Privacy Policy

In Ear Voice
Last Updated: February 26, 2026

In Ear Voice ("the App", "we", "our") is a voice-based AI assistant for iOS. This Privacy Policy describes what data we collect, how we use it, who we share it with, and how you can manage your information.

1. Data We Collect

1.1 Voice, Conversation, and Context Data

When you use In Ear Voice, your voice is captured through the device microphone and streamed in real time to OpenAI to process your requests. Transcripts of your speech and the assistant's responses are generated during sessions.

The app also stores conversation history locally and may send relevant prior context (for example, recent turns or context snapshots) to OpenAI to improve continuity and responses.

1.2 Health Data (Optional)

If you connect Apple Health, In Ear Voice can read the following metrics on your behalf:

  • Steps, distance walked/run, active energy burned

  • Heart rate, resting heart rate, heart rate variability (HRV)

  • Sleep sessions (time in bed, asleep, deep, REM, core)

  • Workouts (type, duration, energy, distance)

Health data is accessed read-only. Before HealthKit is connected, the app presents this consent dialog: "If you connect Apple Health, In Ear Voice can read your activity, sleep, and heart data to answer health questions you ask. Relevant data may be sent to OpenAI to generate a response."

1.3 Location Data (Optional)

If you grant location permission ("When In Use"), In Ear Voice processes precise location to support place-aware features and reminders.

Location processing includes:

  • On-device location sampling and local visit history

  • Reverse geocoding via Apple location services

  • POI and address enrichment via Google Places APIs (when configured)

Location summaries (and, when available, address/location metadata) can be included in assistant context sent to OpenAI.

1.4 Photos, Camera, and Recording (Optional)

  • Photos (image sharing): If you share an image with In Ear Voice, the selected image is sent to OpenAI for analysis.

  • Camera + recording: If you record a conversation, the app captures front-camera video and records conversation audio tracks (your mic and assistant audio) into a local video file saved to your photo library.

1.5 Google Account Data (Optional)

If you connect your Google account, In Ear Voice accesses only the scopes you authorize:

  • Google Calendar — read, create, and update events

  • Gmail — read and modify emails

  • Google Docs — create documents, append text, and read/search documents

  • Google Contacts (People API) — read-only access

Google account tokens are stored in iOS Keychain. We do not store copies of your Google account content on our servers.

1.6 Device Identifier

On first launch, the app generates a random anonymous identifier (UUID) stored in iOS Keychain. This identifier is not linked to your name, email, Apple ID, or other personal account.

It is used for:

  • Access-code claim/check flows

  • Analytics correlation

  • OpenAI proxy authorization checks in backend functions

1.7 Analytics Data

We collect usage analytics events such as:

  • Session started, progress, ended (with end reason)

  • Daily usage rollups (session count and elapsed usage)

  • Assistant response generation counts

Analytics events are associated with your anonymous identifier, not your real-world identity.

1.8 Locally Stored Data

The app stores the following on your device:

  • Conversation history and assistant responses

  • Personal facts and preferences you share

  • Journal entries, reminders, and people/encounter logs

  • Location visit history and saved personal locations

  • Notification delivery history

  • Voice profile/embedding data for speaker recognition

2. How We Use Your Data

We use your data to:

  • Process voice/text/image requests and generate assistant responses

  • Provide personalized context based on your history and connected services

  • Create and manage reminders, notifications, and follow-up actions

  • Generate proactive suggestions and notifications from recent context

  • Answer health-related requests using connected Apple Health data

  • Improve reliability and performance through analytics

We do not use your data for advertising. We do not sell your data.

3. Third-Party Services

Your data is processed by the following third-party services:

3.1 OpenAI

Voice audio, conversation text, images you share, and relevant context/tool data may be sent to OpenAI APIs to generate responses and proactive content. OpenAI's policies apply to data they receive. See OpenAI Privacy Policy.

3.2 Supabase

Our backend uses Supabase Edge Functions for access control, realtime token creation, and as a pass-through proxy for some OpenAI API calls (for example Responses and Embeddings).

Supabase functions receive your anonymous identifier and request payloads needed to fulfill those calls. We do not run a first-party server database of full conversation transcripts, but data sent through these function requests is processed in transit by our backend infrastructure.

See Supabase Privacy Policy.

3.3 Amplitude (Analytics)

Usage analytics events are sent to Amplitude. Analytics events do not include full conversation transcripts or HealthKit samples. See Amplitude Privacy Policy.

3.4 Google APIs (Connected Account)

If you connect Google services (Calendar/Gmail/Docs/People), data flows between your device and Google APIs using your OAuth tokens.

3.5 Google Places APIs

If configured, Google Places APIs are used for location enrichment features (for example nearby POIs and address autocomplete).

3.6 Apple Location Services

Apple Core Location/CLGeocoder services are used for location and reverse geocoding features.

4. Data Storage & Security

  • On-device storage: User content and app state are stored locally (Core Data, SQLite, JSON/UserDefaults) in your app sandbox.

  • Keychain: Sensitive credentials (anonymous ID, OAuth tokens) are stored in iOS Keychain.

  • In transit encryption: Network traffic uses encrypted transport (HTTPS and encrypted WebRTC media/data channels).

  • Server-side conversations: We do not operate a first-party long-term conversation transcript database. Relevant request data may still transit through backend functions and third-party processors described above.

5. Your Choices & Controls

5.1 Permissions

Sensitive permissions (microphone, camera, location, photos, notifications, Apple Health) require iOS authorization. You can revoke permissions in iOS Settings > In Ear Voice.

5.2 Apple Health

You can disconnect Apple Health at any time. When disconnected, HealthKit tools stop returning data.

5.3 Google Account

You can disconnect Google services at any time. Tokens are cleared from Keychain and revocation is attempted with Google.

5.4 Microphone & Speaker

  • Mic off: microphone capture is disabled and mic audio is no longer streamed.

  • Speaker mute: assistant audio playback is muted and responses may be text-only.

5.5 Local Data Deletion

To remove local app data, uninstall the app. The anonymous identifier is in Keychain and may persist after uninstall unless Keychain items are cleared.

6. Children's Privacy

In Ear Voice is not directed at children under 13. We do not knowingly collect data from children under 13.

7. Data Retention

  • On-device data: retained until deleted by app removal or local cleanup actions.

  • OpenAI / Amplitude / Google / Apple services: retained under their respective policies.

  • Supabase records: access-control and operational records are retained according to backend configuration and provider policy.

8. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date reflects the latest revision.

9. Contact Us

If you have questions about this Privacy Policy or your data, contact:

Email: hello@inearvoice.com