Privacy Policy

March 15, 2026

Your privacy is important to us. This Privacy Policy explains how SubcueAI ("we," "us," or "our") collects, uses, shares, and protects your personal information when you use our application, website, and related services (collectively, the "Services"). By using our Services, you consent to the practices described in this policy.

1. Information We Collect

Information You Provide

  • Account Information: Name, email address, and password when you create an account.
  • Payment Information: Billing details processed securely through Stripe or Apple In-App Purchase. We do not store your full credit card number.
  • Resume Data: Resumes you upload for personalized answer generation, stored encrypted at rest.
  • Interview Data: Transcript entries and session metadata generated during your use of the Services.
  • Communications: Messages you send to our support team.

Information Collected Automatically

  • Usage Data: Feature usage patterns, session frequency, and interaction metrics.
  • Device Information: macOS version, device model, and app version.
  • Log Data: IP address, browser type, referring pages, and access timestamps when visiting our website.

Information from Third Parties

  • OAuth Providers: When you sign in via Google or Apple, we receive your name, email, and profile identifier from the authentication provider.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Services;
  • Generate real-time AI answer suggestions based on your resume and interview context;
  • Process payments and manage your subscription;
  • Provide customer support and respond to your inquiries;
  • Analyze usage patterns to improve product features and user experience;
  • Detect, prevent, and address fraud, abuse, or security issues;
  • Send transactional communications (e.g., account verification, billing notifications).

3. Audio Data Processing

SubcueAI captures system audio and microphone input locally on your Mac using ScreenCaptureKit and AVAudioEngine. This audio data is:

  • Processed in real-time for speech-to-text conversion using Apple Speech framework on-device;
  • Streamed transiently to our servers for AI answer generation — audio is not persistently stored after processing;
  • Never shared with third parties for advertising or marketing purposes.

Transcript text generated from audio may be stored to provide features such as interview history, performance analytics, and resume-driven context for future sessions. You can delete your transcript data at any time from within the app.

4. How We Share Your Information

We do not sell your personal information. We may share information with:

  • Service Providers: Third-party vendors who assist in operating our Services (e.g., Cloudflare for hosting, Stripe for payment processing, OpenAI for AI generation). These providers are contractually obligated to protect your data.
  • Legal Compliance: When required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
  • With Your Consent: When you explicitly authorize us to share information with a third party.

5. Data Security

We implement commercially reasonable security measures to protect your information, including encryption in transit (TLS) and at rest, secure authentication with JWT tokens, and access controls. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution). Anonymized, aggregated data may be retained indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you;
  • Request correction of inaccurate data;
  • Request deletion of your personal data;
  • Object to or restrict certain processing activities;
  • Request data portability;
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us at contact@subcue.app.

8. Cookies & Tracking

Our website uses essential cookies to maintain session state and preferences. We do not use third-party advertising cookies. You may configure your browser to reject cookies, though some website features may not function properly without them.

9. Regional Protections

California (CCPA): California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information.

European Union (GDPR): If you are located in the EU/EEA, we process your data under lawful bases including consent, contract performance, and legitimate interests. You have the right to lodge a complaint with your local data protection authority.

International Transfers: Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for cross-border data transfers.

10. Children's Privacy

The Services are not intended for children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date above. Your continued use of the Services after changes take effect constitutes your acceptance of the revised policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at contact@subcue.app.