Privacy Policy

Last updated: 4 March 2026

David Arthur Software ("DAS", "we", "our", "us") operates the DuoVox application (the "App"). This Privacy Policy explains how we collect, use and protect your information when you use our App. DAS is the data controller for all personal data processed in connection with the App.

1. Information We Collect

Audio Data (Paid Tiers): When using AI-powered transcription (Essential, Premium, Business tiers), audio is captured from your device's microphone or internal audio and streamed in real time to a third-party AI service provider for transcription. Audio is processed as it arrives and is not stored by us or by the AI service provider beyond the time needed to generate a response. No audio recordings are retained.

Audio Data (Free Tier): When using offline transcription, all audio processing occurs entirely on your device using locally installed speech recognition models. No audio data leaves your device.

Transcription and Translation Text: Transcribed and translated text is displayed in the App during your session. This data is held in device memory only and is cleared when you clear the session or close the App. For paid tiers, text may be sent to an AI service provider for translation; it is processed in real time and not retained by the provider.

Preferences and Settings: Your app settings (selected language, theme, audio source, subscription tier) are stored locally on your device. They are not transmitted to any server.

Diagnostic Logs: If you enable diagnostics, log files are stored locally on your device. You may choose to share these with us for support purposes, but they are never collected automatically.

2. Service Infrastructure Data

To manage subscriptions, prevent abuse, and deliver the service, our cloud infrastructure stores the following data associated with an anonymous device identifier:

• Subscription information: Your subscription tier, purchase verification tokens (hashed), and billing cycle dates
• Usage tracking: Minutes of AI usage consumed in the current billing cycle
• Device verification: App integrity verification results to prevent unauthorised access
• Ad grant status: For Free tier users, a record of temporary translation grants earned through rewarded advertisements

This data is stored on our cloud infrastructure provider's globally distributed network. It does not include any audio, transcription text, translation text, or conversation content. Device identifiers are randomly generated and cannot be linked to your personal identity.

3. Third-Party Services

The App integrates with the following categories of third-party services:

• AI Service Providers: For paid tiers, audio data is streamed to a third-party AI service for transcription, and text may be sent for translation. These providers process data in real time under their own privacy policies and data processing terms. Data submitted via API is not used to train AI models under current provider policies.
• Cloud Infrastructure Provider: Our service infrastructure (subscription management, usage tracking, ad grant verification) runs on a third-party cloud platform. This provider processes data on our behalf under a data processing agreement.
• Google AdMob (Android, Free tier): We display banner and rewarded video advertisements provided by Google AdMob. Google may collect device identifiers and usage data for ad personalisation. You can manage ad personalisation in your device's Google settings. Google's privacy policy is available at policies.google.com/privacy.
• Third-party ad networks (Windows, Free tier): Ads are displayed via embedded web content (Microsoft WebView2). These may set cookies and collect standard browsing data for ad serving.
• Google Play Billing: Subscription purchases are processed through Google Play. Payment information is handled entirely by Google and is never accessed by DAS.
• On-Device Processing: The offline transcription and translation features run entirely on your device using locally installed models. No audio or text data leaves your device when using these features.

4. Data We Do NOT Collect

• We do not store or retain your audio recordings, transcription text, or translation text on our servers
• We do not collect personal information such as your name, email or phone number (unless you contact us for support)
• We do not track your location
• We do not sell any data to third parties
• We do not use analytics or tracking SDKs beyond what Google AdMob requires for Free tier advertising

5. Data Storage and Security

Session content (audio, transcriptions, translations) is held only in device memory and is never stored on our servers. App settings and preferences are stored locally on your device. On Windows, sensitive data such as API keys is encrypted using the operating system's built-in credential store. On Android, sensitive data is stored in the Android Keystore.

Service infrastructure data (subscription status, usage tracking, device verification) is stored on our cloud infrastructure provider's network and is protected by encryption in transit and at rest. This data is retained only for the duration of your subscription and a reasonable period thereafter for billing reconciliation, after which it is automatically deleted.

6. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA) or the United Kingdom, we process your data on the following legal bases:

• Contract performance: Processing subscription data, usage tracking, and delivering the service you have subscribed to (Article 6(1)(b) GDPR)
• Legitimate interests: Preventing fraud and abuse, ensuring service integrity, and maintaining security (Article 6(1)(f) GDPR)
• Consent: Displaying personalised advertisements on the Free tier via Google AdMob (Article 6(1)(a) GDPR). You may withdraw consent at any time through your device's ad personalisation settings.

Service infrastructure data may be processed in countries outside the EEA/UK, including the United States. Where such transfers occur, they are protected by appropriate safeguards including the service provider's data processing agreements and standard contractual clauses.

7. Your Rights

You have control over your data. Depending on your jurisdiction, you may have the following rights:

• Clear all session data at any time using the Clear button in the App
• Delete diagnostic logs from your device storage
• Uninstall the App to remove all locally stored data
• Request access to, correction of, or deletion of your service infrastructure data by contacting us
• Object to or request restriction of processing of your data
• Request portability of your data in a structured, machine-readable format
• Withdraw consent for ad personalisation at any time through your device settings
• Lodge a complaint with a supervisory authority (in the UK, the Information Commissioner's Office at ico.org.uk)

8. California Residents (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of any sale of personal information. We do not sell personal information. To exercise your rights, contact us using the details below.

9. Children's Privacy

The App is not directed at children under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child, please contact us at support@duovox.net.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the "Last updated" date at the top of this page. For material changes, we will provide notice through the App. Continued use of the App after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have a complaint, please contact us at:

David Arthur Software
Email: support@duovox.net