We collect the minimum data needed to run the product. That includes:

• Account data — your email, name, and authentication tokens. Provided when you sign up or sign in.
• Lecture audio — recordings you create inside the Enotee mobile or web app. Uploaded to our storage so we can transcribe and process them.
• Derived study content — transcripts, summaries, flashcards, and exam questions generated from your recordings.
• Profile preferences — school, academic level, and study settings, when you choose to provide them.
• Usage and diagnostics — anonymised product analytics and crash reports to help us find and fix bugs.
• Billing data — if you subscribe to Enotee Pro, our payment processor stores payment method details; we store the subscription status and invoice metadata.

• To provide the core product: recording, transcription, summarisation, and study material generation.
• To keep your account secure and prevent abuse.
• To contact you about account, billing, and service updates.
• To debug issues, monitor reliability, and improve the app.

Enotee is powered by a handful of trusted sub-processors. We share only the data each one needs, and only for the purpose listed.

• Cloudflare R2 — stores uploaded audio files.
• Deepgram — converts audio to text.
• Mistral AI and OpenAI — generate summaries, flashcards, and exam questions from transcripts.
• Resend — sends transactional email (verification, password resets, receipts).
• Stripe and Paystack — process subscription payments.
• Sentry — receives anonymised crash reports.
• PostHog — receives anonymised product usage events.
• Vercel — hosts the Enotee web and API services.

We do not sell your personal data, and we do not share it with advertisers.

• Recordings and study content persist until you delete them. Deletion from inside the app removes the item from our database immediately and from storage within 30 days.
• Account datais retained while your account is active. When you delete your account, associated data is purged within 30 days, except where we’re legally required to retain it longer (e.g. invoice records for tax compliance).
• Crash reports and analytics are retained for up to 90 days.

You can, at any time:

• Access, export, or delete your data from inside the app (Settings → Account) or by email.
• Withdraw consent for optional processing (such as analytics).
• Object to processing or request data portability.

If you’re in the EU, UK, or California, you have additional rights under GDPR, UK GDPR, and the CCPA. We respond to verified requests within 30 days. Reach us at hello@enotee.app.

Data is encrypted in transit (TLS) and at rest. Access to production systems is restricted and logged. No system is perfectly secure, so we work to minimise what we collect in the first place. If we ever experience a breach affecting your data, we’ll notify you as required by law.

Enotee is not directed at children under 13, and we don’t knowingly collect personal data from them. If you believe a child has provided us data, contact hello@enotee.app and we’ll delete it.

Enotee’s sub-processors operate in the United States and the European Union. When data moves between jurisdictions, we rely on standard contractual clauses and equivalent safeguards to protect it.

We’ll update this page when our practices change. Material changes will be announced in-app or by email at least 14 days before they take effect. The date at the top of this page reflects the most recent revision.

Questions about this policy or about your data? Email us at hello@enotee.app. We read everything.