1. Information We Collect
1.1 Information You Provide
- Account Information: Email address for account creation and communication
- Subscription Data: Billing information processed by Apple (we never see your credit card)
- Support Communications: Messages you send to support@goatnote.ai
1.2 Automatically Collected Information
- Usage Analytics: Feature usage, session counts, app version (anonymized)
- Device Information: iOS version, device type, language settings
- Crash Reports: Technical diagnostics to fix bugs (no personal data included)
2. Information We DON'T Collect
This is just as important:
- Audio Recordings: Never. All audio processing happens on-device using Apple's Speech Framework
- Transcript Content: Only stored locally on your iPhone (unless you enable optional cloud sync)
- Personally Identifiable Information in Transcripts: We don't scan or analyze transcript content for identification
3. How We Use Your Information
3.1 To Provide Our Service
- Account management and authentication
- AI processing of text excerpts you explicitly request (summaries, action items, chat)
- Encrypted cloud sync (if you enable this feature)
- Customer support and troubleshooting
3.2 To Improve GoatNote
- Usage analytics to identify bugs and improve features
- Aggregate usage statistics (e.g., "70% of users use AI summaries") - no individual data
- Performance monitoring to ensure app reliability
3.3 To Communicate With You
- Account notifications (subscription expiring, password reset)
- Product updates and new features (you can opt out)
- Support responses when you contact us
4. Privacy-First Architecture
4.1 On-Device Transcription
All speech-to-text transcription happens on your iPhone using Apple's Speech Recognition API. No audio ever leaves your device. We have no servers that could receive, store, or process your audio.
4.2 AI Processing
When you request AI features (summaries, action items, chat), we send only the text transcript to our servers for processing using GPT-4o Mini. This is:
- Encrypted in transit (TLS 1.3)
- Not stored permanently (processed and discarded)
- Never used to train AI models
- Your explicit choice (AI features are opt-in)
4.3 Cloud Sync (Optional)
If you enable cloud sync (Plus/Pro tiers):
- Transcripts are encrypted using end-to-end encryption (AES-256)
- We cannot read your synced transcripts
- Stored in secure Firebase Firestore with access controls
- You can delete synced data anytime via the app
5. Data Sharing & Third Parties
5.1 We Never Sell Your Data
Period. We don't sell, rent, or share your personal information with advertisers, data brokers, or marketers.
5.2 Service Providers We Use
| Service | Purpose | Data Shared |
|---|---|---|
| Apple App Store | Payment processing | Subscription status (handled by Apple) |
| Firebase (Google) | Authentication, cloud sync | Email, encrypted transcripts (if sync enabled) |
| OpenAI | AI processing | Text excerpts (not audio, not full transcripts) |
| Plausible Analytics | Website analytics | Anonymized page views (no cookies) |
5.3 Legal Requirements
We may disclose information if required by law (e.g., court order, subpoena), but we will:
- Notify you first (unless legally prohibited)
- Only disclose the minimum required information
- Challenge overly broad requests
6. Your Rights (GDPR, CCPA)
6.1 Access Your Data
Request a copy of all data we have about you: privacy@goatnote.ai
6.2 Delete Your Data
Delete your account and all associated data directly in the app: Settings → Account → Delete Account
Deletion is immediate and permanent. We cannot recover deleted data.
6.3 Export Your Data
Export all transcripts via the app: Settings → Export Data
6.4 Opt Out of Marketing
Unsubscribe from product update emails via the link in any email, or email support@goatnote.ai
7. Data Security
We implement industry-standard security measures:
- Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
- Access Controls: Limited employee access to production systems
- Regular Audits: Security reviews and penetration testing
- Incident Response: Plan to notify you within 72 hours of any breach
8. Children's Privacy
GoatNote is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact privacy@goatnote.ai and we will delete it.
9. International Data Transfers
If you use GoatNote outside the United States, your data may be transferred to and processed in the U.S. We comply with GDPR Standard Contractual Clauses for EU users.
10. Changes to This Policy
We may update this Privacy Policy occasionally. We'll notify you via:
- In-app notification
- Email to your registered address
- Updated "Last Updated" date at the top of this page
Continued use after changes means you accept the updated policy.
11. Contact Us
Questions about this Privacy Policy?
- Email: privacy@goatnote.ai
- Support: support@goatnote.ai