Privacy disclosure
Plain-English first. The legal-ese fallback at the bottom covers GDPR + CCPA. Every claim here is verified against the current production codebase — if you find a contradiction between this page and what the product actually does, please email privacy@voice.keenefl.com and we'll fix the doc or the code.
The short version
- No cookies. Authentication uses tokens stored in your browser's localStorage, not cookies. We don't set any cookies — not for tracking, advertising, or session management.
- No location tracking. We never call the browser's geolocation API. We do log your public IP address server-side (see below), but we don't convert that to a precise location.
- No third-party scripts on the conversation surface. The page where you actually have your conversation loads zero scripts from third parties.
- Free-tier conversations are not stored. If you're on the free plan, your spoken words never leave the audio pipeline as text. We retain an anonymous row (lang pair + timestamp + plan) for 14 days to power admin analytics — no email, no transcript content.
- Paid-tier conversations are stored only with consent. Before any transcript is written, the joining guest sees a bilingual consent checkbox. Decline and live translation still works — nothing is persisted.
What we collect, by category
Account information (when you sign up)
- Email address — for sign-in and to send conversation summaries (paid tiers).
- Cognito user ID (sub) — opaque UUID issued by AWS Cognito. Doesn't reveal anything about you.
- Plan tier + subscription status — to gate features.
- Stripe customer ID (paid users only) — issued by Stripe when you check out.
Conversation data (during and after a session)
- Microphone audio — captured ephemerally in your browser, transcribed client-side via the Web Speech API (browser built-in), and the resulting text is sent to our bridge for translation. The audio itself never leaves your device.
- Transcripts (paid + consented sessions only) — both the original and translated text of each utterance, with timestamps. Stored in DynamoDB, encrypted at rest by AWS, auto-deleted by TTL based on plan tier.
- Translated audio (TTS output) — synthesized by ElevenLabs, streamed to the listener, then discarded. Not stored anywhere by us.
- AI-generated summary (paid + consented sessions) — produced once per session by Claude Haiku, emailed and stored alongside the transcript.
Technical data (every visit)
- IP address — captured server-side when you connect. Used for: (a) abuse detection — preventing a single source from generating runaway sessions; (b) future HIPAA audit logs on the healthcare tier. Retained 14 days on free tier (alongside the anonymous session row), longer on paid tiers per plan retention. Never displayed to other users; admin-only.
- Browser type + viewport (when analytics is configured) — if Google Analytics 4 is wired up by your admin, GA4 captures standard pageview events. We don't currently have GA4 active in production (see the homepage badge — "no third-party tracking"). When it is enabled, IP will be anonymized at the GA4 level and we will update this page.
Retention policy
| Plan | Transcript retention | Anonymous metadata retention |
|---|---|---|
| Free | Not stored | 14 days |
| Pro ($19/mo) | 90 days | 90 days |
| Team ($49/mo) | 1 year | 1 year |
| Business ($99/mo) | 3 years | 3 years |
| Enterprise | Up to 7 years (configurable for HIPAA) | Up to 7 years |
Retention is enforced by DynamoDB TTL — the row physically expires, not just gets marked deleted. There is no soft-delete or "we kept a backup."
Who we share data with
- AWS — runs our infrastructure (Cognito, Fargate bridge, DynamoDB, SES email, Bedrock for AI). Data resides in the
us-east-1region. - ElevenLabs — synthesizes the translated audio. Receives only the translated text we're about to play; doesn't persist it past the request.
- Stripe (paid users only) — processes payment. Receives your email and card data; we never see the card directly.
- That's it. No Google, Facebook, advertising network, or third-party analytics has access to your conversation data.
Your rights (GDPR + CCPA)
- Access — see exactly what we have on you. Email privacy@voice.keenefl.com.
- Deletion — fastest path is to delete your account from the account page. Cognito user, DynamoDB rows, and Stripe customer all get removed within 7 days. Anonymous metric rows TTL out separately.
- Portability — request a JSON export of your sessions via the same email.
- Correction — email us and we'll fix any inaccurate data.
- Restriction of processing — for paid users, you can downgrade to free which stops new transcripts from being written.
Children
VoiceBridge is a B2B tool for adults at work. We don't knowingly collect data from anyone under 16. If you believe a minor has signed up, email us and we'll delete the account.
Changes to this policy
When we materially change this disclosure, we update the "Last reviewed" date at the top. We won't make existing data subject to a weaker policy retroactively — if retention changes get tighter, they apply to new data only.
Contact
Privacy questions, data requests, or to report a concern: privacy@voice.keenefl.com
VoiceBridge is operated as a sole-proprietor product currently — there's no formal corporate entity yet. This page reflects what the product actually does. When we incorporate (anticipated 2026), we will publish a formal data processor agreement template at this URL.