Privacy Policy

Last updated: February 18, 2026

1. Introduction

AndyNote ("we", "our", or "us") is operated by OLAP DATABASE PTE. LTD. This Privacy Policy explains how we collect, use, and protect your personal data when you use the AndyNote application ("the App"). We are committed to protecting your privacy and being transparent about our data practices.

2. Data We Collect

2.1 Voice & Transcription Data

  • Audio recordings: Captured by your device microphone during transcription sessions. Audio is processed for real-time transcription and isnot stored on our servers.
  • Transcription text: The text output generated from your audio. Stored locally on your device using Core Data. If you opt in to AI features, transcription text may be sent to our backend for AI-powered analysis.

2.2 AI Chat Data

  • Chat messages: When you use the AI chat feature (Ask Andy), your questions and conversation history are sent to our backend server for processing.

2.3 Account & Authentication Data

  • Email address (via Google Sign-In or Apple Sign-In)
  • User identifier
  • Authentication provider information

2.4 Usage & Device Data

  • App version, device model, operating system version
  • Country and locale settings
  • Number of voice notes and total transcription duration (aggregate statistics)
  • Analytics data (if you consent to analytics collection)

3. How We Use Your Data

PurposeData Used
Real-time speech-to-text transcriptionAudio stream
Real-time translationTranscription text
AI analysis (speaker identification, summaries, titles)Transcription text
AI chat (Ask Andy)Chat messages, conversation history
User authenticationEmail, user ID
App improvement & analyticsUsage statistics, device info

4. Third-Party Services & Data Sharing

We share your data with the following third-party services to provide the App's functionality. Each service is subject to their own privacy policies and enterprise data protection standards.

Microsoft Azure OpenAI Service (GPT model)

Data shared: Transcription text, chat messages

Purpose: AI-powered analysis, summaries, speaker identification, and chat features

Privacy policy: privacy.microsoft.com

Firebase (Google)

Data shared: Authentication credentials, analytics data (with consent)

Purpose: User authentication, app analytics

Privacy policy: firebase.google.com

Important: AI Data Processing

When you enable AI features, your transcription text and chat messages are processed by Microsoft Azure's GPT model. This processing is performed under Microsoft Azure's enterprise data protection policies:

  • Data is encrypted in transit and at rest
  • Your data is not used to train or improve AI models
  • Processing complies with Microsoft's data protection agreements

Audio recordings are not sent to AI services. Only the transcribed text is used for AI features.

5. Your Consent & Controls

The App requires your explicit consent before sharing data with AI services:

  • AI Data Sharing consent: On first launch, the App displays a clear consent dialog explaining what data is sent, who receives it, and how it is protected. You must agree before any AI features are activated.
  • Analytics consent: You can control analytics data collection through the Privacy Settings screen.
  • Changing your preferences: You can enable or disable AI features at any time via Settings > Privacy Settings > AI Analysis & Chat.

If you disable AI features, basic transcription and translation will continue to work. Only AI analysis, summaries, and chat features require the AI consent.

6. Data Storage & Retention

  • On-device storage: Voice notes, transcriptions, and chat history are stored locally on your device using Core Data. We do not have access to this data unless you explicitly use AI features.
  • Backend storage: When AI features are enabled, transcription text uploaded for analysis may be stored temporarily for processing and cached to avoid redundant re-analysis.
  • Account data: User authentication data is managed through Firebase and our backend database.

7. Data Security

  • All data transmissions use HTTPS/TLS encryption
  • Authentication tokens are generated securely and expire regularly
  • Third-party services maintain enterprise-grade security certifications
  • We do not sell your personal data to any third party

8. Children's Privacy

The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected data from a child under 13, please contact us so we can promptly remove it.

9. International Data Transfers

Your data may be processed in regions where our third-party service providers operate, including the United States, Europe, and Asia-Pacific. Our third-party service providers comply with GDPR and other international data protection regulations.

10. GDPR & EEA Users

If you are located in the European Economic Area (EEA), you have additional rights under the GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

For EEA users, analytics and advertising consent defaults to denied until you explicitly opt in.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting a notice in the App or on our website. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Company: OLAP DATABASE PTE. LTD.
  • Address: 1 North Bridge Road, Singapore 179094