Privacy Policy

Updated on November 15th, 2024

At Wave, your privacy is not just a box we check—it's something we are deeply committed to. We know how important your personal data is. When you use our mobile and web apps, we handle your data with the utmost care, ensuring that you are always in control.

Our Promise to You: Your Data, Your Control

We believe your data belongs to you. When you delete your recordings, transcriptions, or summaries, they are permanently removed from our servers. Our goal is to give you the most convenient service while keeping your privacy intact.

Information We Collect

Account Creation:

When you sign up for Wave using Google, Apple, or Facebook, we collect your name and email address. This information is used to create and maintain your account, allow access to your data across multiple devices, and communicate important updates to you.

Purchase Information:

If you make purchases through the iOS or Android App Stores, we collect transactional data. This is used to manage billing and account services.

Audio and Text Data:

  • Audio Recordings: When you record audio within the app, these recordings are uploaded to our server for transcription processing. The audio files are stored until you delete them from the app. This storage allows us to stream the audio to you from any device on which you use Wave.
  • Transcriptions and Summaries: The text generated from transcriptions and summaries is stored on our servers to provide you with easy access across your devices.

Usage Data:

We gather data on how you interact with our app, including features used and time spent. This helps us improve the app for you. We also conduct meta-analysis on your summaries to better understand Wave's most common use cases, ensuring that individual user identities remain anonymous.

How We Use Google User Data

If you sign up for Wave using your Google account:

  • We collect your Google name and email address. This data is used exclusively to:
    • Create and manage your Wave account
    • Provide secure login and synchronization of your data across multiple devices
    • Send you important notifications about your account or relevant Wave updates
  • We do not use any additional Google user data beyond your name and email address. Your Google user data is not used for advertising or marketing purposes, nor is it shared with any third parties outside of the services described below.

Our Technology Partners: Ensuring Secure, Seamless Experiences

Wave utilizes cutting-edge tools to deliver transcription and summarization services. Here's who we partner with and how we share data with them:

  • Google Cloud: All data is stored securely using Google Cloud infrastructure, protected by Google's native encryption. This includes audio files, transcriptions, and text storage.
  • OpenAI: We use OpenAI's language models to generate summaries from your transcripts. The audio transcriptions are sent to OpenAI's model to create summaries. We do not share personal identifying information. Read more about OpenAI's privacy practices here.
  • AssemblyAI: Your audio is transcribed using AssemblyAI's services. We send your audio data for transcription, which is processed temporarily and not stored beyond this purpose. Learn more here.
  • Twilio: Phone call recording is facilitated using Twilio's services. For more details, visit their privacy policy here.
  • Posthog: We use Posthog, a privacy-focused analytics platform, to analyze user interactions and improve our service. This data is anonymized.

Data Sharing and Transfer

Third-Party Service Providers:

  • We share audio data with AssemblyAI for transcription and text data with OpenAI for summarization.
  • We share anonymized usage data with Posthog to analyze how our app is being used.

No Selling or Renting of Data:

We do not sell, rent, or disclose your personal data to unauthorized third parties.

Data Retention and Deletion

We retain your data as long as you maintain an active account. When you delete content or your account, all associated data is permanently removed from our servers. Server logs are kept for 14 days to diagnose issues, then automatically deleted. Once deleted, data cannot be recovered.

Data Security

  • All data is encrypted both at rest and in transit
  • Strict access controls limit data access to authorized personnel
  • Regular security audits and monitoring protect against unauthorized access

SOC-2 Compliance

Wave is working towards SOC-2 compliance with Vanta, expected to complete by Q4 2024. This will verify our systems meet the highest standards for security, availability, processing integrity, confidentiality, and privacy.

Google API Services User Data Policy

Our use and transfer of information received from Google APIs comply with Google's API Services User Data Policy, including the Limited Use requirements.

Updates to This Policy

We'll notify you of any changes by updating this page with a new effective date.

Contact Us

For privacy inquiries, please contact us at privacy@wave.co.