Version 1 · Effective 2026-05-28

Privacy Policy

Effective date: 2026-05-28 Version: 1

This Privacy Policy explains how [legal_entity_name — not set] ("Voclip", "we") collects, uses, shares, and protects personal data when you use the Voclip apps and website (the "Service"). It also describes your rights and how to exercise them. For definitions and general rules, see our Terms of Service.

1. Data we collect

We collect the following categories, based on how you use the Service:

  • Account data: email address, display name, profile photo (avatar), authentication provider (email or Google), and email-verification and last-login status.
  • Content you create: your voice recordings (audio), the videos you generate, thumbnails, and technical metadata such as duration, file size, format, and waveform data.
  • Profile and preferences: app settings (theme, language, notification preferences) and the social-media usernames you choose to display on videos.
  • Subscription and payment data: your plan, subscription status, billing period, renewal/cancellation dates, trial status, and transaction records (transaction IDs, amounts, currency, and refund details). Card/payment details are handled by Apple and Google, not by us.
  • Support data: the contents of support tickets you submit, including subject, description, attachments, device information, and any satisfaction rating you provide.
  • Email engagement: delivery, open, click, bounce, and unsubscribe events for emails we send you, and newsletter subscription status if you subscribe.
  • Technical and security data: IP address, user-agent, and audit records of important account and security actions.

We do not transcribe your audio or analyze it with artificial intelligence. Video generation is a deterministic visual rendering of your own recording.

2. How we use data

We use personal data to: create and manage your account; provide the core features (recording, video generation, sharing, and — where you authorize it — publishing to social platforms); process subscriptions and verify purchases; provide customer support; send transactional emails (such as account, security, billing, and support messages) and, where permitted, marketing emails you can opt out of; maintain security, prevent abuse, and keep audit logs; and comply with legal obligations.

3. Legal bases (where GDPR/UK GDPR applies)

We rely on: performance of a contract (to provide the Service you request); legitimate interests (security, abuse prevention, improving the Service); consent (optional marketing emails and optional website analytics — you can withdraw it at any time); and legal obligations (such as record-keeping for payments).

4. Third parties and service providers

We share data only as needed to run the Service. Our key providers and partners:

  • Supabase — database, authentication, file storage, and backend functions.
  • Apple and Google — in-app purchase processing and receipt verification; Google also provides sign-in.
  • Resend — sending and tracking our emails.
  • Remotion (hosted on Railway) — rendering your video from your recording and chosen template.
  • Plausible (website only) — privacy-friendly, consent-gated analytics that runs only if you accept analytics in our cookie banner.
  • Social platforms you choose (e.g. TikTok, Instagram, YouTube, Facebook, X, LinkedIn) — only if you authorize publishing a video to them.

We may also use error-reporting and product-analytics providers (such as Sentry and Mixpanel) where enabled; if active, they process technical/usage data to help us fix problems and improve the Service. We do not sell your personal data.

5. Storage, security, and retention

Recordings and videos are stored in private storage accessible only to you (and to our backend for processing); avatars are stored in a public bucket so they can appear on your profile and videos. We apply access controls, encryption of sensitive tokens, and audit logging. We retain personal data for as long as your account is active and as needed to provide the Service, meet legal/financial obligations, and resolve disputes. When you delete your account, we delete your personal data and content, except limited records we must keep by law (such as payment/transaction records). If a personal-data breach occurs that is likely to affect your rights, we will notify affected users and the relevant authorities as and where required by applicable law.

6. International transfers

Our providers may process data in countries other than yours. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for international transfers.

7. Your rights and choices

Depending on where you live, you have some or all of the following rights over your personal data: access, correction, deletion, portability (receiving a copy in a usable format), objection to or restriction of processing, and withdrawal of consent. You can exercise them by:

  • Deleting your account and data directly in the app (Profile → account deletion), which erases your personal data and content as described above (subject to limited legally required records, such as payment records).
  • Managing marketing emails via in-app email preferences or the unsubscribe link in any marketing email; and managing website analytics via the cookie banner.
  • Submitting a privacy request to [privacy_contact_email — not set]. We will verify your identity and respond within the period required by applicable law. You may use an authorized agent where the law allows.

We do not engage in automated decision-making that produces legal or similarly significant effects about you.

7.1 EEA / UK (GDPR & UK GDPR)

You have the rights listed above and the right to lodge a complaint with your local supervisory authority. Our legal bases are described in Section 3, and our controller details are in Section 11. Where we rely on consent, you may withdraw it at any time without affecting prior processing.

7.2 United States (California / other states)

If you are a California resident (CCPA/CPRA) or a resident of another US state with a comparable law, you have rights to know/access, delete, correct, and opt out of the "sale" or "sharing" of personal information and of targeted advertising. We do not sell your personal information and do not use it for cross-context behavioral advertising. The categories we collect, our purposes, and the third parties we disclose to are described in Sections 1, 2, and 4. We will not discriminate against you for exercising these rights. To exercise them, contact [privacy_contact_email — not set].

8. Children

The Service is not directed to children under 13 (or under 16 where stricter local law applies). We do not knowingly collect personal data from children below the applicable age. Note: the app does not currently include an age gate; if a child has provided personal data, contact [privacy_contact_email — not set] and we will delete it. (Operator/legal: consider adding an age-verification step — see the compliance note in the draft index.)

9. Cookies and local storage

Our website uses limited local storage and optional, consent-gated analytics. Details are in the Cookie & Local-Storage Policy.

10. Changes to this Policy

We may update this Policy. The effective date and version above will change when we do. If a change is material, we will ask you to re-acknowledge it before you continue using the Service.

11. Data controller, contact, and complaints

The data controller responsible for your personal data is [legal_entity_name — not set], [registered_address — not set]. For privacy questions, requests, or to reach our data protection contact: [privacy_contact_email — not set]. General support: support@voclip.app. Full company details are in our Legal Notice. EEA/UK users may also complain to their local data protection authority. (Operator/legal: appoint a Data Protection Officer and/or EU/UK representative where GDPR requires one, and list them here.)