Privacy Policy

Last updated: 2026-05-15. Pending counsel review before GA.

1. Data We Collect

  • Account information: name, email, profile picture (from Google OAuth or email signup).
  • Source content: audio, video, or transcripts you upload.
  • Project metadata: rights attestations, generated manuscripts, edit history.
  • Usage data: API request logs, pipeline events, billing records.
  • YouTube OAuth (if linked): channel list, video metadata, optionally caption files.
  • Identity verification (if used for speaker attestation): government-ID images processed via Stripe Identity, retained only during review.

2. How We Use It

  • To process your source content into the manuscript you requested.
  • To verify rights and identity per our rights-first commitments.
  • To handle payments, refunds, and customer support.
  • To improve the service through anonymized aggregate metrics.

We do not train AI models on your content. Source recordings, transcripts, manuscripts, and identity documents are never used as training data for SpokenPrint's AI providers (Anthropic, Google) or any third party.

3. Third-Party Services

  • Anthropic and Google for AI generation.
  • Deepgram for audio transcription.
  • Stripe and Stripe Identity for payment and identity verification.
  • Cloudflare R2 for source-file and export storage.
  • Resend for transactional email.
  • YouTube Data API (if you opt in) for channel ownership verification.

4. Retention & Deletion

We keep source files only as long as they're needed, then delete them after a period of inactivity. Your finished work stays with you.

  • Source audio/video and transcripts: deleted after a defined period of inactivity (currently planned at 24 months; to be finalized with counsel before launch). You may delete them sooner at any time.
  • Manuscripts and exports: retained indefinitely, or until you delete the project — they are yours to keep.
  • Rights Envelope record: retained long-term (planned 7+ years) as evidence of authorization and human authorship; governed by a separate policy and not casually deleted on request.
  • Edit history: retained alongside the manuscript.
  • Account data: retained while your account is active.
  • Government-ID images (Stripe Identity): purged after verification completes.
  • Payment records: retained per legal and accounting requirements.

5. Your Rights

You may request a full export of your data or deletion of your account at any time by emailing privacy@spokenprint.com. We respond within 30 days. GDPR and CCPA rights apply where relevant.

6. Security

Encryption in transit (TLS) and at rest (AES-256-GCM for OAuth tokens and sensitive credentials). Database row-level security enforces per-workspace isolation. Annual penetration tests.

7. Cookies

We use only session cookies necessary for authentication. We do not use third-party tracking or advertising cookies.

8. Contact

privacy@spokenprint.com

See also: Terms of Service · DMCA Policy