Your audio disappears
the moment it's transcribed.
Privacy isn't a feature we bolted on. It's how Buzz is architected — from the WebSocket stream to the database row.
Three promises we keep
without exception
Audio is never stored
Your microphone audio streams to our servers in real time and is immediately forwarded to the transcription provider. It passes through memory only — never written to disk, never logged, never retained. When your session ends, the buffers are cleared.
Transcripts are encrypted
Every line of your transcript is encrypted with AES-256 before being stored in the database. The encryption key is held server-side and never exposed to the app. Even our own infrastructure can't read your transcripts in plain text without the key.
Your data is never sold
We do not sell your personal information, audio, or transcript content to any third party — ever. Buzz has no proprietary AI models and cannot train on your data. We are actively working to formalise data-processing agreements with our third-party providers (Deepgram, Sarvam, Gladia, Google, DeepL) that prohibit training on your data. Your conversations are yours.
What happens to your
audio, step by step
Every millisecond of audio follows the same path — and disappears at the end of it.
Full privacy policy →Store your audio
Audio is in-memory only and discarded immediately
Sell your data
We never sell or share personal data with advertisers
Train AI on your content
We have no proprietary models and cannot train on your data. We're working to formalise this with third-party providers.
Store payment details
All billing handled by Apple, Google, and RevenueCat
Encrypt in transit
HTTPS/TLS on every connection, always
Encrypt at rest
AES-256 on every transcript segment in our database
Auto-delete sessions
Sessions are deleted after 7, 30, or 90 days by plan
Honor deletion requests
Full account and data deletion within 7 days of request
Security at every layer
Applied field-by-field before writing to Firestore. The key is never exposed to the client.
All API calls and WebSocket connections are encrypted in transit. No plain HTTP.
AppAttest (iOS) and PlayIntegrity (Android) block unauthorized API access.
Audio is never written to disk. In-memory buffers are cleared at session end.
Sessions older than your plan's limit are automatically and permanently deleted.
Billing handled entirely by Apple App Store, Google Play, and RevenueCat.
Third-party providers we use
Audio and text are processed by leading AI providers. Here's who gets what, and why.
| Provider | What they receive | Purpose |
|---|---|---|
| Deepgram | Audio stream (live & file) | Speech-to-text (Western languages) |
| Sarvam AI | Audio stream; transcript text | STT & translation (Indic languages) |
| Gladia | Audio stream | Speech-to-text (multilingual, code-switching) |
| Google Cloud | Audio stream; transcript text | STT fallback & translation |
| DeepL | Transcript text | Translation (Western languages) |
| Firebase (Google) | Account info, encrypted session data | Authentication & database |
| RevenueCat | Account ID, subscription state | Subscription management |
We are actively working to formalise data-processing agreements with each provider that prohibit training on your data. Refer to each provider's privacy policy for their current stance.
Full privacy policy
Read the complete legal document covering all data practices.
Read privacy policy