Summary
Quick summary 1. Scope 2. Data stored locally 3. Network features and remote processing 4. Account, billing, and licensing 5. Service providers and sharing 6. Retention 7. Security measures 8. Your choices and rights 9. Website and cookies 10. Contact

Privacy Policy

Last updated: May 15, 2026

Vocalype is a desktop app with a local core, but it is no longer accurate to describe the product as "no network" or "cloud only if you bring your own provider." Account, licensing, workspace, update, and some AI features can create network traffic. This page explains which data stays on your device and which data may leave it.

Quick summary

Local dictation and local transcription can run on-device. Network activity happens when you sign in, validate a license, manage billing, use team features, check for updates, download optional models, or run AI features that use Vocalype Cloud or another configured provider.

1. Scope

This policy covers the Vocalype desktop application, the Vocalype website, and related account, billing, support, and workspace services. It does not replace the privacy terms of third-party providers you choose to use through Vocalype.

If you enable or connect a third-party AI provider, a local AI runtime, or a team workspace, additional data handling may apply based on that feature and provider.

2. Data stored locally

On your device

Vocalype stores settings, local history, dictionaries, snippets, prompts, and optional recordings on your machine. Authentication secrets and similar tokens are stored in the operating system secure store when available.

Local telemetry and logs

The app may write local diagnostic and transcription telemetry files. These are local files on your device, not a remote analytics stream, and may contain technical metadata and redacted text previews.

  • audio recordings if you choose to save them
  • transcription history and text assets stored locally by the app
  • workspace copies cached on your device after sync
  • meeting transcripts and imported audio metadata
  • local telemetry files such as `transcription_telemetry.jsonl`

3. Network features and remote processing

Some Vocalype features send data over the network. Which data is sent depends on the feature you use.

  • Account and sign-in: email address, authentication requests, session refresh, and related metadata are sent to Vocalype account services.
  • Licensing: the app uses a machine identifier for license checks. The device identifier is hashed before it is sent to backend licensing services.
  • Billing: subscription and payment flows use Stripe and related billing infrastructure.
  • Workspace features: team membership, shared templates, shared snippets, shared dictionary entries, processing region, billing contact, and support contact can be stored server-side when team features are used.
  • Vocalype Cloud and AI actions: if you use post-processing, agent actions, summaries, or other AI features backed by Vocalype Cloud, the relevant dictated text, transcript, or prompt content may be sent to Vocalype-operated AI endpoints for processing.
  • User-configured AI providers: if you connect a provider such as Gemini or another compatible endpoint, the content you process with that provider may be sent to that provider under its own policy.
  • Meeting import and diarization: the first use of speaker diarization downloads a model from Hugging Face. AI meeting summaries, titles, chapters, and action extraction may send transcript text to the active AI provider.
  • Local AI runtimes: if you enable local integrations such as Ollama or a local llama server, the app may send requests to `localhost` or `127.0.0.1` on your machine.
  • Update checks: when update checks are enabled, the app may contact update infrastructure to look for new versions.

We do not describe every feature as always remote or always local. The actual behavior depends on your settings, your plan, the feature you use, and whether you have signed in or connected a provider.

4. Account, billing, and licensing data

For account and commercial operations, Vocalype may process:

  • email address, display name, and account identifiers
  • session and authentication metadata
  • hashed machine device identifier used for licensing
  • subscription plan, entitlement status, workspace membership, and billing state
  • support conversations and account actions
  • service-side technical logs related to security, abuse prevention, stability, and billing events

Vocalype does not store your full payment card number on its own systems. Payment processing is handled by Stripe or another designated payment processor.

5. Service providers and sharing

We do not sell your personal data. We may share data only as needed to operate the product or when you deliberately use a connected provider.

  • Stripe for payments, subscriptions, invoices, and billing portal flows
  • hosting and API infrastructure used to run account, licensing, workspace, and cloud features
  • AI providers you choose or invoke, including Vocalype Cloud and user-configured third-party AI endpoints
  • Hugging Face when optional meeting diarization model downloads are requested
  • support and email tooling when needed to answer support requests or send account-related communication

Depending on your location and the providers involved, your data may be processed in countries other than your own.

6. Retention

  • Local content: stays on your device until you delete it, change retention settings, or uninstall the app.
  • Optional recordings: follow the retention period configured in the application when recording storage is enabled.
  • Account and workspace records: are kept for as long as needed to operate your account, provide the service, and comply with legal or billing obligations.
  • License records and technical logs: are retained for security, fraud prevention, support, and operational reasons for a limited period appropriate to those purposes.
  • Billing records: are retained according to legal requirements and payment processor rules.

7. Security measures

  • HTTPS is used for supported network communications.
  • Authentication secrets are stored in the OS secure store when supported.
  • Machine device identifiers used for backend licensing are hashed before transmission.
  • License state can be cached locally for offline validity periods.
  • Local-first processing remains available for core workflows, but some features depend on remote services by design.

No security measure is perfect. You should still protect your device, your operating system account, your email account, and any third-party providers you connect to Vocalype.

8. Your choices and rights

You can choose whether to sign in, whether to enable saved recordings, whether to connect a provider, and whether to use workspace features. Depending on applicable law, you may also have rights to access, correct, export, or delete personal data we control.

To make a privacy request, email privacy@vocalype.com.

9. Website and cookies

The Vocalype website may use standard web logs, basic analytics, and essential site storage needed for language selection, navigation, and site operation. Payment and account flows may introduce additional provider-side cookies or storage under those providers' policies.

10. Contact

Privacy questions: privacy@vocalype.com.

  • Service name: Vocalype
  • Legal entity / address: available on request or to be completed in formal corporate disclosures