top of page

Privacy Policy

The Full Story

Effective Date: January 13, 2025
Last Updated: January 13, 2025

Introduction

Welcome to EchoTask ("we," "our," or "us"). We are committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal information. This Privacy Policy explains our data practices for the EchoTask mobile application (the "App").

 

By using EchoTask, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the App.

Information We Collect

1. Information You Provide

Task Data

 

  • Task titles, descriptions, notes, and priorities

  • Due dates and reminder preferences

  • Task completion status

 

Voice Recordings

 

  • When you use voice input, we temporarily record your audio for transcription purposes only

  • Audio recordings are immediately sent to our transcription service and are not stored permanently on our servers

 

Account Information

 

  • If you create an account or subscribe to premium features, we collect information necessary for account management and billing through our payment processor

2. Automatically Collected Information

Device Information

 

  • A unique device identifier that is securely stored on your device:

    • iOS: UUID stored in iOS Keychain (persists across app reinstalls)

    • Android: Stable Android ID

  • This identifier is cryptographically hashed (HMAC-SHA256) before being sent to our servers to protect your privacy

 

Usage Information

 

  • Feature usage statistics (e.g., number of voice inputs used)

  • Error logs and crash reports (to improve app stability)

  • API request timestamps and response times

 

Technical Information

 

  • IP address (collected by our infrastructure provider)

  • Operating system version

  • App version

3. Information from Third Parties

Subscription Information

 

  • When you purchase a subscription through Apple App Store or Google Play, we receive subscription status information from RevenueCat, our subscription management provider

How We Use Your Information

We use the collected information for the following purposes:

Core Functionality

  • Task Management: Store and manage your tasks locally on your device

  • Voice Transcription: Convert voice recordings to text using Groq Whisper API

  • AI Processing: Parse natural language inputs and generate task details using OpenRouter's LLM services

  • Reminder Notifications: Schedule and deliver local notifications for your tasks

Service Operations

  • Quota Management: Track usage against subscription tier limits

  • Subscription Management: Manage premium features and billing

  • Technical Support: Diagnose and fix technical issues

  • Service Improvement: Analyze usage patterns to improve the App

Security and Compliance

  • Prevent fraud and abuse

  • Comply with legal obligations

  • Enforce our Terms of Service

Data Storage and Security

Local Storage

Your task data is stored locally on your device using AsyncStorage. We do NOT store your task content on our servers or in the cloud. Your tasks remain private and under your control.

 

All API communications use industry-standard TLS/HTTPS encryption. Payment information is processed securely through Apple and Google's payment systems (we do not store credit card information).

Data Retention

  • Task Data: Stored locally on your device until you delete the app or clear app data

  • Voice Recordings: Not stored; immediately transcribed and deleted

  • Usage Data: Retained for 90 days for quota tracking and service improvement

  • Device Identifiers: Retained while you use the app

Third-Party Services

We use the following third-party services to provide and improve our App:

1. OpenRouter (LLM Processing)

  • Purpose: Natural language processing to parse tasks and generate reminders

  • Data Shared: Text inputs you provide (task descriptions)

  • Privacy Policy: https://openrouter.ai/privacy

  • Data Processing: OpenRouter may share inputs with underlying LLM providers (e.g., OpenAI, Anthropic)

  • Location: United States

2. Groq (Speech-to-Text Transcription)

  • Purpose: Transcribe voice recordings to text

  • Data Shared: Audio recordings (temporary, not stored long-term)

  • Privacy Policy: https://groq.com/privacy-policy/

  • Data Processing: Audio is processed and transcribed; Groq does not use it for model training

  • Location: United States

3. RevenueCat (Subscription Management)

  • Purpose: Manage in-app subscriptions and premium features

  • Data Shared: Device identifier, subscription status, purchase information

  • Privacy Policy: https://www.revenuecat.com/privacy

  • Data Storage: Amazon Web Services (AWS), United States

  • Role: Acts as a data processor on our behalf

4. Cloudflare Workers (API Proxy and Infrastructure)

  • Purpose: Proxy API requests, enforce usage quotas, protect against abuse

  • Data Shared: Device identifier (hashed), usage metadata, IP addresses

  • Privacy Policy: https://www.cloudflare.com/privacypolicy/

  • Data Processing: Cloudflare acts as a data processor on our behalf

  • Location: Global infrastructure with data primarily in United States

Service Provider Compliance

All third-party services we use:

 

  • Act as data processors under our instructions

  • Are contractually obligated to protect your data

  • Are prohibited from using your data for their own purposes

  • Comply with applicable data protection laws (GDPR, CCPA, etc.)

Information Sharing and Disclosure

We do NOT sell, rent, or share your personal information for marketing purposes.

 

We may share information in the following circumstances:

 

With Service Providers: As described above, we share limited data with third-party services necessary to operate the App.

 

For Legal Reasons: We may disclose information if required by law, legal process, or government request, or to:

 

  • Comply with legal obligations

  • Protect our rights and property

  • Prevent fraud or security issues

  • Protect user safety

 

Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

 

With Your Consent: We may share information for other purposes with your explicit consent.

Your Privacy Rights

Depending on your location, you may have the following rights:

Data Access and Control

  • Access: Request a copy of your personal data

  • Correction: Correct inaccurate personal data

  • Deletion: Request deletion of your personal data

  • Data Portability: Receive your data in a portable format

  • Objection: Object to certain processing activities

How to Exercise Your Rights

To exercise these rights, please contact us at the email address provided below. We will respond to your request within 30 days.

 

Note: Your task data is stored locally on your device. You can delete it at any time by:

 

  • Deleting individual tasks within the app

  • Clearing app data in your device settings

  • Uninstalling the app

EU/EEA, UK, and Swiss Users

If you are located in the European Union, European Economic Area, United Kingdom, or Switzerland, you have additional rights under GDPR:

 

  • Right to lodge a complaint with your local data protection authority

  • Right to withdraw consent at any time (where processing is based on consent)

  • Right to restriction of processing in certain circumstances

 

We process your data based on:

 

  • Contractual Necessity: To provide the services you've requested

  • Legitimate Interests: To improve our services, prevent fraud, and ensure security

  • Consent: Where we have obtained your consent

  • Legal Obligation: To comply with applicable laws

International Data Transfers

Our third-party service providers are primarily based in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States. Our service providers use appropriate safeguards such as Standard Contractual Clauses and Data Privacy Framework certifications.

Children's Privacy

EchoTask is not intended for children under the age of 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately and we will delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

 

  • Posting the new Privacy Policy in the App

  • Updating the "Last Updated" date at the top of this policy

  • Sending you a notification (for significant changes)

 

Your continued use of the App after changes are posted constitutes your acceptance of the updated Privacy Policy.

Data Security Incident Response

In the unlikely event of a data breach that affects your personal information, we will:

 

  • Notify affected users within 72 hours of discovery

  • Notify relevant regulatory authorities as required by law

  • Take immediate steps to contain and remediate the breach

  • Provide information about the nature of the breach and steps you can take

Your Choices and Controls

Voice Input

  • You can choose whether to grant microphone permissions

  • Voice input is entirely optional; you can use text input instead

  • You can revoke microphone permissions in your device settings

Notifications

  • You can disable notifications in the App settings or your device settings

  • Disabling notifications will affect reminder functionality

Analytics and Usage Data

  • Usage tracking is minimal and essential for quota management

  • We collect only what is necessary to operate the service

Account Deletion

To delete your account and associated data:

 

  1. Contact us at the email address below

  2. We will delete your account and server-side data within 30 days

  3. Remember to uninstall the app to remove locally stored task data

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

 

Email: [Your contact email - to be added]
Developer: Jack Gruber
App: EchoTask
Bundle ID: com.jackgruber.aitodo

 

For GDPR-related inquiries (EU/EEA users), you may also contact us at the email above.

Transparency

We believe in transparency. Here's a summary of our data practices:

 

✅ We DO:

 

  • Store your tasks locally on your device

  • Use encryption for all API communications

  • Hash device identifiers before transmission

  • Minimize data collection to what's necessary

  • Delete voice recordings immediately after transcription

  • Comply with applicable privacy laws

 

❌ We DO NOT:

 

  • Sell your personal information

  • Store your tasks on our servers

  • Keep your voice recordings

  • Share your data for marketing purposes

  • Track you across other apps or websites

Additional Information

Cookies and Tracking

The App does not use cookies or tracking technologies. Any data collection is as described in this policy.

Do Not Track

The App does not respond to "Do Not Track" signals as it does not track users across websites or services.

Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

 

 

 

Last Updated: January 13, 2025

 

This privacy policy is effective as of the date listed above and applies to all users of EchoTask.

Let’s Work Together

Get in touch so we can start working together.

  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Thanks for submitting!

bottom of page