Privacy Policy
Last updated: January 3, 2026
1. Introduction
Welcome to Copy That ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Copy That (the "App").
By downloading, installing, or using Copy That, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.
2. Information We Collect
2.1 Information You Provide Directly
- Account Information: When you sign in using Apple ID, we receive your Apple user identifier, name (if you choose to share it), and email address (if you choose to share it or use Apple's private email relay).
- Voice Transcriptions: Text transcriptions of your voice notes are stored locally on your device and, if you enable cloud sync, encrypted and stored on our secure servers.
- User Preferences: Your app settings, language preferences, and customization choices.
2.2 Information Collected Automatically
- Device Information: Device type, operating system version, unique device identifiers, and app version.
- Usage Data: Information about how you use the App, including features accessed, time spent in the App, and crash reports.
- Push Notification Tokens: Device tokens for delivering push notifications, if you opt in.
2.3 Information We Do NOT Collect
- Audio Recordings: We NEVER collect, store, transmit, or process your raw audio recordings. All speech-to-text conversion happens entirely on your device using Apple's on-device speech recognition.
- Location Data: We do not collect precise or approximate location information.
- Contacts: We do not access or collect information from your contacts.
- Calendar Data: While the App can create calendar events and reminders with your permission, we do not read or store your existing calendar data.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Provide App Functionality: To enable voice transcription, entity extraction, and suggested actions.
- Cloud Synchronization: To sync your encrypted transcriptions across your devices, if enabled.
- AI Analysis: To provide intelligent suggestions, auto-create reminders and calendar events, and improve entity recognition accuracy.
- Push Notifications: To send you notifications about completed analyses and action suggestions.
- App Improvement: To analyze usage patterns, fix bugs, and improve app performance.
- Customer Support: To respond to your inquiries and provide assistance.
4. Data Storage and Security
4.1 Local Storage
Your transcriptions and extracted entities are stored locally on your device using Apple's SwiftData framework. Sensitive data is encrypted using AES-256 encryption with keys stored in the iOS Keychain.
4.2 Cloud Storage
If you enable cloud synchronization, your data is encrypted on your device before transmission using AES-256-GCM encryption. Encrypted data is stored on secure servers located in the United States and European Union, protected by industry-standard security measures including:
- TLS 1.3 encryption for all data in transit
- Encryption at rest for all stored data
- Regular security audits and penetration testing
- Access controls and authentication requirements for our personnel
4.3 Data Retention
We retain your data for as long as your account is active or as needed to provide you with our services. You can delete your data at any time through the App's settings. Upon account deletion, we will delete your personal information within 30 days, except where retention is required by law.
5. Sharing of Information
We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:
- Service Providers: We may share information with third-party service providers who assist us in operating the App (e.g., cloud hosting, analytics). These providers are bound by confidentiality agreements.
- Legal Requirements: We may disclose information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
6. Your Rights and Choices
You have the following rights regarding your personal information:
- Access: You can access your transcriptions and data within the App at any time.
- Correction: You can edit your transcriptions and entity information within the App.
- Deletion: You can delete individual transcriptions or all your data through the App's settings.
- Export: You can export your data in a machine-readable format.
- Opt-Out: You can disable cloud synchronization, push notifications, and analytics at any time.
To exercise these rights or if you have questions, contact us at privacy@usecopythat.com.
7. Third-Party Services
The App may use the following third-party services:
- Apple Sign In: For authentication. Subject to Apple's Privacy Policy.
- AWS (Amazon Web Services): For cloud infrastructure and AI services. Subject to AWS's Privacy Policy.
8. Children's Privacy
Copy That is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@usecopythat.com.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant authorities.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy in the App and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
Email: privacy@usecopythat.com
Support: support@usecopythat.com
12. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of personal information. We do not sell personal information.
13. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including access, rectification, erasure, restriction, portability, and objection rights. Our legal basis for processing is your consent and legitimate interests in providing our services.