Privacy Policy

1. Who we are

Eavesdrop is an independent app published by aflutter.dev. You can reach us at privacy@aflutter.dev.

2. What we collect from you

Nothing. Eavesdrop has no user accounts, no sign-in, and no servers of our own that receive your audio or transcripts. Everything you record and every transcript you save lives in the app's private storage on your phone.

Uninstalling Eavesdrop removes all of it. We can't recover it for you because we never had it.

3. How speech recognition actually works

Eavesdrop doesn't ship its own speech recognition engine. Instead, it uses the speech recogniser provided by your operating system. This is important for two reasons: it's how we keep the app small and battery- friendly, and it's also where your audio is actually processed.

On iPhone and iPad

Eavesdrop uses Apple's SFSpeechRecognizer. Apple performs the recognition on-device whenever the language model for your selected language has been downloaded to your phone (most common languages are pre-installed or available in iOS Settings › General › Keyboard › Dictation). When an on-device model isn't available, iOS may send short audio snippets to Apple's servers to transcribe them. Apple's handling of that audio is governed by Apple's privacy policy; Eavesdrop has no separate access to it.

On Android

Eavesdrop uses the Android RecognitionService provided by your device — usually Google's. Most Android devices send audio to Google's servers for transcription, although some newer Pixel devices support an on-device mode. Google's handling of that audio is governed by Google's privacy policy; Eavesdrop has no separate access to it.

In both cases, only the audio you actively record while Eavesdrop is listening is sent to the OS recogniser — never anything else from your microphone, and never when you're not in a recording session.

4. Permissions we request

• Microphone — required to capture your speech. We only listen while you've explicitly started a recording.
• Speech recognition (iOS only) — required for iOS to let us call SFSpeechRecognizer on your behalf.

You can revoke either permission at any time in your phone's Settings. Without microphone access, Eavesdrop simply won't be able to record.

5. Crash reports

We use Sentry to receive an anonymous report when Eavesdrop crashes, so we can fix bugs. A crash report typically contains:

• The error message and call stack of the crash.
• Your device model (e.g. "iPhone 15 Pro") and OS version.
• The version of Eavesdrop you're running.
• A randomly generated, app-scoped install ID. We can't tie this to you personally.

Crash reports never include the contents of your recordings, your transcripts, your microphone input, or any text you've typed into the app. Reports are deleted from Sentry after 90 days.

Crash reports are only sent from release builds. If you build the app from source for development, no reports are sent.

6. Anonymous usage stats

To know roughly how many people use Eavesdrop and whether they record short voice notes or long meetings, we send a small, anonymous event stream to Aptabase, a privacy-first analytics provider that explicitly doesn't use cookies, advertising IDs, or any cross-app identifier.

What gets sent:

• Session counts. Aptabase automatically counts app sessions (a session ends after about an hour of inactivity). We can see "the app was opened N times today" — we can't see who.
• recording_saved — sent when you tap Save on a transcript. Includes a coarse duration bucket (<30s, 30s-2m, 2m-10m, 10m-30m, >30m) and the recogniser language code (e.g. en-US). Never the transcript content, never the title, never the exact duration.

Each event also carries your operating system name and version, your app version, and a session ID generated by Aptabase that's scoped to the current session and never tied to a user account. We don't generate or persist a user identifier. We don't see your IP beyond what every HTTPS request exposes to its destination.

Usage stats are only sent from release builds. Development builds send nothing.

7. Your controls

You can turn off anonymous usage stats at any time from Settings › Privacy › Anonymous usage stats. The change takes effect on the next app launch.

We don't use advertising SDKs, attribution SDKs, or any cross-app tracker. We don't read your address book, your location, your photos, your calendar, or any other data on your device. The microphone is the only sensor we touch.

8. Sharing transcripts

When you tap Share on a transcript, Eavesdrop hands the text to the standard share sheet on your phone (iOS or Android). Where the text goes after that — Mail, Notes, Messages, a cloud service — is your choice and is covered by the privacy policy of that destination app, not ours.

9. Children

Eavesdrop is not directed at children under 13. We don't knowingly collect data from anyone (see § 2), but if you believe a child has been harmed by their use of Eavesdrop, please contact us.

10. International users

Because Eavesdrop doesn't collect or transmit personal data of its own, there's no cross-border data transfer to disclose. The OS speech recognisers (Apple, Google) may transfer audio to servers in their respective regions — see § 3 and the linked policies.

11. Changes to this policy

If we change this policy in a way that affects how your data is handled, we'll update the effective date above and, where the change is material, surface a notice inside the app on the Settings screen. Continued use of Eavesdrop after a change means you accept the updated policy.

12. Data deletion requests

Eavesdrop (published by aflutter.dev) keeps all of your recordings and transcripts on your device. Uninstalling Eavesdrop permanently deletes everything — we have no server-side copy of your content to retrieve or remove.

The only data that leaves your device is the anonymous crash and usage telemetry described in §5 and §6. To request deletion of any such records:

• Step 1. Email privacy@aflutter.dev with the subject "Eavesdrop data deletion request".
• Step 2. Tell us the approximate dates you used Eavesdrop and your device model and OS version, if you have them. This is what we use to narrow down records to delete.
• Step 3. We'll delete matching records from Sentry and Aptabase and reply to confirm within 30 days.

What gets deleted: any crash reports held by Sentry and any usage events held by Aptabase that match the information you provide.

What gets kept: nothing else — we don't hold any other data about you. Crash reports are also deleted automatically by Sentry 90 days after they are received, and Aptabase usage events are fully anonymous, so even without a request your records age out on their own.

13. Contact

Questions, concerns, or data-rights requests: privacy@aflutter.dev.