Privacy Policy for EthervoxAI

Last Updated: April 27, 2026

Introduction

EthervoxAI ("we", "our", or "the app") is designed with privacy at its core. We do not collect, store, or transmit your personal data. This privacy policy explains how your data is processed locally on your device and what limited data third-party services may collect when you use our Android voice assistant application.

Children's Privacy

This app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. The app's Terms of Service require users to be at least 13 years old (or the applicable age of digital consent in their jurisdiction, which may be 14-16 in certain countries under GDPR).

Important: Since all data processing occurs locally on your device and we do not operate servers that collect or store user data, we cannot access, monitor, or delete data from our systems. All app data (conversations, settings, etc.) remains exclusively on the device.

For Parents and Guardians: If you believe your child has used this app:

  • Immediate Action: You can immediately delete all app data by uninstalling the app from the child's device or clearing app data via Android Settings → Apps → EthervoxAI → Storage → Clear Data
  • Device Controls: Use Android's parental controls and Family Link to restrict app installations and monitor device usage
  • Contact Us: While we cannot access or delete data stored locally on devices, you may contact us at support@ethervox.ai if you have questions about the app's data handling practices or need guidance on removing app data

Parents and guardians are responsible for monitoring their children's device usage and app installations.

How Your Data is Handled

Important: EthervoxAI itself does not collect any personal information. All data processing happens locally on your device. The sections below explain what data remains on your device and what third-party services (like AdMob for ads or Hugging Face for model downloads) may collect.

Voice Data

  • Speech-to-Text Processing: Voice recordings are processed locally on your device using Android's on-device speech recognition. No voice data is sent to external servers.
  • Local Storage: Voice commands are not stored or recorded by the app. Only text transcriptions are processed.

Conversation History

  • Local Storage Only: All conversation history is stored on your device in encrypted format.
  • Encryption: Conversations are encrypted using AES-256-GCM encryption with hardware-backed key storage (Android Keystore).
  • No Cloud Sync: Conversations are not uploaded to our servers or any third-party services.
  • Device Backups: If you back up your device to the cloud (e.g., Google Drive, Samsung Cloud) or to a computer, the app's private storage data will be included in that backup. While the data remains encrypted, you should secure your backups accordingly with strong passwords and encryption.

Application Data

  • Settings & Preferences: App settings (language, volume, speech rate, etc.) are stored locally on your device using encrypted SharedPreferences.
  • User-Generated Content: Memory files and custom prompts are stored locally on your device in app-private storage.

LLM Processing

  • On-Device Processing: Large language model (LLM) inference runs entirely on your device. Conversations are not sent to external servers for AI processing.
  • Model Files: AI models are downloaded from Hugging Face's servers and stored locally on your device. During download, Hugging Face may collect standard web request data (IP address, user agent, download metadata).
  • Download Frequency: Models are downloaded once during initial setup and updated periodically when new versions are available.

Optional Features

Bug Reporting

  • User-Initiated Only: Bug reports are only sent when you explicitly choose to submit one.
  • Anonymous by Default: Bug reports contain only technical diagnostic information (app version, Android version, error logs).
  • Email-Based: Bug reports are sent via your email app, giving you full visibility and control over what is sent.
  • No Personal Data: Bug reports do not include conversation history, voice recordings, or personal information.

Billing (In-App Purchases)

  • Google Play Billing: In-app purchases are processed through Google Play's billing system.
  • Purchase Data: We receive pseudonymous purchase verification tokens from Google Play to verify subscription status.
  • Payment Information: We do not receive or store credit card information or payment details.

Advertising (AdMob)

  • Display Ads: Free tier users see ads provided by Google AdMob to support app development.
  • Premium Option: Users can purchase Premium to remove all ads permanently.
  • Consent Required: You must actively opt-in to personalized advertising before any ads are displayed.
  • What AdMob Collects: Advertising ID (AAID), device information, ad interaction data, and approximate location (country/region).
  • No Firebase Analytics: We have specifically excluded Firebase Analytics from AdMob to minimize data collection.

How Data is Processed

On-Device Processing Only: All core functionality processes data locally on your device. We do not receive, access, or process your personal data on our servers. The processing described below occurs entirely on your device:

  • Voice Processing: To convert speech to text and enable voice interaction (Legal Basis: Legitimate interest in providing core app functionality)
  • LLM Inference: To generate AI responses locally on your device (Legal Basis: Legitimate interest / Contract performance)
  • Conversation History: To maintain context during conversations stored encrypted on device (Legal Basis: Legitimate interest)
  • Settings: To customize app behavior according to your preferences (Legal Basis: Legitimate interest)
  • Model Downloads: To download AI models from Hugging Face servers (Legal Basis: Necessary for contract performance)
  • Advertising (Free Tier): To display ads via AdMob (Legal Basis: Your explicit consent)
  • Subscription Management: To verify active subscriptions and enable premium features (Legal Basis: Necessary for contract performance)
  • Bug Reporting: To diagnose and fix technical issues (Legal Basis: Legitimate interest, only when you explicitly submit a report)

Automated Decision-Making and AI Processing

Our app uses an on-device AI language model to generate responses to your queries. This constitutes automated processing but does not involve:

  • Automated decision-making that produces legal effects or similarly significantly affects you
  • Profiling for marketing, advertising, or behavior prediction purposes
  • Decisions that you cannot override or influence

Your Control: You maintain full control over all AI interactions. You can:

  • Choose whether to use voice or text input
  • Edit, delete, or regenerate any AI responses
  • Clear conversation history at any time
  • Disable the AI assistant entirely (app settings)

The AI processing occurs entirely on your device using models you explicitly download. No profiling data is shared with third parties, and the AI cannot make binding decisions on your behalf.

Data Storage and Security

Encryption

  • Stored Data: All sensitive data (conversations, settings) stored on your device is encrypted using AES-256-GCM encryption
  • Key Management: Encryption keys are stored in Android Keystore with hardware-backed security (TEE)
  • Data in Transit: All network communications use TLS 1.2+ encryption

Local-Only Storage

  • Android Auto Backup Disabled: App data is excluded from Android Auto Backup to prevent automatic unencrypted cloud storage
  • Manual Backups: If you manually back up your device using third-party tools, cloud services, or computer software, encrypted app data may be included in those backups. Ensure your backup storage is secured with strong passwords and encryption
  • Device Storage: All user data remains on your device and is not transmitted to our servers

Access Controls

  • App-Private Storage: All data is stored in app-private directories inaccessible to other apps
  • Permission Model: The app only requests necessary permissions (microphone for voice input, internet for model downloads)

Data Breach Notification

Given our privacy-by-design architecture (local-only data storage, no central servers, end-to-end encryption), the risk of data breaches is significantly reduced. However, in the unlikely event of a security incident that affects your personal information, we will:

  • Notify You Promptly: Within 72 hours of becoming aware of the breach, we will notify affected users via email (if provided) and in-app notification
  • Provide Details: Describe the nature of the breach, categories of data affected, and potential consequences
  • Remediation Steps: Explain measures taken to address the breach and recommendations for protecting your data
  • Regulatory Notification: Report breaches to relevant supervisory authorities as required by law (GDPR, CCPA, etc.)

Note: Since your data is stored locally on your device rather than on our servers, most security risks relate to device-level security. We recommend:

  • Keeping your Android OS updated
  • Using device encryption and screen lock
  • Only installing apps from trusted sources
  • Regularly reviewing app permissions

Third-Party Data Collection

We do not collect, sell, trade, or share your personal data. However, some optional third-party services integrated into the app may collect limited data as described below:

Third-Party Services (Not Controlled by EthervoxAI)

The following third-party services may collect data independently when you use certain features:

  1. Hugging Face (Model Repository)
    • Purpose: Download AI language models for on-device processing
    • Data Shared: IP address, device user agent, download request metadata (standard web server logs)
    • Data Transfer: Models are downloaded from Hugging Face servers (may be located in United States and Europe)
    • Frequency: One-time download during setup, periodic updates for new model versions
    • Privacy Policy: Hugging Face Privacy Policy
    • Legal Basis: Necessary for contract performance (providing AI assistant functionality)
  2. Google Speech Recognition (On-Device API)
    • Purpose: Convert voice to text locally on your device
    • Data Shared: None - processing occurs entirely on-device
    • Privacy Policy: Google Privacy Policy
  3. Google Text-to-Speech (On-Device API)
    • Purpose: Convert text to speech locally on your device
    • Data Shared: None - processing occurs entirely on-device
    • Privacy Policy: Google Privacy Policy
  4. Google AdMob (Free users only)
    • Purpose: Display advertisements to support free app
    • Data Collected by AdMob: Advertising ID (AAID), device information (model, OS version), ad interaction data, approximate location (country/region)
    • Data Transfer: Personal data is transferred to Google LLC in the United States and may be shared with advertising partners globally
    • Legal Mechanism: Standard Contractual Clauses (SCCs) approved by the European Commission
    • Legal Basis: Your explicit consent (opt-in required before ads are displayed)
    • Data We Receive: None - AdMob operates independently
    • Your Rights: You can withdraw consent at any time in Settings, or upgrade to Premium to remove ads permanently
    • Privacy Policy: Google AdMob Privacy Policy
  5. Google Play Billing
    • Purpose: Process in-app purchases and verify subscription status
    • Data Shared: Purchase verification tokens (pseudonymous identifiers)
    • Data Transfer: Minimal data sent to Google for purchase verification
    • Legal Basis: Necessary to perform contract (subscription service)
    • Privacy Policy: Google Privacy Policy

Advertising Consent Requirements

Third-Party Data Collection (Free Tier Only):

  • Data collected by AdMob: Advertising ID (AAID), device information (model, OS version), ad interaction data, and approximate location (country/region)
  • Collected by: Google AdMob and its advertising partners (not by EthervoxAI)
  • Purpose: To display personalized advertisements and support the free tier
  • Data transfers: Personal data is transferred to Google LLC in the United States and shared with advertising partners globally
  • Your choices: Accept personalized advertising OR upgrade to Premium (ad-free)

Consent Requirements:

  • You must actively consent to personalized advertising before any ads are displayed
  • Consent is freely given - you can decline and choose Premium instead
  • We retain records of your consent choices as required by law for up to 3 years
  • You can withdraw consent at any time using the instructions below

How to Withdraw Advertising Consent:

  1. Open the EthervoxAI application
  2. Navigate to: Settings → Privacy → Advertising Consent
  3. Toggle OFF "Personalized Advertising"
  4. To continue using the free tier after withdrawing consent, you must upgrade to Premium

Alternatively, upgrade to Premium at any time via Settings → Upgrade to Premium to completely eliminate all advertising data collection.

California Users (CCPA/CPRA Rights)

  • AdMob data sharing may constitute a "sale" under California law
  • You have the right to opt-out: Settings → Privacy → Do Not Sell My Personal Information
  • We will not discriminate against you for exercising this right
  • Premium option available to avoid ads entirely

What We Do NOT Use:

  • Firebase Analytics (specifically excluded)
  • Facebook tracking pixels
  • User behavior analytics
  • Third-party data brokers
  • Cross-app tracking

Data Retention

  • Conversation History: Stored locally on your device until you manually delete it or uninstall the app. Data is not retained on our servers.
  • Settings & Preferences: Stored locally until you reset them or uninstall the app
  • AdMob Consent Records: Records of your consent choices are retained as required by GDPR for up to 3 years or as long as you use the app, whichever is longer. These records are stored locally on your device.
  • Bug Reports: If you submit a bug report via email, it is stored in your email account and optionally on our GitHub issue tracker until resolved and archived
  • Model Files: Stored locally on your device until you delete them or uninstall the app
  • Subscription Records: Purchase verification tokens are retained by Google Play according to their retention policy

Your Rights

Depending on your location, you have the following rights:

All Users

  • Access: View all your data through the app's interface
  • Delete: Clear conversation history and reset settings at any time
  • Export: Export conversation history and memory files in JSON format
  • Control: Bug reports are only sent when you explicitly choose to send them

EU/UK Users (GDPR)

  • Right to Access: Request a copy of all personal data we hold
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Restriction: Limit how we process your data
  • Right to Data Portability: Receive your data in machine-readable format (JSON)
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for AdMob at any time without affecting app functionality (upgrade to Premium or accept non-personalized ads)
  • Right to Lodge Complaint: File a complaint with your local supervisory authority (see Contact section for list)

California Users (CCPA/CPRA)

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out of Sale/Sharing: Settings → Privacy → Do Not Sell My Personal Information
  • Right to Non-Discrimination: We will not discriminate for exercising your rights
  • Right to Correct: Request correction of inaccurate information
  • Right to Limit Use of Sensitive Information: Control use of sensitive personal data

Other US States

Virginia, Colorado, Connecticut, and Utah residents have similar rights under state privacy laws. Contact us to exercise these rights.

Data Deletion

Manual Deletion

  • Clear conversation history via Settings → Clear All Conversations
  • Delete individual memory files via Memory Viewer
  • Reset all settings via Settings → Reset to Defaults

Uninstall

  • All app data is automatically and permanently deleted from your device when you uninstall the app
  • We do not retain any copies of your data after uninstallation
  • Uninstallation is immediate and does not require any additional steps

Permissions Explained

Required Permissions

The following permissions are essential for core app functionality:

  • RECORD_AUDIO (Required)
    • Purpose: Capture voice input for speech-to-text conversion
    • When Used: Only when you press the microphone button or use wake word activation
    • Consequence of Denial: The app cannot function as a voice assistant without microphone access. You can still use text input if available.
  • INTERNET (Required for Initial Setup)
    • Purpose: Download AI model files (one-time, ~500MB-2GB) and verify in-app purchases
    • When Used: During initial setup, model updates, and subscription verification
    • Consequence of Denial: Cannot download AI models or verify Premium subscription. App will function offline after initial setup with cached models.

Optional Permissions

  • The app does not request any optional permissions (contacts, location, camera, storage, etc.)
  • All permissions can be reviewed and modified in Android Settings → Apps → EthervoxAI → Permissions

Permission Usage

  • We do not request location, contacts, camera, or other permissions beyond those listed above
  • All permissions are used solely for stated purposes
  • Permissions are requested at runtime when needed, with clear explanations

Data Provision Requirements

Contractual Requirement: Providing microphone access is necessary to use the voice assistant features. This is a contractual requirement for the core service we provide.

Consequences of Not Providing Data:

  • Without microphone permission: Voice input will not work (text input may be available)
  • Without internet permission: Cannot download AI models or verify Premium subscription
  • Declining AdMob consent: Can use app ad-free by purchasing Premium, or accept non-personalized ads

You are not legally obligated to provide this data, but the app cannot deliver its core functionality without the required permissions.

Third-Party Links and Services

Our app may contain links to third-party websites, services, or resources (e.g., privacy policy links for Google, Hugging Face). We are not responsible for the privacy practices or content of these external sites.

When You Click External Links:

  • You will leave our app and enter a third-party website
  • That website's privacy policy and terms of service will apply
  • We do not control or endorse third-party content
  • We recommend reviewing the privacy policies of any third-party services you use

Third-Party Services We Link To:

Do Not Track Signals

Our app does not respond to "Do Not Track" (DNT) browser signals because:

  • We do not track users across websites or apps
  • All AI processing occurs locally on your device
  • We do not use cookies, web beacons, or cross-site tracking technologies
  • The only tracking that occurs is via AdMob (for free users), which you can control through:
    • Android Settings → Google → Ads → Opt out of Ads Personalization
    • In-app Settings → Privacy → Advertising Consent
    • Upgrading to Premium (removes all ads)

California Users: Under the California Online Privacy Protection Act (CalOPPA), we disclose that we do not alter our data collection practices in response to DNT signals. However, you can opt-out of AdMob tracking as described above.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or app features.

How We Notify You of Changes:

  • Material Changes: Significant changes that affect how we collect, use, or share your data will be communicated via:
    • In-app notification (displayed on next launch)
    • Email (if you provided an email address for Premium subscription or support)
    • Prominent notice on this page
  • Minor Changes: Non-material changes (typos, clarifications, formatting) will be reflected by updating the "Last Updated" date at the top of this policy

Your Acceptance: Continued use of the app after changes are posted constitutes acceptance of the updated policy. If you do not agree with changes, you should discontinue use and uninstall the app.

Version History: Previous versions of this policy are available upon request by contacting support@ethervox.ai.

We encourage you to review this policy periodically to stay informed about how we protect your privacy.

Contact Us

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Data Controller: EthervoxAI
Location: United States
General Support: support@ethervox.ai
Privacy Inquiries: privacy@ethervox.ai
Website: https://ethervox.ai

Data Protection Officer

DPO Status: A dedicated Data Protection Officer (DPO) is not required for our organization under GDPR Article 37, as we:

  • Are not a public authority or body
  • Do not engage in large-scale systematic monitoring of individuals
  • Do not engage in large-scale processing of special categories of data
  • Process all user data locally on devices (no centralized data collection)

Privacy Contact: For all privacy-related inquiries, data subject requests, or concerns, please contact our privacy team at privacy@ethervox.ai. We will respond within the timeframes required by applicable law (30 days for GDPR, 45 days for CCPA).

Supervisory Authorities

If we cannot resolve your privacy concerns, you have the right to lodge a complaint with:

Exercising Your Rights

To exercise any of your privacy rights, contact us at support@ethervox.ai with "Privacy Request" in the subject line. We will respond within:

  • 30 days for GDPR requests
  • 45 days for CCPA requests (extendable by 45 days if complex)

Compliance

This app is designed to comply with:

  • EU General Data Protection Regulation (GDPR)
  • UK General Data Protection Regulation (UK GDPR)
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Virginia Consumer Data Protection Act (VCDPA)
  • Colorado Privacy Act (CPA)
  • Connecticut Data Privacy Act (CTDPA)
  • Utah Consumer Privacy Act (UCPA)
  • Google Play Developer Program Policies
  • Android Security Best Practices

International Data Transfers

Some third-party services transfer data internationally:

  • Hugging Face: Model downloads may transit through US/EU servers (minimal metadata only)
  • Google AdMob: Transfers advertising data to United States under Standard Contractual Clauses (SCCs)
  • Google Play Billing: Minimal purchase verification data transferred under SCCs

We rely on appropriate safeguards including Standard Contractual Clauses and adequacy decisions where applicable.

Summary: EthervoxAI is a truly private voice assistant. We do not collect any personal data. All conversations and AI processing happen entirely on your device with AES-256-GCM encryption and hardware-backed key storage. Your data never leaves your device or reaches our servers. Only optional third-party services (AdMob for free tier ads, Hugging Face for initial model downloads, Google Play for Premium billing) may collect minimal data as disclosed above. Upgrade to Premium for a completely ad-free experience with zero third-party data collection.

Categories of Personal Information (California Disclosure)

EthervoxAI does not collect any personal information. However, third-party services integrated into the free tier may collect the following categories from California residents:

Category Examples Collected Sold/Shared
Identifiers Advertising ID, device ID Yes (AdMob) Yes (AdMob)
Internet Activity Ad interactions, app usage Yes (AdMob) Yes (AdMob)
Geolocation Approximate location (country) Yes (AdMob) Yes (AdMob)
Commercial Information Purchase history Yes (Play Billing) No
Device Information OS version, model, IP address Yes (AdMob, Hugging Face) Yes (AdMob)

"Sold/Shared" refers to AdMob's advertising ecosystem. You can opt-out via Settings → Privacy → Do Not Sell My Personal Information.