Privacy Policy
Last updated:
1. Scope and Controller
This Privacy Policy describes how Snowline LLC ("Snowline", "we", "us", or "our") handles information when you use Flow Keyboard and related services (collectively, the "Service").
Flow Keyboard is available on macOS and iOS. The Service is designed with a privacy-first architecture and zero server-side retention for user voice content and generated text.
2. Data We Do Not Store
We do not store the following user content on our servers:
- Voice recordings or audio clips after processing is complete
- Transcriptions and polished output text after processing is complete
3. Data Processed to Provide the Service
When you trigger voice input, we process limited data necessary to return results:
- Voice input processing -- Audio is transmitted to our servers and converted into text output, then discarded after processing
- No default surrounding-text context -- By default, we do not collect nearby text context (for example, text before or after the cursor) from app input fields
- Voice editing of selected text -- When you select text and use voice editing, the selected text is sent to our servers along with your voice input to process the edit. Both the selected text and audio are discarded after processing is complete
- Service delivery metadata -- Minimal technical metadata (for example, request timing and operational status) may be processed to deliver and secure the Service
- Third-party processors -- We may use contracted cloud/AI subprocessors configured for transient processing and no retention of user content after completion
- Connectivity requirement -- Voice features require an active internet connection
4. Microphone and Keyboard Permissions
The Service requests microphone access to process voice input. On iOS, keyboard Full Access permission is required by the iOS extension model for microphone/network operation.
- Microphone use is user-triggered for voice input sessions
- Audio is sent for processing and discarded after completion
- Secure text fields are protected by platform-level controls
- You can revoke permissions at any time in device settings
5. Why Full Access Is Needed on iOS
iOS requires Full Access for keyboard extensions that need network connectivity and microphone-based functionality. Flow Keyboard uses this permission to process voice input and return output.
Full Access enables:
- Microphone capture for voice input in the keyboard extension
- Network requests required to process audio and return text
Full Access does not grant us:
- Access to secure/password fields restricted by iOS
- Blanket access to your device files or unrelated app data
- Retention of your voice content after processing
Flow Keyboard does not use Full Access for tracking or profiling.
6. Legal Basis for Processing
Where required by applicable law (including GDPR/UK GDPR), we process information under one or more of the following bases:
- Performance of contract -- to provide the voice-to-text service you request
- Legitimate interests -- to maintain security, reliability, and abuse prevention
- Legal obligations -- where processing is required by law
- Consent -- where consent is required (for example, microphone permission)
7. Data Retention
We apply zero server-side retention for voice content and generated text. Content is processed transiently and discarded after processing is complete, subject only to short-lived in-memory processing required to return results.
The app may store certain history items locally on your device (for example, local recordings or transcription history used for product features). This local data is under your control on your device and is not retained by us on our servers.
8. International Data Transfers
Your data may be processed in countries other than your own. Where required, we implement appropriate safeguards for cross-border transfers, including contractual protections with processors.
9. Third-Party Services
| Service | Purpose | Data Processed | Retention |
|---|---|---|---|
| Cloud AI subprocessors | Voice-to-text processing and text refinement | Audio; user-selected text in edit mode | Zero — discarded after processing |
We do not use analytics SDKs, crash reporting services, advertising trackers, or device fingerprinting tools.
10. Security Measures
We use reasonable technical and organizational safeguards designed to protect data during transit and processing:
- In transit — All communication between your device and our servers uses encrypted connections (HTTPS/TLS)
- At rest (local) — Transcription history is stored on your device in a secure local database
- Server-side — Voice content and generated text are processed transiently in memory and not written to persistent storage
No method of transmission or processing is completely secure, but we continuously improve our controls.
11. Your Privacy Rights
Depending on your location, you may have rights including access, deletion, correction, portability, restriction, objection, and withdrawal of consent. Because we do not retain user content on our servers, many requests may be limited by the absence of server-side stored personal data, but you may still contact us for assistance.
California residents may have rights under CCPA/CPRA, including the right to know and delete personal information and the right to non-discrimination. We do not sell personal information and do not share personal information for cross-context behavioral advertising.
12. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child submitted personal information to us, contact us and we will address the report promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will post updates on this page and revise the "Last updated" date. Changes become effective when posted unless otherwise required by law.
14. Contact
If you have questions about this Privacy Policy or privacy rights requests, contact:
- Email: service@snowline.ai
- Operator: Snowline LLC