trace

Privacy Policy

Last updated: 17 May 2026

trace is a personal context capture tool — a macOS desktop app and an iOS companion that record your meetings and conversations, transcribe them, and turn them into structured discussions, decisions, and a personal knowledge graph you can query. This policy describes exactly what we collect, why, where it lives, and what we do not do.

What we collect

  • Google account identity. Sign-in is via Google OAuth. We receive your email address and a stable identifier (sub claim) only — we do not request access to your Gmail, Drive, Calendar, or contacts.
  • Authentication tokens. A 365-day JSON Web Token issued on sign-in, stored locally on your device.
  • Recordings. Audio captured from your microphone and, on macOS, your system speakers (the other side of a meeting). Recordings stay on your device while you record; final transcripts and summaries — not the raw audio — are uploaded to our server.
  • Transcripts, summaries, decisions, action items. The text artifacts produced from each discussion you save.
  • Knowledge-graph entities. Structured nodes (people, decisions, risks, goals, etc.) extracted from your discussions, stored against your account in our graph database.
  • Ask Trace history. The questions you ask the knowledge graph and the answers we return, stored against your account so the chat persists across sessions.

What we do not collect

  • No analytics SDKs and no third-party trackers in the desktop or iOS app.No Google Analytics, Mixpanel, Firebase Analytics, Segment, or Facebook SDK is present in the app binaries. This marketing website uses Vercel Web Analytics — see “About this website” below.
  • No advertising identifiers (IDFA). No App Tracking Transparency prompt is shown because we do not track.
  • No contact-list, calendar, or location scraping. We do not request access to your address book, calendar, or location.
  • No data from other users. trace is single-user and owner-only. There is no team, sharing, or admin surface that could expose your data to anyone else.

How we use your data

  • To authenticate you on each app launch.
  • To transcribe your recordings and generate the summary, decisions, and action items for each discussion.
  • To build and query your personal knowledge graph so Ask Trace can answer questions across your past discussions.
  • To diagnose crashes and failed requests via aggregated error telemetry (see “Operational telemetry” below).

We do not sell, rent, or share any of the above with third parties for advertising, marketing, or profiling.

Where your data lives

All server-side data is stored in databases hosted on Fly.io. Your discussions, summaries, and Ask Trace history live in a Postgres database in the bom (Mumbai) region. Your knowledge-graph entities live in a Neo4j database in the sin(Singapore) region. Both databases are reachable only over Fly’s private network — neither has a public IP address.

Strict user isolation

Every record we store is scoped to your user ID. Every read query against the knowledge graph — including vector searches, entity resolution, schema lookups, and generated Cypher — is filtered by user ID. There is no code path that returns one user’s data to another, and we treat this as a non-negotiable invariant.

Third parties we send data to

  • OpenAI. We send your recording audio to OpenAI Whisper for transcription, and your discussion transcript to GPT for summarization, decision/action-item extraction, and as a fallback model for the knowledge-graph pipeline. OpenAI processes this content under their API data policy (no training on API content).
  • Anthropic. We send your discussion transcript and summary to Claude as the primary LLM for the knowledge-graph extraction pipeline and for answering Ask Trace questions. Anthropic processes this content under their API data policy (no training on API content).
  • Sentry. Operational telemetry — see below.
  • Google. Sign-in is via Google OAuth. We exchange the OAuth code for your email address and a stable identifier; nothing else.

We never send your raw audio to anyone except OpenAI Whisper for transcription. We never send other users’ data to any third party — every LLM call is scoped to your account only.

Operational telemetry

Both the desktop and iOS apps report crashes and failed network requests (non-2xx HTTP responses) to Sentry so we can fix bugs. These reports include the error type, stack trace, app version, OS version, and your user ID — they do not include the contents of your recordings, transcripts, summaries, or Ask Trace questions.

Your responsibility for recordings

trace records audio. You are responsible for obtaining consent from the other parties in a conversation where required by the law of your jurisdiction. Recording-consent rules vary widely — some places require all-party consent, others one-party — and we have no way to enforce them from inside the app. By using trace you confirm you will obtain whatever consent is required by applicable law before recording.

Data retention and deletion

Your account and its data persist until you ask us to delete them. To delete your account, email adhyan@usetrace.ai from the email you registered with, or include that email in your request. We will permanently remove your account row, recordings, transcripts, summaries, knowledge-graph entities, and Ask Trace history within 30 days.

Children

trace is intended for adults. It is not designed for and is not knowingly used by anyone under 18.

Security

All traffic between the apps and our API is encrypted in transit via HTTPS (TLS 1.2+). JWTs are signed with HS256 using a server-side secret that is rotatable. Database access is restricted to Fly’s private network.

About this website

This site (the page you are reading) uses Vercel Web Analytics to measure aggregate traffic — how many people visit which page, from which country, on roughly what kind of device. It is cookieless, does not use any cross-site or cross-session identifier, and does not build a profile of you. It cannot identify you personally and cannot be linked back to your trace account. No data from the desktop or iOS app feeds into it.

Changes to this policy

If we materially change what we collect or how we use it, we will update the “Last updated” date above and notify you in-app before the change takes effect.

Contact

Questions about this policy or your data: adhyan@usetrace.ai.