ScribeFlow Legal
Privacy Policy
This Privacy Policy explains how ScribeFlow, operated by SedoApps, collects, uses, stores, and protects personal data when you use the ScribeFlow mobile application and related backend services.
1. Who operates ScribeFlow
ScribeFlow is operated by SedoApps. If you have questions about this policy or your data, contact [email protected].
2. Account and sign-in data
ScribeFlow currently supports account access through Firebase Authentication. Depending on platform availability and how you choose to use the app, this may include:
- Email and password sign-in
- Google sign-in
- Apple sign-in where available
- Anonymous usage without creating a full named account
We may process your email address, display name, authentication provider identifier, Firebase user ID, and account status needed to keep the app working.
3. Media and generated content
When you use ScribeFlow, we may process:
- Audio and video files you upload, record, or import
- Transcript text generated from that media
- Summaries, translations, AI chat exchanges, notes, speaker labels, and other outputs generated from your transcript content
- Speaker corrections, transcript edits, and similar feedback you submit in the app
ScribeFlow does not currently provide a true offline transcription mode in this release. Processing is performed through backend services.
4. How processing works
ScribeFlow uses backend processing to provide transcription and AI-assisted features.
- Firebase services provided by Google are used for authentication and app protection features
- Support or feedback requests sent from the app may include device and app information needed to investigate issues
- OpenAI and other trusted processors may process audio, transcript text, and prompt content only as needed to provide transcription, summary, translation, AI chat, speaker-label, and correction-related features
- Our backend infrastructure is hosted on servers operated by Hetzner Online GmbH in the European Union
We do not state that uploaded files are deleted immediately after processing, because source media may remain available for playback, source review, export support, or job access for a limited period while the related transcript remains available in your account.
5. Transcript and media retention
- Account data is stored while your account remains active
- Transcripts and related generated outputs may remain available until you delete them or delete your account, subject to service maintenance and retention cleanup
- Source media may be stored temporarily so the app can support playback, source review, and related job access, but it may be removed automatically after a retention period
- Some generated files, exports, or derived artifacts may also be removed automatically over time even if transcript text or basic job history remains available
- Operational logs, request logs, and abuse-prevention records may be retained for security, debugging, and service integrity
- Some limited records may be retained where required by law or reasonably necessary for fraud prevention, dispute handling, or security investigations
6. Support and technical information
When you contact support or submit in-app feedback, we may receive information such as:
- Your account email or sign-in method
- Your message contents
- Device model, operating system version, app version, and other issue-diagnostic details you choose to provide or the app includes for support troubleshooting
7. Analytics and tracking
This Google Play release does not rely on Firebase Analytics for the core shipped app experience. We still use Firebase Authentication and related Google services required for sign-in and app protection.
8. How we use data
We use personal data to:
- Create and manage accounts
- Authenticate users and protect the service from misuse
- Process media into transcripts and related AI-assisted outputs
- Support playback, transcript review, and export features while retained files remain available
- Provide support and investigate bugs, abuse, and security events
- Enforce app usage limits, plan-specific feature availability, safety caps, and maintain service reliability
9. Sharing
We do not sell personal data. We may share limited data with service providers and legal authorities when needed to operate the service or comply with law.
- Google Firebase services for authentication, app protection, and related account infrastructure
- OpenAI and other trusted processors only as needed to provide requested app features
- Infrastructure and hosting providers operating the SedoApps backend environment
- Authorities or counterparties where required by law, court order, or legitimate security or fraud-prevention needs
10. Security
We use reasonable administrative, technical, and organizational safeguards to protect data in transit and at rest. No system can guarantee absolute security.
11. Deletion and user rights
Depending on applicable law, including KVKK and GDPR where relevant, you may request access, correction, deletion, objection, or data portability. You may also use the in-app delete-account flow or the public delete-account page to request deletion of your ScribeFlow account and associated backend content. Deletion is intended to remove transcripts, jobs, media references, and related account data, but limited records may still be retained where reasonably necessary for security, fraud prevention, abuse prevention, dispute handling, or legal compliance.
12. Children's privacy
ScribeFlow is not intended for children under 13, and we do not knowingly collect personal data from children under 13.
13. Changes to this policy
We may update this policy from time to time. Material changes may be reflected in the app, on this page, or through other reasonable notice.