VoiceStream logo VoiceStream

Privacy Policy

VoiceStream Privacy Policy

Effective date: 2026-03-05 | Last updated: 2026-03-05

This policy explains how VoiceStream handles personal data while providing recording, transcription, text structuring, and project organization features.

Back to Home Contact Support

1. Scope

This policy applies to the VoiceStream iOS app, related static website pages, and supporting backend services for account, recording, transcription, and project features.

In the current version, recordings are uploaded and processed only when you explicitly trigger upload/transcription related actions. No hidden background upload is performed.

2. Data We Collect

Account and identity data

  • Email address, sign-in method (email or Apple Sign In), and language preference.
  • Passwords are not stored in plain text; only hashed representations are stored.
  • Security credentials used for sign-in, such as OTP, reset tokens, and magic-link tokens.

Content data

  • Uploaded audio files and recording object keys.
  • Transcript text, polished text, generated titles, generated summaries, and sentence structures.
  • Project names, recording-project links, and lexicon entries (including aliases/notes).

Operational and security logs

  • Request/error logs, status codes, task states, and processing timings.
  • Used for reliability monitoring, troubleshooting, and security auditing.

Data we do not collect by default

  • Contacts, SMS, call logs, or photo library data unrelated to core features.
  • Undeclared always-on microphone capture in the background.

3. Permissions (Microphone)

Microphone access is used to record audio notes and transcribe them into text, and only when you actively start recording. You can revoke microphone permission at any time in iOS settings.

4. Why We Process Data

  • To deliver core product capabilities, including content processing, organization, and account-related functions.
  • To support identity verification, access control, fraud/risk prevention, and service security.
  • To maintain service reliability, troubleshoot issues, and improve overall product quality.
  • To meet necessary compliance and operational requirements where permitted by applicable law.

5. Third-Party Processors

Where necessary to operate the service, we may engage contracted third-party providers under controlled scope.

  • Such providers support infrastructure, communication, or identity-related capabilities only as authorized.
  • We require confidentiality and security obligations through contractual controls.
  • We continuously review vendor compliance posture and risk-control capability.

Data is not shared for unrelated purposes, and processing beyond authorized scope is not permitted.

6. Storage, Cross-Border Processing, and Retention

Data may be processed across regions depending on deployment arrangements. Where cross-border processing applies, appropriate safeguards are implemented under applicable legal requirements.

Retention and Deletion Principles

  • We retain data under principles of data minimization and purpose limitation.
  • Retention strategy varies by data category, business necessity, and legal requirements.
  • When retention is no longer necessary, data is deleted or de-identified according to internal procedures.
  • You may request deletion through in-app controls or by contacting support.

7. Security Controls

  • Encryption in transit, authenticated service communication, least-privilege access control, and audit logging.
  • Password hashing with Argon2 (no plain-text password storage).
  • Sensitive token materials stored as hashes (for example SHA-256 for refresh and OTP-related tokens).
  • Ongoing monitoring and incident-handling procedures for service security.

No internet-based system can guarantee absolute security. We continuously improve controls to reduce practical risk.

8. Your Rights and Choices

  • You can delete recordings, project links, and part of your content data inside the app.
  • You can contact support to request account-related data access, deletion, or other privacy requests.
  • You can withdraw permissions (for example microphone access), which may affect related features.

9. Children

If you are under 14 years old, please use the service with consent and guidance from a parent or legal guardian. We do not knowingly collect unnecessary personal data from children.

10. Policy Updates and Contact

We may update this policy based on product, legal, or operational changes. Significant updates will be reflected through the update date and appropriate notices.

For privacy questions or requests, contact: voicestream@parryqiu.com