Privacy Policy
We respect and protect your privacy. This policy explains how the Voxdown desktop software (“the Software”) collects, uses, and shares information when you use it.
1. Information We Collect
- Account information: When you register or sign in, we collect your email address and authentication identifiers required for the account.
- Website notification information: When you submit a Windows version notification request on the website, we collect the email address and target platform you provide for launch notifications and related operational statistics.
- User content: When cloud transcription, text cleanup, or rewriting is performed, the relevant audio or text is sent to cloud services for processing during that operation.
- Quota and audit information: Quota consumption, request IDs, provider task IDs, task status, billing details, text or audio hashes, duration, and token counts are used for result reuse, billing, auditing, and troubleshooting.
- Local debugging and runtime information: Software version, operating system version, and error logs or debug records stored locally on your device are used for local troubleshooting.
- Device information: Operating system version, software version, and other necessary runtime environment information.
2. How We Use Information
- Provide transcription, rewriting, export, and other core features.
- Maintain the website Windows version notification list and send notifications when the version is available.
- Measure subscription quotas, billing, and anti-abuse controls.
- Troubleshoot issues and improve product quality and user experience.
- Send service notices when you consent or when required by law.
3. Local-First Processing
Voxdown is designed to process media files locally first. Audio and video decoding, waveform generation, editing, transcription cache, editing state, and debug logs are completed or stored on your device by default. Relevant audio or text is sent to the cloud only when you trigger cloud transcription, text cleanup, or rewriting.
4. Cloud Processing and Service Providers
To provide specific features, the Software submits necessary data to the following services or infrastructure:
- Object storage (Cloudflare R2): Used for temporary audio uploads before transcription. Files are deleted as soon as practical after a task completes or reaches its TTL.
- Speech recognition service (Soniox): Reads audio through short-lived presigned URLs to generate transcripts.
- Large language model service (OpenRouter): Used for text cleanup and rewriting. Relevant text is sent to this service for processing, while the Software backend defaults to retaining only minimal billing and audit information such as hashes, character counts, token usage, and provider request identifiers. It does not retain original text or rewritten text long term by default.
- Authentication and database (self-hosted Supabase): We use Supabase open-source components that we deploy and operate ourselves on rented servers for accounts, quotas, task status, short-term result cache, and billing audit records. This does not involve Supabase’s hosted service.
- Email service (Resend): Used for website Windows version notifications, contact groups, and launch emails. Notification emails and target platform information submitted on the website are sent to this service.
- Payment service (Creem): Used for subscriptions and invoice processing.
We submit only the minimum necessary data required for the corresponding feature. For the self-hosted authentication and database environment, the data is directly controlled and operated by us.
5. Data Retention and Deletion
- Temporary audio uploaded to R2 is deleted as soon as practical after a transcription task succeeds or fails, with lifecycle rules as a fallback.
- Cloud transcription results are cached in the database for a short period for result retrieval and duplicate request reuse. Successful results are retained for up to 72 hours by default. After the client retrieves the result, the cache validity is further shortened to up to 15 minutes.
- Text cleanup results are cached only as patches for a short period, up to 2 hours by default.
- The Software backend does not retain transcript text, rewritten text, or original audio files long term by default. Long-term records primarily include account information, subscription and quota ledger entries, provider billing records, task status, and minimal metadata needed for auditing or troubleshooting.
- Email addresses and target platform information submitted for website Windows version notifications are retained until the notification purpose is complete, or deleted as soon as practical after a deletion request.
- Local transcription cache, editing state, waveform cache, and debug logs are stored by the Software on your device. Their retention depends on whether local files are cleaned up.
- You may request export or deletion of your account data at any time by contacting support@voxdown.com.
6. Your Rights
To the extent permitted by applicable law, you may access, correct, delete, or withdraw consent for your personal data. You can exercise these rights through the email address above.
7. Data Security
We use technical and administrative measures such as encrypted transport (TLS), access controls, and short-lived URLs to protect your data. However, no internet transmission or storage can be absolutely secure. Please protect your account credentials.
8. Minors
The Software is not intended for children under 14. If we learn that such information has been collected without lawful guardian consent, we will delete it promptly.
9. Cross-Border Transfer
Because third-party services we use may be located outside your country or region, using the Software means you understand and agree to the related cross-border transfer of data.
10. Policy Changes
This policy may be updated as the service evolves. Material changes will be announced in the Software or on this page. The update date at the top of this page controls.
11. Contact Us
For privacy questions and data subject requests, contact: support@voxdown.com.