Privacy Policy for EchoVault

Last updated: November 21, 2025

Introduction

EchoVault ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our voice journaling application.

Information We Collect

1. Audio Recordings

What we collect: Voice recordings you create within the app for journaling purposes
How it's stored: All audio recordings are stored locally on your device by default
Optional cloud sync: If you enable cloud sync, encrypted recordings are stored in Firebase Cloud Storage
Purpose: To provide voice journaling functionality and AI-powered transcription

2. Transcriptions and AI Analysis

What we collect: Text transcriptions of your voice entries and AI-generated insights
Third-party processing: Audio may be sent to OpenAI's Whisper API for transcription (only when you create an entry)
AI insights: We use OpenAI GPT and Google Gemini APIs to generate emotional insights
Data retention: AI providers process data according to their privacy policies but do not retain your content

3. Usage Data

What we collect: App usage statistics, feature interactions, journaling streaks
Purpose: To improve app functionality and provide personalized experiences
Storage: Stored locally on your device and optionally synced via Firebase

4. Account Information (Optional)

What we collect: Email address (if you create an account for cloud sync)
Authentication: Handled securely through Firebase Authentication
Purpose: To enable cloud sync and premium features

Permissions We Request

Required Permissions

RECORD_AUDIO: Required for voice recording functionality. Without this permission, the core journaling feature cannot work.
INTERNET: Required for AI transcription, insights, and optional cloud sync

Optional Permissions

NOTIFICATIONS: To remind you to journal and celebrate streaks (can be disabled in settings)

How We Use Your Information

Voice Journaling: Process audio recordings to create journal entries
AI Features: Generate transcriptions and emotional insights using AI services
Personalization: Track streaks, achievements, and provide personalized experiences
Cloud Sync: Securely backup your entries (only if enabled)
Premium Features: Unlock advanced AI capabilities for premium subscribers

Data Sharing and Third Parties

We only share data with the following trusted third-party services:

1. OpenAI (Whisper & GPT APIs)

Purpose: Audio transcription and AI insights
Data sent: Audio recordings and text transcriptions
Privacy policy: https://openai.com/privacy

2. Google (Gemini AI & Firebase)

Purpose: Free AI insights and cloud storage
Data sent: Text transcriptions (Gemini), encrypted journal entries (Firebase)
Privacy policy: https://policies.google.com/privacy

3. RevenueCat

Purpose: Manage premium subscriptions
Data sent: Anonymous purchase data
Privacy policy: https://www.revenuecat.com/privacy

            We NEVER:
            Sell your personal data to third parties
Share your journal entries with anyone
Use your voice recordings for marketing
Train AI models on your private journal content

        

Data Security

Encryption: All data transmitted to cloud services is encrypted using industry-standard TLS
Local storage: Journal entries are stored securely on your device
Firebase security: Cloud-synced data is protected by Firebase security rules
API security: All API keys are stored securely and never exposed in logs

Your Data Rights

You have the right to:

Access: View all your journal entries within the app
Export: Download your data as PDF files
Delete: Remove individual entries or all data at any time
Opt-out: Disable cloud sync, AI features, or analytics
Portability: Export your data in machine-readable formats

How to Exercise Your Rights

Delete entries: Long-press any entry and select "Delete"
Delete all data: Settings → Data & Privacy → Delete All Data
Disable cloud sync: Settings → Account → Toggle off "Cloud Sync"
Disable AI features: Settings → AI Settings → Disable features individually
Export data: Settings → Data & Privacy → Export to PDF

Data Retention

Local data: Retained until you manually delete it
Cloud data: Retained while your account is active; deleted within 30 days after account deletion
AI processing: OpenAI and Gemini do not retain your data beyond processing time
Backups: Cloud backups are retained for 30 days after deletion for recovery purposes

Children's Privacy

EchoVault is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected data from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Posting the new Privacy Policy in the app
Updating the "Last updated" date
Sending an in-app notification for significant changes

Contact Us

If you have questions about this Privacy Policy or your data, please contact us:

Email: admin@penkay.pro
Email: admin@penkay.pro
GitHub: https://github.com/SantioNetwork/EchoVault

Compliance

This Privacy Policy complies with:

GDPR (General Data Protection Regulation)
CCPA (California Consumer Privacy Act)
Google Play Store privacy requirements
Apple App Store privacy requirements

Your privacy matters to us. EchoVault is designed with privacy-first principles—your journal is yours alone.