Legal

Privacy Policy

Last updated May 4, 2026

Voxa (“we,” “us,” or “our”) builds a desktop voice-to-text app that turns speech into polished text wherever your cursor is. This Privacy Policy explains what we collect, how we use it, and the choices you have. Plain language, no surprises.

1. What we collect

  • Account info: email address and (if you set one) display name and avatar. Stored in Supabase.
  • Audio recordings: captured only while you are actively recording. Sent to our speech-to-text and cleanup providers for processing, then discarded. We do not retain raw audio on our servers.
  • Transcripts: the raw and polished text from your recordings, plus minimal metadata (word count, duration, mode, timestamp). Used to power your usage dashboard, streaks, and voice profile.
  • Billing data: if you subscribe to Pro, Stripe processes your payment and stores card details on its systems. We store only your Stripe customer ID and subscription status.
  • Device + diagnostic data: a per-install device UUID, app version, and basic error logs when something fails.

2. How we use it

  • To run the service: transcribe, clean up, and paste your text.
  • To show you your stats, streaks, and voice profile in-app.
  • To process subscription payments and send receipts.
  • To improve quality — for example, fixing bugs reported through error logs.

We do not sell your personal data. We do not use your transcripts to train third-party AI models.

3. Third-party processors

We rely on a small set of providers to operate Voxa. They each act as a processor under our instructions:

  • Groq — speech-to-text (Whisper). Receives your audio for transcription and discards it after processing.
  • OpenAI — text cleanup. Receives the raw transcript and returns a polished version. OpenAI does not train on API data by default.
  • Supabase — account, transcripts, and metadata storage.
  • Stripe — payments and subscription management.
  • Cloudflare — download distribution and DNS.
  • Railway — API hosting.
  • Vercel Analytics — cookieless page-view and Web Vitals measurement on our marketing site only.
  • PostHog — product analytics. Records anonymous events such as pageviews, sign-ups, downloads, and recording counts so we can understand product usage. We do not send transcript text or audio.
  • Sentry — error reporting. Captures crash and error context so we can fix bugs.

4. Microphone access

Voxa only listens while you are actively recording (you press the hotkey, or a wake word fires if enabled). The app does not transmit ambient audio, and recording state is shown in the menu bar at all times. You can revoke microphone access at any time in System Settings → Privacy & Security.

5. Data retention

  • Raw audio: discarded after transcription (seconds).
  • Transcripts and metadata: retained for the lifetime of your account so you can browse history and view usage stats.
  • Billing records: retained as required for tax and bookkeeping.

6. Your rights

You can request access to, correction of, or deletion of your data at any time by emailing support@withvoxa.com. Deleting your account removes your transcripts and account profile from our active database, and we forward the request to our analytics and error-tracking processors so they delete any associated records.

7. Children

Voxa is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has given us data, contact us and we will remove it.

8. Changes to this policy

If we make material changes, we will update the “Last updated” date and notify active users by email when the change affects how we handle your data.

9. Contact

Questions, concerns, or data requests: support@withvoxa.com.

We use cookies for product analytics so we can see which features people use and improve Voxa. You can decline and the site will work the same. Privacy policy.