Privacy Policy

March 15, 2026

Your privacy is important to us. This Privacy Policy explains how Subcue AI LLC ("SubcueAI," "we," "us," or "our"), a limited liability company organized under the laws of the United States, collects, uses, shares, and protects your personal information when you use our application, website, and related services (collectively, the "Services"). By using our Services, you consent to the practices described in this policy.

1. Information We Collect

Information You Provide

  • Account Information: Name, email address, and password when you create an account.
  • Payment Information: Billing details processed securely through Stripe or Apple In-App Purchase. We do not store your full credit card number.
  • Resume Data: Resumes you upload for personalized answer generation, stored encrypted at rest.
  • Interview Data: Transcript entries and session metadata generated during your use of the Services.
  • Communications: Messages you send to our support team.

Information Collected Automatically

  • Usage Data: Feature usage patterns, session frequency, and interaction metrics.
  • Device Information: macOS version, device model, and app version.
  • Log Data: IP address, browser type, referring pages, and access timestamps when visiting our website.

Information from Third Parties

  • OAuth Providers: When you sign in via Google or Apple, we receive your name, email, and profile identifier from the authentication provider.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Services;
  • Generate real-time AI answer suggestions based on your resume and interview context;
  • Process payments and manage your subscription;
  • Provide customer support and respond to your inquiries;
  • Analyze usage patterns to improve product features and user experience;
  • Detect, prevent, and address fraud, abuse, or security issues;
  • Send transactional communications (e.g., account verification, billing notifications).

3. Audio Data Processing

SubcueAI captures system audio and microphone input locally on your Mac using ScreenCaptureKit and AVAudioEngine. This audio data is:

  • Processed in real-time for speech-to-text conversion using Apple Speech framework on-device;
  • Streamed transiently to our servers for AI answer generation — audio is not persistently stored after processing;
  • Never shared with third parties for advertising or marketing purposes.

Transcript text generated from audio may be stored to provide features such as interview history, performance analytics, and resume-driven context for future sessions. You can delete your transcript data at any time from within the app.

4. How We Share Your Information

We do not sell your personal information. We may share information with:

  • Service Providers: Third-party vendors who assist in operating our Services (e.g., Cloudflare for hosting, Stripe for payment processing, OpenAI for AI generation). These providers are contractually obligated to protect your data.
  • Legal Compliance: When required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
  • With Your Consent: When you explicitly authorize us to share information with a third party.

5. Data Security

We implement commercially reasonable security measures to protect your information, including encryption in transit (TLS) and at rest, secure authentication with JWT tokens, and access controls. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution). Anonymized, aggregated data may be retained indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you;
  • Request correction of inaccurate data;
  • Request deletion of your personal data;
  • Object to or restrict certain processing activities;
  • Request data portability;
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us at contact@subcue.app.

8. Cookies & Tracking

Our website uses essential cookies to maintain session state and preferences. We do not use third-party advertising cookies. You may configure your browser to reject cookies, though some website features may not function properly without them.

9. Regional Protections

California (CCPA): California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information.

European Union (GDPR): If you are located in the EU/EEA, we process your data under lawful bases including consent, contract performance, and legitimate interests. You have the right to lodge a complaint with your local data protection authority.

International Transfers: Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for cross-border data transfers.

10. Children's Privacy

The Services are not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date above. Your continued use of the Services after changes take effect constitutes your acceptance of the revised policy.

12. Your Recording Responsibility

The Services capture audio from your microphone and system output to generate transcripts. You are solely responsible for:

  • Obtaining consent from all participants where required by law (e.g., "two-party consent" jurisdictions including California, Illinois, Florida, Pennsylvania, Washington, Massachusetts, and the European Union under GDPR);
  • Honoring NDAs and workplace policies that may restrict your use of recording or AI-assistance tools during interviews;
  • Avoiding sensitive personal data (e.g., health, ethnicity, political opinions, religion, biometric data) where prohibited.

We do not monitor or verify your compliance with these obligations. You agree to indemnify and hold us harmless from any claims arising from your use of the Services in violation of recording, privacy, or confidentiality laws.

13. AI Training

We do not use your transcript content, audio, or session analyses to train foundational AI models — neither our own nor those of upstream providers.

Upstream LLM providers operate under zero-retention API terms: the data we send for AI answer generation and analysis is not stored beyond the duration of the request and is not used by them for model training.

14. Per-Record Deletion & Mock vs Real Interviews

You may delete individual interview records (transcripts and analyses) at any time from the Records tab in the desktop app or the dashboard. Deletion is logical: the record is hidden from your dashboard immediately. Internal admin tools may retain the record for up to 30 days for audit and recovery purposes, after which it is purged along with associated transcripts and embeddings.

Mock interview transcripts contain only your own voice and AI-generated interviewer questions; no third-party audio is involved. Real interview transcripts may capture the voice content of other participants, and the consent obligations in Section 12 apply.

15. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at contact@subcue.app.