PodBot Privacy Statement
Effective date: 10 November 2025
This statement explains how PodBot (“we,” “us,” or “PodBot”) handles data inside the PodBot Android application, version 1.0.0 and later).
Quick Highlights
- PodBot stores your podcasts, downloads, transcripts, Ask conversations, and settings locally on your device. Removing a podcast or using Settings › Advanced › Clear all data deletes those files.
- No advertising SDKs or behavioral analytics are embedded. We only log AI usage counts (model, tokens, timestamps) needed to enforce subscription limits, and those logs are pruned after 90 days.
- Server-based AI features send the audio or transcript snippets required to third party API services for transcription, translation or embedding. We never send your OPML backups, subscriptions, or entire library to our own servers.
- Google Play Billing processes payments; PodBot retains only hashed purchase tokens, plan identifiers, and renewal windows in order to show your subscription status.
Scope
This statement covers the PodBot Android app, including foreground services, and any background work scheduled through Android’s WorkManager. It does not cover:
- Podcasts you choose to download or stream (each publisher has its own policy).
- External sites you visit when you tap a podcast’s web link.
- Third-party processors listed below (each maintains its own privacy terms).
Information We Collect & Store
| Category | Details & Retention |
|---|---|
| Podcasts you add | Feed URLs, titles, artwork references, and episode metadata are stored inside the on-device Room database. Removing a podcast deletes its records plus related episode state and media from /Android/data/com.corinth.app/files/Podcasts/audio/<podcastId>. |
| Downloads & transcripts | Audio files, transcript text/JSON, embeddings, synopsis files, and Ask conversation history are saved under the app’s private storage. They persist until you delete the episode/podcast, tap “Delete download”/“Delete transcripts” in the UI, export and remove the files yourself, or clear all data. These files are also included (base64‑encoded) when you create a full backup. |
| Questions & chat history | Ask Me Anything prompts, answers, and selected transcript references are saved per podcast in ask_conversation.json so you can resume a session. Clearing a conversation, removing the podcast, or clearing all data deletes those files. |
| Subscription & entitlement data | Plan IDs, billing windows, pricing descriptors, and SHA-256 hashes of your Google Play purchase tokens are stored locally. Hashes help connect multiple devices that use the same Google account without storing raw tokens. Records are removed when the subscription lapses or you clear app data. |
| Usage metrics | Every AI call writes a lightweight log: timestamp, pipeline (transcription, synopsis, Ask, etc.), operation type, model name, token counts, stage labels, and non-text metadata such as episode GUIDs or duration estimates. No transcript text, questions, or audio are stored in these logs. PodBot keeps up to 90 days of entries locally. |
| Device settings & identifiers | Preferences (e.g., mobile-data policy, highlighted color, transcription mode) and a randomly generated device ID live in the encrypted Room settings table. The device ID never leaves your phone except when tagging usage events for deduplication. |
Not collected: PodBot does not request contact lists, precise location, microphone recordings, calendar data, advertising IDs, or health information. Audio used for transcription comes exclusively from podcast files you downloaded or streamed.
How We Use Data
- Provide core functionality: download podcasts, play episodes, generate transcripts, summaries, recaps, embeddings, and chat answers you request.
- Apply your preferences, including podcast filters, translation options, and whether server AI features may use mobile data.
- Enforce transcript quotas and show you the Usage screen by counting AI calls per subscription tier.
- Maintain entitlement information received from Google Play Billing (plan status, renewal windows, purchase pending state).
- Secure usage-sync operations by associating uploads with hashed purchase tokens and a device ID, then deduplicating events across devices.
- Diagnose reliability issues (e.g., logging when a third-party model returns an error code) without capturing your transcript contents.
- Fulfill legal obligations such as honoring subscription transactions and responding to privacy inquiries.
Legal bases. Where privacy laws require a legal basis, we rely on (i) performance of a contract (delivering the functionality you requested), (ii) our legitimate interests (maintaining security, preventing abuse, and improving quality), and (iii) compliance with legal duties (tax/accounting for Google Play payouts).
On-Server AI Processing
Server mode
With Server mode, PodBot uploads the minimum necessary audio chunks to the provider you selected (OpenAI Whisper or Groq). Chunks are uploaded over HTTPS directly from the app; we do not proxy or persist them on our own infrastructure. The provider returns transcript JSON that we store locally. If you turn on “Translate to English,” transcript segments are additionally sent to Google Cloud Translate.
Ask Me Anything & embeddings
Ask questions are encoded by an API (your question text is sent to create an embedding vector). Transcript segments relevant to the question are also uploaded when building episode corpora. Once a prompt is prepared, PodBot sends the prompt, selected transcript snippets, and any episode metadata you can already see in the UI to an API endpoint to obtain an answer. Neither API service receives your Google account info or usage counters.
You can block server AI or downloads over cellular via Settings › Data usage. When blocked, affected operations will fail locally with a message instead of sending data.
Third Parties & Disclosures
| Service / Provider | Purpose | Data Shared |
|---|---|---|
| Podcast publishers & CDNs | Download podcast RSS feeds, artwork, and audio directly from each show’s host. | Your device IP, user-agent, timestamp, and the specific feed or media URL. We do not add identifiers beyond what is needed to fetch the file. |
| PodcastIndex.org | Search catalog when you add a show. | Your search terms plus standard network metadata. |
| OpenAI & Groq | Whisper/Groq server transcription, synopses, recaps, and Ask responses. | Only the podcast audio chunks or transcript snippets needed for the request, along with prompt context and model parameters. No account identifiers or usage history accompany these requests. |
| Voyage AI | Generate embeddings for entire transcripts and individual Ask questions. | Transcript segments or user questions (plain text), model identifiers, and token counts. |
| Google Cloud Translate | Optional translation of transcript segments to English. | The text of each segment being translated plus locale metadata. |
| Firebase Firestore + Google Play Integrity | Sync AI-usage counters for subscribers and ensure only trusted builds upload data. | Event metadata (pipeline, model, tokens, timestamps, episode GUIDs), hashed purchase tokens, and the random device ID. No transcripts or questions are uploaded. |
| Google Play Billing | Process purchases, handle refunds, and let you manage subscriptions. | Purchase tokens, product IDs, pricing, and billing status. PodBot does not see card numbers; tokens are hashed before we store or sync them. |
| Hugging Face | Download on-device model artifacts (Gemma/Whisper tokenizer files). | HTTP requests for static files (includes your IP/time). No podcast or transcript data is transmitted. |
We do not sell your personal information or share it with advertisers, data brokers, or social networks.
Storage, Retention, and Deletion
- Local database & files. Stored in
AppDatabase(Room) and app-private storage on your device. Android removes these files when you uninstall the app. - Usage logs. Automatically pruned after roughly 90 days both locally and in Firestore.
- Subscriptions. Stored while your plan is active plus a short buffer to honor grace periods; hashed tokens are discarded when we can no longer validate an entitlement.
- Backups. Exported OPML and full backups stay wherever you save them. PodBot never uploads backups on your behalf; please protect those files because they can contain transcripts and Ask conversations.
- Third-party retention. OpenAI, Groq, Voyage, Google, PodcastIndex, and podcast hosts manage their own retention schedules. Review their privacy notices if you need data deleted from their logs.
- User-initiated deletion. Use the episode actions (“Delete download,” “Delete transcripts”), the Remove Podcast flow, or Settings › Advanced › Clear all data to purge stored media, transcripts, embeddings, conversations, and settings. Subscribers can request early deletion of synced usage logs via the contact email below.
Your Choices & Controls
- Transcription mode. Pick on-device or server AI per your privacy/performance needs.
- Mobile data policy. Block AI or download traffic over cellular in Settings. Requests will fail instead of routing over mobile data.
- Ask conversation controls. Clear a conversation from the Ask screen or remove the associated podcast to delete its history.
- Export/import. Export OPML (subscriptions only) or a full backup (includes transcripts/embeddings) using Android’s Storage Access Framework. PodBot only reads/writes the file you select.
- Notifications. Android notifications are limited to playback, downloads, and background transcription. You can disable PodBot notifications through the OS if desired.
- Data subject rights. To access, correct, or delete synced usage records or to request a copy of any server-side data we control, email us at info@podbot.app. For data held by OpenAI, Groq, Voyage, Google, PodcastIndex, or podcast publishers, contact those providers directly.
Security
- API keys and other secrets are stored through Android’s
EncryptedSharedPreferencesbacked by the hardware-keystore (AES‑256 GCM / SIV). - All network traffic to third parties uses HTTPS/TLS. Firebase App Check with Google Play Integrity restricts Firestore access to untampered builds signed by us.
- PodBot keeps data inside app-private directories so other apps cannot read it without root access. Audio/transcript files inherit Android’s sandbox protections.
- We minimize the payload in every remote call (only the selected audio chunk or transcript snippet is transmitted) and delete temporary chunk files immediately after upload.
- Despite these safeguards, no system is perfectly secure. Please keep your device updated, use screen locks, and avoid sharing backups unless necessary.
Changes to This Statement
We will update this document if our data practices change (for example, if we add a new AI provider or introduce cloud backups). When that happens we will refresh the “Effective date” above and surface a notice inside the app or on the PodBot website. Continued use after an update signifies acceptance.
Contact
If you have questions, requests, or concerns about privacy, reach us at info@podbot.app. You can also use the developer contact channel listed on Google Play. We aim to respond within 30 days.