Privacy Policy
Hiroi (間) — a real-time meeting translation and language-learning app for iOS.
This policy explains what data Hiroi handles, where it goes, and the choices you have. If anything is unclear, email papawing@gmail.com.
The short version
- You sign in with Sign in with Apple. We store the opaque ID Apple gives us, and your name only if you choose to share it. No passwords, no email required.
- Your meeting audio is streamed directly to our speech provider (Soniox, in the US) for live transcription and translation. We do not record or store your audio.
- Your transcripts, summaries, and saved phrases stay on your device — they are not uploaded to our servers (unless you choose to share a meeting via a web link; see section 2.7).
- For AI summaries and learning explanations, transcript text is sent to Google's Gemini API.
- We do not sell your data, show ads, or track you across other apps.
- You can delete your account and all server-side data from inside the app.
1. Who we are
Hiroi is developed by Hon Wing Yuen, an individual developer ("we," "us," "Hiroi"). Contact: papawing@gmail.com. For data-protection law, the developer is the data controller for the limited personal data described below.
2. Information we collect
2.1 Account identity (Sign in with Apple)
Hiroi uses Sign in with Apple as the only way to sign in. When you sign in, we receive and store:
- A stable, opaque user identifier Apple provides (Apple's
sub) — not your email or Apple ID, an anonymous token unique to you and this app, used to keep your usage tally consistent across reinstalls and devices. - Your name, only if you choose to share it on first sign-in. Apple provides it once, at first authorization; we store it so the app can greet you. You may use a relay (hidden) email and are never required to provide a real email.
We do not set or store passwords, and generally do not receive your real email address.
2.2 Meeting audio (processed transiently, not stored by us)
When you run a live meeting, your microphone audio is streamed directly from your device to Soniox, a third-party speech-to-text provider, which performs real-time transcription and translation, processed in the United States.
Hiroi does not record, save, or store your meeting audio on its own servers. The audio passes through transiently solely to produce the live transcript and translation you see. Soniox's handling of that audio is governed by Soniox's own terms and privacy policy.
2.3 Transcripts, summaries, and saved phrases (stored on your device)
The transcripts, meeting history, summaries, and saved phrases Hiroi produces are stored locally on your device. They are not uploaded to Hiroi's servers. Unless you choose to create a web share link (see section 2.7), we have no copy of your meeting content. Deleting the app or your account removes that local data.
2.4 AI features (transcript text sent to Google Gemini)
When you ask Hiroi to generate a post-meeting summary or a language-learning explanation, the relevant transcript text is sent to Google's Gemini API to produce that result. These requests are proxied through Hiroi's backend so you don't supply your own AI key; Google processes the text under its own terms. We send only the text needed for the feature you requested — not your audio.
2.5 Usage metering
To manage plans and quotas, Hiroi's backend records how many minutes you use each month, keyed to your opaque Apple user identifier. We store the usage tally and, if you shared it, your display name. Other than the optional, in-memory web-share relay described in section 2.7, we do not store transcripts, audio, or meeting content on our backend.
2.6 What we do NOT do
- No advertising and no ad identifiers.
- No selling or sharing of your personal information for cross-context behavioral advertising.
- No third-party analytics or tracking SDKs, and no tracking across other companies' apps or websites (so no App Tracking Transparency prompt is shown).
2.7 Web link sharing (optional)
If you choose to share a meeting via a web link (so people without the app can read it in a browser), Hiroi relays the live transcript text (the same source and translation lines you see) through our backend in real time so viewers can follow along. This text is held only in memory for the duration of the share, is never written to storage, and is deleted when the link ends (when you stop sharing, or automatically after the meeting). Access is gated by an unguessable link. Your audio is never sent — only text crosses the relay. If you do not create a web link, nothing changes: your transcript stays on your device.
3. How we use your information
| Data | Purpose | Legal basis (GDPR/UK GDPR) |
|---|---|---|
| Apple user ID | Authenticate you; tie usage to one account | Performance of a contract |
| Name (if shared) | Personalize the app; show names in our usage view | Consent / legitimate interests |
| Audio (transient) | Real-time transcription & translation | Performance of a contract |
| Transcript text (to Gemini) | Summaries & learning explanations you request | Performance of a contract |
| Usage minutes | Plan/quota enforcement, future billing | Performance of a contract / legitimate interests |
4. Third-party sub-processors
| Provider | Function | Data involved |
|---|---|---|
| Apple | Sign in with Apple; App Store distribution | Apple user ID, optional name/relay email |
| Soniox (US) | Speech-to-text and translation | Live meeting audio, processed transiently |
| Google (Gemini API) | AI summaries & learning explanations | Transcript text you submit |
| Cloudflare | Backend hosting; usage-minute storage; optional web-share relay | Apple user ID, usage minutes, optional name; live transcript text (in memory only) if you create a web link |
Each provider processes data under its own privacy terms. Because Soniox processes audio in the United States, your data may be transferred to and processed in the US even if you are located elsewhere.
5. International data transfers
Hiroi uses globally distributed providers. Meeting audio is processed in the United States (Soniox); other providers (Google, Cloudflare, Apple) may process data in the US or other countries. Where required by GDPR/UK GDPR, transfers outside the EEA/UK rely on the providers' own transfer safeguards (such as Standard Contractual Clauses).
6. Data retention
- Audio: not retained by us — processed transiently and discarded.
- Transcripts / summaries / saved phrases: kept on your device until you delete them, the app, or your account.
- Usage minutes & name: kept on our backend while your account is active; erased when you delete your account.
- Gemini requests: transcript text sent to Google is handled per Google's retention terms; we do not keep a copy on our backend beyond the immediate request.
7. Your rights and choices
7.1 Delete your account (everyone)
You can delete your account any time: Settings → Delete Account. This erases your server-side usage data and stored name and wipes your local data on that device (meetings, learning content, glossary, speakers). Deletion is permanent. (Signing out is different: it keeps your local data and usage tally.)
7.2 GDPR / UK GDPR
You may request access to, correction of, or deletion of your personal data, object to or restrict processing, and lodge a complaint with your local data-protection authority. Because most content lives only on your device and we store very little (an opaque ID, usage minutes, optional name), you can exercise most rights directly in-app, or by emailing papawing@gmail.com.
7.3 California (CCPA/CPRA)
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. California residents may request to know what we hold, request deletion, and not be discriminated against. Email papawing@gmail.com or use in-app account deletion.
7.4 Other regions
Residents of Canada (PIPEDA), Brazil (LGPD), and other jurisdictions have comparable rights. Contact us to exercise them.
8. Children's privacy
Hiroi is not directed to children. It is intended for users aged 16 and over (and at least 13 where allowed). We do not knowingly collect data from children under these ages.
9. Security
We keep service-provider API keys server-side and never embed them in the app. Sign-in uses short-lived session tokens. No method is perfectly secure, but we take reasonable measures to protect the limited data we hold. As Hiroi is in beta, some protections are still being hardened.
10. Changes to this policy
We may update this policy as Hiroi evolves (for example, when paid plans launch). We will revise the "Last updated" date and, for material changes, provide notice in the app.
11. Contact
Questions or requests: papawing@gmail.com.
日本語の概要
- ログインは「Appleでサインイン」のみ。Appleが発行する匿名IDと、初回に共有を選んだ場合のお名前のみを保存します。パスワードやメールアドレスは不要です。
- 会議の音声は端末から音声認識プロバイダ Soniox(米国で処理)へ直接送信され、リアルタイムで文字起こし・翻訳されます。当方のサーバーには録音・保存されません。
- 文字起こし・要約・保存したフレーズは端末内にのみ保存され、当方サーバーへはアップロードされません。
- 要約や学習解説のため、文字起こしの「テキスト」をGoogle Gemini APIに送信します。
- 広告・データ販売・第三者トラッキングは一切ありません。
- アプリ内(設定 → アカウント削除)でアカウントとサーバー側データを削除できます。
- お問い合わせ:papawing@gmail.com