Privacy Policy
Last updated: April 11, 2026 · Subject to change
Overview
Quippe ("we", "us", "our") is a privacy-first voice journaling app. Your journal content is encrypted on your device before it ever reaches our servers. We cannot read your entries, and we never sell your personal data.
This policy explains what information we collect, why we collect it, who we share it with, and your rights regarding your data. By using Quippe you agree to this policy.
1. Information We Collect
Account information
When you sign in with Google, we receive your email address and a unique identifier from Google. We store these in Supabase, our authentication provider, to manage your account.
Voice recordings
When you record a voice memo, the audio stream is sent in real time to Speechmatics for transcription. We do not store your raw audio. Only the resulting text transcript is kept.
Journal content
Transcripts and AI-generated summaries are encrypted with AES-256-GCM before storage. The encryption key lives only in your browser and in your environment. Quippe servers store only ciphertext and cannot read your journal entries.
Onboarding profile
During onboarding you record a short introduction. The transcript is passed to our backend to generate a personalisation profile, which is then encrypted and stored. This profile helps tailor AI-generated reflections but is never used for advertising.
Usage analytics
We use PostHog to collect anonymised usage events (e.g. "recording started", "onboarding completed"). No journal content or personal identifying information is included in these events. You can opt out by enabling "Do Not Track" in your browser.
2. How We Use Your Information
- To provide and improve the journaling service
- To authenticate you and keep your account secure
- To generate personalised AI reflections on your journal entries
- To understand how the product is used in aggregate
We do not use your data for advertising, profiling, or sale to third parties.
3. Third-Party Services
Quippe relies on the following sub-processors. Each has its own privacy policy:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication and database | Email, encrypted journal ciphertext |
| Speechmatics | Real-time voice transcription | Audio stream |
| Anthropic | AI journal summaries | Decrypted transcript text (backend only) |
| OAuth sign-in | Email, account identifier | |
| PostHog | Product analytics | Anonymised usage events |
When your transcript is sent to Anthropic’s API for summary generation, it is decrypted briefly on our backend server in memory. It is not logged or persisted in plaintext beyond that request.
4. Data Retention
We keep your data for as long as your account is active. If you delete your account, associated records, including encrypted journal content, are permanently deleted from our database within 30 days. Backups are purged on a rolling 30-day cycle.
5. Security
All journal content is encrypted with AES-256-GCM before leaving your browser. Connections to our services use TLS. Our backend accesses your data only to generate summaries, and only for the duration of that request.
6. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, or to delete your account, contact us at the address below. We will respond within 30 days.
7. Children
Quippe is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has created an account, contact us and we will delete it promptly.
8. Changes to This Policy
We may update this policy from time to time. If we make material changes, we will notify you by email or through the app. Continued use after changes take effect constitutes acceptance of the revised policy.
9. Contact
If you have questions about this policy, contact privacy@quippe.ai.