Privacy Policy

Last updated: May 21, 2026

This Privacy Policy describes how RecordMind ("we", "us", "our") collects, uses, and protects information when you use the RecordMind mobile app and related services.

At-a-glance: how AI works in RecordMind. When you record or import audio, RecordMind sends that audio — and the text we transcribe from it — to a third-party AI service provider (currently OpenAI, Inc.) for speech-to-text and summarization. Before your first recording, the app asks for your explicit consent; you can decline and still use the rest of the app. The provider does not train on your content and deletes it within 30 days. See Section 3 below for details.

1. Information We Collect

1.1 Account information

Email address
Display name and optional profile photo
Authentication credentials via Apple Sign In, Google Sign In, or Firebase email OTP

1.2 Content you create

Audio recordings captured through the microphone
Transcribed text generated from your audio
AI-generated summaries and mind maps derived from your transcripts
Notes and annotations you add manually

1.3 Technical and usage data

Device model, OS version, app version, language
IP address and approximate country
Vendor identifier (IDFV) for internal analytics — never shared with advertisers
Crash reports and performance diagnostics
Push notification token (when enabled)

1.4 Subscription data

Apple In-App Purchase receipts and transaction IDs
Subscription tier and remaining usage quota
We do not collect credit-card or payment-method details. All payments are processed by Apple.

2. How We Use Your Information

Purpose	What we do
Provide core features	Process audio to produce transcripts, summaries, and mind maps
Authenticate you	Verify identity via Firebase Auth, Apple, or Google
Sync your data	Store your content so you can access it across sessions
Send notifications	Push alerts for task completion or account events
Improve our Service	Analyze aggregated, anonymized usage patterns
Process payments	Verify Apple in-app purchases and update entitlements
Comply with law	Respond to lawful requests from authorities

We do not sell your data, and we do not allow our AI provider to train on it. Your audio, transcripts, summaries, and notes are never used to train any machine-learning model — ours or any third party's.

3. Third-Party AI Processing

To provide transcription, summary, and mind-map features, RecordMind sends your audio and the transcribed text to a third-party AI service provider. We do not operate any AI model on our own servers.

Current provider: OpenAI, Inc. (United States). We may change provider in the future; if we do, we will update this Policy.
What we send: the audio of each recording you create or import, and the text transcribed from it (only when you request a summary or mind map).
Purpose: speech-to-text and natural-language processing, solely to power the features you requested.
Training: Per our provider's API terms, content submitted via the API is not used to train AI models.
Retention by provider: deleted within 30 days of receipt for abuse monitoring; we do not retrieve it back.
Your control: Before your first recording, the app shows an in-app consent dialog explaining this data sharing. AI features only proceed after you agree. You can stop using AI features at any time by not creating new recordings and by deleting existing ones from Settings → Account.

3.2 Other service providers

Each receives only the minimum data needed:

Provider	Data sent	Purpose
Firebase (Google)	Email, OAuth tokens	User authentication
Cloudflare R2	Encrypted audio file blobs	Object storage
OneSignal	Push token, device ID	Push notifications
Apple	IAP transaction data	In-app purchase verification

4. Data Retention

Data type	Retention
Audio recordings	Until you delete them, or up to 30 days after account closure
Transcripts, summaries, mind maps	Same as audio recordings
Account information	Until account deletion is requested
Crash and analytics logs	90 days, then anonymized
Subscription records	7 years (legal requirement)

5. Your Rights

You have the right to:

Access the data we hold about you
Correct inaccurate information
Delete your account and all data
Export a copy of your content
Withdraw consent or object to processing

To exercise these rights: in-app via Settings → Account, or email support@recordmind.me (we respond within 30 days).

6. Children's Privacy

RecordMind is not directed at children under 13 (16 in EEA). We do not knowingly collect data from children. If we learn we have, we will delete it promptly. Parents may contact support@recordmind.me.

7. International Data Transfers

Your data may be processed in the United States (our AI service provider, Firebase, OneSignal) and through Cloudflare's global network. We rely on Standard Contractual Clauses or equivalent safeguards.

8. Security

TLS 1.2+ encryption for all data in transit
AES-256 encryption at rest on Cloudflare R2
Role-based access control and audit logging
Regular security reviews

If a data breach occurs, we will notify affected users within 72 hours.

9. Changes to This Policy

We may update this Policy. Material changes will be announced in-app and via email at least 30 days before they take effect.

10. Contact

RecordMind
Email: support@recordmind.me
Website: recordmind.me