

We will not intentionally send journal text, raw audio, transcripts, AI outputs, live-question content, direct-message text, children’s data, or other sensitive app content to Meta, TikTok, Google, Apple Search Ads, or similar ad platforms for targeting or campaign measurement. We also will not upload direct-contact lists or account email addresses for custom-audience advertising unless we have a lawful basis, required notice, and any required consent.

12. Controls For Do Not Track Features

Some browsers offer a Do Not Track (“DNT”) setting. Because there is no consistent industry standard for recognizing and enforcing DNT signals, we do not currently respond to them.

13. Do United States Residents Have Specific Privacy Rights?

If you live in a US state with a privacy law that applies to us, you may have rights to know, access, correct, delete, or obtain a copy of certain personal information, and to opt out of some kinds of processing where applicable.

13.1 Categories of personal information we may process

Depending on how you use the service, we may process categories such as:

Audio recordings may contain your voice, but we do not use those recordings to create biometric identity templates or voiceprints for identity verification.

13.2 Sale, sharing, and sensitive information

We do not sell personal data. We do not currently share personal data from our app or website for targeted or cross-context behavioral advertising. We use sensitive personal information only as needed to provide the service, secure it, comply with law, or for other purposes permitted by applicable law.

If we add a practice that qualifies as sale, sharing, targeted advertising, or cross-context behavioral advertising under an applicable law, we will provide the legally required notice and opt-out or consent mechanism.

13.3 Exercising your rights

To exercise applicable rights, contact us using the details in Section 15.

13.4 Verification, authorized agents, and appeals

We may ask for information needed to verify your identity before responding to an access, correction, deletion, or similar privacy-rights request. Where applicable law allows, you may use an authorized agent to submit a request on your behalf, and we may ask for proof of that authorization.

If we deny a request and applicable law gives you an appeal right, you may appeal by emailing voiceofselfapp@gmail.com or by using the other contact details in Section 15.

We do not currently disclose personal information to third parties for their own direct-marketing purposes.

14. Do We Make Updates To This Policy?

Yes. We may update this Privacy Policy from time to time. The current version and effective date are published in the hosted legal manifest and surfaced in the app when a new acceptance is required.

15. How Can You Contact Us About This Policy?

If you have questions or comments about this Privacy Policy, you may contact us at:

16. How Can You Review, Update, Or Delete Data?

16.1 Local app data

You can delete local journals, transcripts, recordings, exports, and related content directly on your device. Standard .vos exports can include transcripts, episodes, AI notes, relics, and optionally settings. Removing the app may remove some local app data, but it may not remove copies in export files, Files/iCloud locations, email drafts, sent-mail folders, or device backups.

16.2 Backend-linked account data

The app includes an in-app delete-account flow. When completed, it is intended to immediately remove backend-linked records we control:

If a backend, storage, or provider deletion step cannot be completed after retrying, the app may leave your sign-in account in place, tell you which cleanup steps still need a retry, and let you try the delete-account flow again later instead of silently finalizing account removal while cleanup is still incomplete.

Deleting your account does not remove journals, transcripts, recordings, or other content that already exists only on your device. Deleting your account also does not automatically cancel an App Store subscription, and it does not necessarily remove transaction records, provider-side logs, platform logs, or legally required records kept by Apple, RevenueCat, Google, email providers, or other third parties under their own obligations.

16.3 Direct contact data

To request review, correction, or deletion of backend-linked data or direct-contact data, contact us using the details in Section 15. If you contacted us by email, you may also need to delete copies from your own mailbox, sent-mail folder, or other email systems you used.