SSaylio

Privacy Policy

Last updated: February 7, 2026

At Saylio, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our AI-powered personal assistant service.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Email address, full name, password (encrypted)
  • Profile Settings: Preferred language, timezone, currency, locale preferences
  • Voice Recordings: Audio files you record through the Service
  • Text Input: Manual notes, task descriptions, goal updates, and other text you enter
  • Payment Information: Processed securely by Paddle and Razorpay; we only store subscription status and metadata

1.2 Automatically Collected Information

  • Usage Data: Features used, recordings created, tasks completed, time spent in app
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, pages viewed, errors encountered
  • Analytics: User interactions, feature engagement, conversion events

1.3 AI-Generated Data

  • Transcriptions: Voice-to-text conversions of your recordings
  • Extracted Content: Expenses, tasks, meetings, goals automatically identified from your notes
  • Insights: AI-generated summaries, behavioral patterns, and recommendations

2. How We Use Your Information

2.1 Core Service Delivery

  • Transcribe voice recordings using Deepgram
  • Extract structured data (expenses, tasks, meetings, goals) using Claude and Gemini AI
  • Generate daily and weekly summaries and insights
  • Provide behavioral analytics and personalized recommendations
  • Sync data in real-time across your devices

2.2 Service Improvement

  • Improve AI accuracy and extraction quality
  • Develop new features and enhance existing ones
  • Analyze usage patterns to optimize user experience
  • Train and refine our machine learning models

2.3 Communication

  • Send service announcements and updates
  • Respond to your support requests
  • Send optional product updates and tips (you can opt out)
  • Notify you of account activity and security issues

2.4 Compliance and Safety

  • Enforce our Terms of Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations
  • Protect the rights and safety of our users

3. How We Share Your Information

3.1 Third-Party Service Providers

We share data with trusted service providers who help us operate Saylio:

  • Anthropic: AI processing for content extraction and insights (Claude API)
  • Google: AI-powered data extraction (Gemini API)
  • Deepgram: Voice transcription services
  • Supabase: Database hosting, authentication, and storage infrastructure
  • Paddle and Razorpay: Payment processing for subscriptions
  • Vercel: Application hosting and deployment

These providers are bound by confidentiality agreements and may only use your data to perform services on our behalf.

3.2 Optional Integrations

If you enable integrations, we share relevant data with:

  • Notion: Tasks, expenses, and notes you choose to sync
  • Obsidian: Exported markdown files you generate

You control these integrations and can disconnect them at any time through Settings.

3.3 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. Your data is yours, and we respect your privacy.

3.4 Legal Requirements

We may disclose your information if required by law, court order, subpoena, or government request, or to protect our rights and safety or that of our users.

4. Data Storage and Security

4.1 Where We Store Data

  • Structured Data: Encrypted PostgreSQL database hosted on Supabase (AWS infrastructure)
  • Voice Recordings: Cloud storage buckets with server-side encryption
  • User Files: Secure cloud storage with access controls

4.2 Security Measures

  • End-to-end encryption for data in transit (TLS 1.3)
  • Encryption at rest for all stored data (AES-256)
  • Role-based access controls and row-level security policies
  • Regular security audits and vulnerability assessments
  • Secure password hashing with bcrypt
  • Two-factor authentication available for accounts
  • Automated backups with encrypted storage

4.3 Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you via email within 72 hours and take immediate steps to mitigate the issue.

5. Data Retention

5.1 Active Accounts

We retain your data as long as your account is active to provide the Service and maintain historical records for insights and analytics.

5.2 Deleted Accounts

When you delete your account, we permanently remove your personal data within 30 days, including:

  • All voice recordings and transcriptions
  • Expenses, tasks, meetings, and goals
  • Daily and weekly summaries
  • Account profile and settings

5.3 Legal Retention

We may retain certain data for legal compliance, tax purposes, or dispute resolution even after account deletion, including transaction records and subscription history.

6. Your Privacy Rights

6.1 Access and Portability

You can access your data at any time through the dashboard. Pro and Power users can export all their data in JSON, CSV, or Excel format.

6.2 Correction and Updates

You can edit your profile information, recordings, tasks, expenses, and other data directly through the app.

6.3 Deletion

You can delete individual items (recordings, tasks, expenses) or your entire account through Settings. Account deletion is permanent and cannot be reversed.

6.4 Opt-Out Rights

  • Marketing Emails: Unsubscribe via link in emails or in Settings
  • Push Notifications: Disable in Settings or browser preferences
  • Analytics: Request opt-out by contacting support

6.5 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authority

6.6 CCPA Rights (California Users)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how it's used
  • Request deletion of your personal information
  • Opt-out of the sale of personal information (we don't sell data)
  • Non-discrimination for exercising your privacy rights

7. Children's Privacy

Saylio is not intended for use by children under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it immediately.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place to protect your data in compliance with applicable laws.

9. Cookies and Tracking

9.1 Essential Cookies

  • Authentication: Keep you logged in securely
  • Session Management: Maintain your preferences during a session
  • Security: Protect against fraud and unauthorized access

9.2 Analytics Cookies

  • Vercel Analytics: Anonymous usage statistics
  • Performance Monitoring: Track page load times and errors

9.3 Your Cookie Choices

You can disable non-essential cookies through your browser settings, though this may limit some functionality of the Service.

10. AI and Machine Learning

10.1 How AI Processes Your Data

We use AI models from Anthropic (Claude) and Google (Gemini) to process your voice recordings and extract structured information. Your data is sent to these services through secure API connections.

10.2 AI Model Training

By default, your data is NOT used to train third-party AI models. Anthropic and Google do not use API data for model training unless you explicitly opt in.

10.3 Improving Our Models

We may use aggregated, anonymized data to improve our own extraction algorithms and recommendation systems. Individual user data is never identifiable in this process.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via email or through the Service at least 30 days before they take effect.

Your continued use of Saylio after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding your privacy or this Privacy Policy, please contact us:

  • Email: privacy@saylio.com
  • Support: founder@saylio.com
  • Data Protection Officer: dpo@saylio.com

13. Compliance Certifications

We are committed to maintaining compliance with applicable privacy regulations including GDPR, CCPA, and other data protection laws. We regularly review and update our practices to ensure continued compliance.

This Privacy Policy is effective as of February 7, 2026, and applies to all users of the Saylio platform.