Privacy Policy

Last updated: 2026-04-29 · Effective: 2026-04-29

The short version

Scribio is a local-first macOS app. Your meeting audio, transcripts, voice profile, and face embeddings are processed and stored entirely on your Mac. Nothing audio-related is ever transmitted off your device. The only data that may leave your Mac is (a) optional encrypted sync to your own iCloud account between your own devices, and (b) participant identity metadata fetched from Zoom or Microsoft 365 if you explicitly opt in to those integrations.

1. What Scribio collects and stores on your device

Data	Where it lives	Why
Meeting audio recordings	Local disk (sandboxed app container)	Source for transcription
Transcripts (text + speaker labels + timestamps)	Local SQLite database (GRDB)	The product
Voice profile embeddings (256-dim vectors)	Local database, encrypted at rest with keys in macOS Keychain (Secure Enclave)	Speaker identification across meetings
Face embeddings (512-dim vectors from camera frames)	Local database, AES-GCM encrypted at rest, key in Secure Enclave. Raw video frames are discarded immediately after embedding extraction.	Speaker identification when a camera is on
Calendar attendee names + emails	Local database	Speaker name suggestions for calendar-linked meetings (read via the macOS Calendar permission)
Contact identifiers	Local database (only the `CNContact.identifier` reference, never the name/email/phone/photo)	iOS-only feature for matching meeting participants to your contacts (deferred from v1)

2. What leaves your device — and only with your explicit consent

2.1 iCloud sync between your own devices (optional)

If you have iCloud enabled on your Mac, Scribio uses Apple's CloudKit service to sync transcripts, summaries, tasks, and meeting metadata between your own Macs and (in a future iOS phase) your iPhones / iPads. This sync is end-to-end encrypted by Apple, runs only between your own Apple-ID-linked devices, and never reaches Scribio's servers (we don't have any). Face embeddings are never synced — biometric data stays device-local.

2.2 Zoom Marketplace integration (opt-in)

If you connect Scribio to your Zoom account, Scribio fetches the post-meeting participant roster (display name, email, role) from GET /past_meetings/{meetingID}/participants via Zoom's REST API. The audio of the meeting is never sent to Zoom. We send Zoom only the meeting ID, our OAuth credential, and request the roster. Zoom's privacy policy applies to that exchange: https://zoom.us/privacy.

2.3 Microsoft Graph integration (opt-in, future phase)

Same shape as the Zoom integration but for Microsoft Teams: post-meeting attendance reports are fetched via GET /v1.0/users/{userID}/onlineMeetings/{meetingID}/attendanceReports/{reportID}. Audio never leaves your device. Microsoft's privacy terms apply to the metadata exchange: https://privacy.microsoft.com/.

2.4 External AI services (opt-in, future phase)

Scribio runs all language-model inference on-device by default (MLX-Swift, Apple Silicon ANE/GPU). If you opt into an external AI service (e.g. Anthropic Claude, OpenAI), only the prompt content you choose to send is transmitted, and only to the service you authorise. The default setting keeps everything on-device.

2.5 Crash and error reporting (opt-in)

If you opt into crash reporting, Scribio transmits scrubbed crash logs over HTTPS. Logs are stripped of transcript text, speaker names, audio file paths, and other PII before transmission. Default: off.

3. What Scribio explicitly does NOT do

Scribio does not run a server or cloud backend that ingests your data.
Scribio does not transmit audio, transcripts, voice profiles, or face embeddings to any third party.
Scribio does not include analytics or tracking SDKs (no Google Analytics, no Mixpanel, no Crashlytics-by-default, no advertising IDs).
Scribio does not sell, rent, or share your data with anyone for any purpose.

4. Biometric data (GDPR Article 9, CCPA §1798.140)

Voice and face embeddings are special categories of personal data under EU/UK GDPR and "biometric information" under California CCPA. Scribio handles them as follows:

Explicit informed consent screen before any face processing begins, separate from general onboarding.
Encrypted at rest via Apple CryptoKit (AES-GCM) with keys in the Secure Enclave (kSecAttrAccessibleWhenUnlockedThisDeviceOnly).
Raw frames discarded immediately after embedding extraction — never persisted.
Never transmitted off your device under any circumstance.
One-tap deletion via Settings → Privacy → Biometric Data → Delete All — wipes every embedding, encryption key, and audit log entry.
Audit trail in the local biometric_consent_log table for GDPR records-of-processing-activity compliance.

5. Your rights

Because Scribio stores your data on your own device, most data-subject rights (access, rectification, deletion, portability) are exercised directly through the Scribio app:

Access / portability: Settings → Export → choose Markdown / Obsidian / Notion / Bear / Roam / Logseq / Apple Notes / Evernote.
Deletion: per-meeting delete (with confirmation) from the meetings list, plus Settings → Privacy → "Delete all data" for full wipe.
Rectification: any speaker name, transcript word, or summary can be edited inline in the app.
Withdrawal of consent: any opt-in (Zoom, Graph, external AI, crash reporting, biometric processing) can be turned off in Settings at any time.

For questions about your data or to request deletion of any data we may have received via crash reporting (if you opted in), email sacco66@gmail.com.

6. Children

Scribio is not directed to children under 13 (US) or 16 (EU/UK). We do not knowingly process personal data of children. If you believe a child has provided personal information to Scribio, contact us and we will assist with deletion.

7. Changes to this policy

Material changes to this policy will be reflected in the "Last updated" date at the top and announced in the Scribio app's release notes. Continued use of Scribio after the effective date of a change constitutes acceptance.

8. Contact

Giovanni Sacco · Scribio · sacco66@gmail.com