Privacy Policy
Last updated: May 8, 2026
This Privacy Policy describes how Voxbrief ("we," "us," "our") collects, uses, shares, and protects information when you use the Voxbrief iOS application (the "App") and the website at https://www.getvoxbrief.com (the "Website," and together with the App, the "Service").
By using the Service, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Account Information
To purchase a subscription, redeem a promotional code, or restore purchases, you must sign in using one of the following methods:
- Apple Sign In: We receive your name (if you choose to share it) and a unique, app-scoped identifier from Apple. Your Apple ID email is shared only if you choose not to use Apple's "Hide My Email" feature.
- Google Sign In: We receive your name, email address, and a unique identifier from Google.
- Email Sign In: We collect the email address you provide to create and authenticate your account.
You may browse free content in the Service without creating an account. If you do not sign in, no account information is collected.
We store your account information to authenticate you, associate your subscription, and provide personalized features (wish list, listening history).
1.2 Subscription and Payment Information
When you purchase a subscription through Apple In-App Purchase:
- We receive a transaction receipt from Apple that confirms your purchase, including the product purchased, transaction ID, and purchase date.
- We do not receive or store your credit card number, billing address, or other payment details. All payment processing is handled by Apple.
- We store your subscription status (plan type, start date, expiration date) to provide you with access to paid content.
1.3 Content and Usage Information
When you use the App, we collect:
- Listening activity: which summaries you listen to, playback progress, and bookmarks.
- Search queries: terms you search for within the App.
- Wish list: books you add to your wish list.
- App interactions: screens viewed, features used, and actions taken (e.g., tapping play, opening a summary).
1.4 Device and Technical Information
When your device connects to our servers, we automatically receive:
- Device identifier: an anonymous device identifier (IDFV) used to identify your device. If you sign in, this is linked to your account. This is not your advertising identifier and cannot be used to track you across other apps.
- Device information: device model, operating system version, app version, language and region settings.
- Network information: IP address and connection type.
- Server logs: timestamps, requested content identifiers, and standard server log data used for reliability and security.
1.5 Diagnostics and Crash Reports
We collect crash reports and performance diagnostics through:
- Firebase Crashlytics: Automatically collects crash logs, stack traces, and device state at the time of a crash to help us identify and fix bugs. This data is anonymized and does not include personal identity information.
- Apple Diagnostics: If you have enabled sharing device analytics with developers in iOS settings, we may also receive basic performance diagnostics through Apple's mechanisms.
1.6 Information We Do NOT Collect
- Precise GPS location
- Contacts, photos, or health data
- Credit card or banking details (handled entirely by Apple)
- Biometric data
1.7 Website Cookies and Tracking Technologies
When you visit the Website, we and our service providers use cookies and similar technologies (including pixel tags, web beacons, and local storage) to understand how visitors use the Website, measure the effectiveness of our advertising campaigns, and provide a better experience.
Categories of cookies and tracking on the Website:
| Category | Purpose | Examples |
|---|---|---|
| Strictly necessary | Required for core Website functionality (page rendering, security) | First-party session storage |
| Analytics | Aggregate usage statistics, page views, scroll depth, session length | Google Analytics 4 (GA4), Google Tag Manager (GTM) |
| Advertising / Marketing | Measure advertising performance, retarget visitors with relevant ads on Google's network, attribute App installs to web campaigns | Google Tag Manager, Google Ads conversion & remarketing tags |
The Website does not use cookies for advertising profiling beyond the Google ecosystem described above, and we do not allow third-party advertisers to drop their own cookies.
How to opt out — see Section 5.2 below for U.S. residents and Section 5.3 for EEA/UK/Swiss residents. You can also block or delete cookies through your browser settings at any time; doing so may affect Website functionality.
2. How We Use Information
We use the information we collect to:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Provide and maintain the Service (streaming audio, search, playback, subscription access) | Performance of contract |
| Process subscription purchases | Performance of contract |
| Improve the Service, fix bugs, and analyze usage trends | Legitimate interest |
| Measure advertising effectiveness and attribute app installs to advertising campaigns (we do not display ads in the App or build personal advertising profiles) | Legitimate interest |
| Prevent fraud, abuse, and unauthorized access | Legitimate interest |
| Respond to your support requests | Performance of contract |
| Comply with legal obligations | Legal obligation |
We do not use your information to display advertising. The App does not contain ads.
3. How We Share Information
We do not sell your personal information. We never have and never will.
We may share limited information only in these circumstances:
3.1 Service Providers
We use trusted third-party service providers to operate the Service:
| Provider Category | Purpose | Data Shared |
|---|---|---|
| Cloud hosting and infrastructure | Store and deliver content | Server logs, encrypted device and subscription data |
| Analytics (App and Website) | Understand usage patterns and improve the Service | Anonymized or pseudonymized usage data, device information; Website analytics events via Google Analytics 4 / Google Tag Manager |
| Advertising and conversion measurement (Website) | Measure the performance of our Google Ads campaigns and, where you consent, retarget visitors with relevant ads across Google's advertising network | Cookie identifiers, IP address, page URL, on-site interaction events (e.g., App Store click) shared with Google via Google Tag Manager and Google Ads conversion / remarketing tags |
| Apple StoreKit (In-App Purchase) | Subscription purchases | Transaction receipt (no payment card data) |
These providers process information only to provide services to us, under contractual obligations consistent with this Privacy Policy and applicable data protection laws.
3.2 Legal and Safety
We may disclose information if reasonably necessary to:
- Comply with applicable law, regulation, legal process, or governmental request.
- Enforce our Terms of Service.
- Protect the rights, safety, and security of our users and the Service.
3.3 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via a prominent notice in the App of any change in ownership or uses of your personal information.
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information (email, name, sign-in provider association) | Retained while your account is active. Permanently deleted within 30 days of account deletion. |
| Device identifier (IDFV) and subscription records | Retained while a subscription is associated with the account, plus 7 years for financial and tax compliance (anonymized after account deletion). |
| Listening history, wish list, search history | Stored on our servers associated with your account. Permanently deleted within 30 days of account deletion. |
| Server logs (IP address, request logs) | Retained for up to 90 days, then deleted or anonymized. |
| Support communications | Retained as long as needed to resolve your inquiry and for reasonable record-keeping. |
| On-device data (playback state, preferences) | Stored locally on your device. Removed when you uninstall the App. |
5. Your Rights and Choices
5.1 All Users
You can:
- Delete your account: Open the App → tap your profile icon → scroll down and tap Delete account. Your account will be deactivated immediately, and all personal data will be permanently deleted from our servers within 30 days. See our Account Deletion Policy for full details.
- Request deletion by email: If you cannot access the App, email support@getvoxbrief.com from the address associated with your account with the subject line "Account Deletion Request." We will process your request within 45 days.
- Uninstall the App: Remove all locally stored data by uninstalling the App.
- Control diagnostics: Limit diagnostic sharing in iOS Settings → Privacy & Security → Analytics & Improvements.
5.2 U.S. State Residents (CCPA / CPRA and Other State Privacy Laws)
If you reside in a U.S. state with applicable privacy laws (including California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Vermont, or Virginia), you have additional rights:
- Right to Know / Access: You can request the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You can request deletion of your personal information by contacting us.
- Right to Correct: You can request correction of inaccurate personal information.
- Right to Data Portability: You can request a copy of your personal information in a portable, machine-readable format.
- Right to Opt Out of Sale or Sharing for Targeted Advertising: see "Do Not Sell or Share My Personal Information" below.
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
- Authorized Agent: You may designate an authorized agent to submit requests on your behalf. We may require proof of authorization and verify your identity directly.
To exercise these rights, email support@getvoxbrief.com with sufficient detail to identify the request. We will verify your identity (and, where applicable, the authorized agent's authority) before processing the request. We aim to respond within 45 days.
Do Not Sell or Share My Personal Information
We do not sell your personal information for monetary consideration, and we never have.
However, when you visit the Website, certain information about your visit (such as cookie identifiers, IP address, page URL, and interaction events like clicks on "Listen Now" or other App Store links) is shared with Google through Google Tag Manager, Google Analytics 4, and Google Ads tags for the purpose of measuring our advertising campaigns and delivering relevant ads to you on Google's advertising network. Under California law (CCPA/CPRA) and similar state laws, this activity is considered "sharing for cross-context behavioral advertising" or "targeted advertising."
You have the right to opt out. We honor opt-out requests through the following mechanisms:
- Visit our Do Not Sell or Share My Personal Information page and click the opt-out button. We will set a preference on your device that prevents the Website from loading Google Tag Manager and related advertising tags on subsequent visits.
- Global Privacy Control (GPC): If your browser sends the GPC signal (e.g., Brave, Firefox with Privacy Badger, DuckDuckGo browser), we automatically treat your visit as an opt-out — no action required.
- Browser-level controls: You can install the Google Analytics Opt-out Browser Add-on and adjust your Google Ads personalization settings.
- Email request: Send a deletion or opt-out request to support@getvoxbrief.com.
The iOS App does not contain advertising tags and is not used for cross-context behavioral advertising; its data sharing is limited to attribution and measurement as described in Section 6.
Categories of personal information collected in the preceding 12 months:
| Category (CCPA) | Examples | Collected | Sold | Shared for Cross-Context Behavioral Advertising (Website) | Shared for Ad Measurement / Attribution* |
|---|---|---|---|---|---|
| Identifiers | Device identifier (IDFV on App), IP address, cookie identifiers (Website) | Yes | No | Yes (Website only, opt-out available) | Yes |
| Commercial information | Subscription purchase history | Yes | No | No | Yes |
| Internet or network activity | App: listening history, search queries; Website: page views, scroll depth, click events | Yes | No | Yes (Website only, opt-out available) | Yes (Website conversion events) |
| Geolocation data | IP-based approximate location (country/region level only) | Yes | No | No | No |
| Inferences | None | No | No | No | No |
*Ad Measurement / Attribution: We share anonymized App install and subscription events with Google via Firebase Analytics, and Website conversion events (such as App Store click) with Google via Google Tag Manager / Google Ads, solely to measure advertising campaign performance. For App data, this is not used to target ads to you personally or to build an advertising profile. For Website data, this may be used by Google to deliver targeted advertising; you can opt out as described above.
5.3 European Economic Area, UK, and Swiss Residents (GDPR)
If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):
- Right of Access: Obtain a copy of your personal data.
- Right to Rectification: Correct inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data by contacting us.
- Right to Restriction of Processing: Request that we limit how we use your data.
- Right to Data Portability: Receive your personal data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interest.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise your rights, contact us at support@getvoxbrief.com. We aim to respond within 30 days.
Data Controller: Voxbrief, contactable at support@getvoxbrief.com.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country of residence.
6. Third-Party SDKs and Services
The Service integrates the following third-party services:
App SDKs:
| SDK / Service | Purpose | Data Accessed | Privacy Policy |
|---|---|---|---|
| Apple Sign In | User authentication | Name (if shared by user), email (if not hidden), app-scoped unique identifier | Apple Privacy Policy |
| Google Sign In | User authentication | Name, email address, unique identifier | Google Privacy Policy |
| Apple StoreKit (In-App Purchase) | Subscription purchases | Transaction receipt (no payment card data) | Apple Privacy Policy |
| Google Firebase Analytics | Usage analytics, event tracking, app performance monitoring, and advertising measurement | Anonymized/pseudonymized usage events, device information (model, OS version, app version), IDFV, IP address (used for approximate geolocation and then discarded) | Firebase Privacy · Google Privacy Policy |
| Google Firebase Crashlytics | Crash reporting and stability monitoring | Crash logs, stack traces, device state at time of crash, device model, OS version | Firebase Privacy |
Website services (loaded on https://www.getvoxbrief.com):
| Service | Purpose | Data Accessed | Privacy Policy |
|---|---|---|---|
| Google Tag Manager (GTM) | Tag orchestration container that loads the analytics and advertising services below | Page URL, referrer, browser/device information; passes through events pushed from the page | Google Tag Manager Privacy |
| Google Analytics 4 (GA4) | Aggregated Website usage analytics (page views, sessions, scroll depth, custom events) | Cookie identifier, IP address (truncated for geolocation), page URL, on-site events | Google Analytics Terms |
| Google Ads (conversion & remarketing tags) | Measure conversions from Google Ads campaigns and, where you consent, retarget visitors with relevant ads on Google's advertising network | Cookie identifier, click identifiers (gclid), conversion event data | Google Privacy Policy |
You can opt out of the Website services described above at any time — see Section 5.2 "Do Not Sell or Share My Personal Information."
Firebase operates as a data processor on our behalf. Firebase data is processed in accordance with Google's Firebase Data Processing and Security Terms. Firebase has completed ISO 27001 and SOC 1/2/3 evaluations.
Advertising measurement: We use Firebase Analytics to measure the effectiveness of our advertising campaigns (e.g., Google Ads). This means certain anonymized events (such as app installs and subscription purchases) may be shared with Google to help us understand which ads led users to install our App. This data is used for advertising attribution and campaign optimization only — it is not used to build a personal advertising profile about you, and we do not serve ads within the App. The App does not display ads.
For more information about how Google uses data from apps that use Firebase, please see How Google uses information from sites or apps that use our services.
7. Security
We use reasonable administrative, technical, and physical safeguards to protect your information, including:
- Encryption of data in transit (TLS/HTTPS) and at rest.
- Access controls limiting employee access to personal data on a need-to-know basis.
No method of transmission or storage is 100% secure. If you become aware of a security vulnerability, please contact us immediately at support@getvoxbrief.com.
8. Children's Privacy
The Service is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13.
If you believe that a child under 13 has provided us with personal information, please contact us at support@getvoxbrief.com. We will promptly delete such information.
9. International Data Transfers
If you use the Service from outside the United States, your information may be transferred to, stored in, and processed in the United States or other locations where our servers or service providers operate.
We rely on the following mechanisms for international data transfers:
- Standard Contractual Clauses (SCCs) approved by the European Commission, where applicable.
- Your consent to this Privacy Policy constitutes acknowledgment of such transfers.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes:
- We will update the "Last Updated" date at the top of this page.
- We will notify you via a prominent notice in the App.
- Continued use of the Service after changes take effect constitutes acceptance of the revised Privacy Policy.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:
- Email: support@getvoxbrief.com
- Website: https://www.getvoxbrief.com/privacy
© 2026 Voxbrief. All rights reserved.