Recordo Privacy Policy

Introduction
Information We Collect
How We Use Your Information
Data Storage and Security
Data Sharing and Third Parties
Your Privacy Rights
Data Retention
International Data Transfers
Children's Privacy
Changes to This Privacy Policy
Contact Information
Legal Basis for Processing (GDPR)

Introduction

Recordo is a personal notetaking and data extraction platform that helps you capture, organize, and analyze your daily activities through photos, audio recordings, and text notes. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile application and web services.

Information We Collect

Personal Information You Provide

Account Information:

Email address (required for account creation)
Authentication credentials (encrypted passwords or OAuth tokens)
Profile information you choose to add

Content You Create:

Text notes and entries
Audio recordings you capture
Photos you take or select from your device
Structured data extracted from your content
Date/time information for when events occurred

Device Information:

Device identifier for syncing your entries across devices
Timezone information to provide accurate temporal context
Language preferences for localization

Automatically Collected Information

Usage Analytics:

Screen views and navigation patterns
Feature usage statistics (button clicks, time spent)
App performance metrics and crash reports
Authentication events (login/logout activities)

Technical Information:

IP address and general location
Browser type and version
Operating system and device type
App version and device specifications

How We Use Your Information

Primary Purposes

            Core Functionality:
            Store and sync your entries across devices
Process your content through AI to extract structured data (expenses, nutrition info, activities)
Provide analytics and insights about your personal data
Enable AI-powered chat queries about your entries
Deliver localized content in your preferred language

        

Service Improvement:

Analyze usage patterns to improve app features
Monitor system performance and reliability
Provide customer support and troubleshooting
Develop new features and enhancements

AI Processing

Content Analysis:

Your photos, audio, and text are processed by AI services (Google Gemini) to extract structured data
Processing happens on secure servers and content is immediately deleted after analysis
AI models help categorize expenses, track nutrition, identify activities, and answer your queries
All AI processing is scoped to your personal data only

Data Storage and Security

Where Your Data is Stored

Local Device Storage:

Original photos and audio recordings remain on your device
Draft entries and temporary files are stored locally
App preferences and cached data

Cloud Storage (Supabase/PostgreSQL):

Entry metadata and structured data
User account information (encrypted)
AI-extracted insights and analytics
Usage tracking for service improvement

Security Measures

            Data Protection:
            All data transmission uses HTTPS encryption
Database connections are encrypted and secured
User authentication through industry-standard protocols (JWT tokens)
Row-level security ensures you can only access your own data

        

Media File Handling:

Photos and audio are temporarily uploaded for AI processing only
Files are immediately deleted from servers after processing
No permanent storage of your media files on our servers

Service Providers

AI Processing:

Google Gemini AI service processes your content for data extraction
Processing is temporary and content is not retained by AI providers
No personal data is used to train AI models

Analytics:

PostHog for product analytics and usage insights
Analytics data is anonymized and aggregated
No personal content or extracted data is shared

Data Not Shared

We do not sell, rent, or share your personal data with:

Advertisers or marketing companies
Data brokers or aggregation services
Social media platforms (beyond authentication)
Any third parties for commercial purposes

Your Privacy Rights

Access and Control

Data Access:

View all your stored entries and extracted data
Download your data in standard formats
Review your account information and preferences

Data Modification:

Edit or delete any entries or extracted data
Update your profile and preferences
Correct inaccuracies in your information

Data Deletion:

Delete individual entries or all your data
Close your account and remove all associated data
Request complete data deletion within 30 days

Data Retention

Retention Periods

Active Account Data:

Entries and extracted data: Retained while your account is active
Account information: Retained for the life of your account
Usage analytics: Retained for up to 2 years for service improvement

Automatic Cleanup:

AI processing files: Deleted immediately after processing
Draft entries: Cleaned up after 30 days of inactivity
Session data: Expired according to security policies
Daily AI usage tracking: Cleaned up after 7 days

International Data Transfers

Data Location: Your data may be processed and stored in data centers globally. All transfers comply with applicable data protection laws with appropriate safeguards in place.

Compliance: GDPR compliance for European users, CCPA compliance for California residents, SOC 2 Type II certified infrastructure providers.

Children's Privacy

Recordo is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will notify you of material changes by:

Sending an email notification to your registered email address
Displaying a prominent notice in the app
Updating the "Last Updated" date at the top of this policy

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@recordo.app
Website: [Website URL]
Address: [Company Address]
Data Protection Officer: [If applicable]
Response Time: We aim to respond to privacy inquiries within 30 days

For users in the European Economic Area, our legal basis for processing personal data includes:

Contract Performance: Processing necessary to provide Recordo services
Legitimate Interests: Analytics for service improvement and security
Consent: Optional features and marketing communications
Legal Obligations: Compliance with applicable laws and regulations

Your Rights Under GDPR

If you are located in the EEA, you have additional rights including:

Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to withdraw consent

Table of Contents