Welcome to tickoff! This privacy policy explains what information we ("tickoff," "we," "us," or "our") collect when you use our iOS application ("tickoff" or "the App"), why we collect it, and how you can manage and control your information. This policy applies to all versions of the tickoff app on iOS.
Our goal is to help you capture, transcribe, and manage your meetings effectively. To do this, the App needs to handle certain data, including your audio recordings and information you provide. We are committed to protecting your privacy and handling your data transparently.
Please read this policy carefully. By using tickoff, you agree to the collection and use of information in accordance with this policy.
We collect different types of information to provide and improve our App for you. This information is categorized below, aligning with Apple's Privacy Nutrition Label taxonomy.
What data do we collect?
| Data Category | Data Types Collected | Linked to User? | Used for Tracking? | Purpose of Collection |
|---|---|---|---|---|
| Contact Info |
- Email address (for Jira integration, if you provide it) - Names of "Action Owners" (if you define them) - Phone numbers for "Action Owners" (optional, if you provide them) - Jira User Display Names & Account IDs (fetched from your Jira instance if you connect it, and cached locally) |
Yes | No |
- To enable Jira integration features (authentication, user assignment). - To allow you to label action items with owners. - To populate assignee lists for AI suggestions. |
| Identifiers |
- User ID (IdentifierForVendor - IDFV): A unique identifier for your device for our apps. - Recording ID, Action Item ID, Jira Ticket Suggestion ID (UUIDs): Internal identifiers for app content. - API Keys/Tokens (Jira & Gemini): If you provide your own API keys/tokens for Jira or Gemini services, these are stored on your device as per your configuration. - Push Notification Token: If you enable notifications, a token is used to send alerts (e.g., when meeting processing is complete). |
Yes | No |
- User ID (IDFV): Used for app functionality, analytics, and, if you subscribe, sent to our backend to validate server-side API key usage for Gemini processing. - Content IDs: For managing your recordings, actions, and tickets within the app. - API Keys/Tokens: To allow the app to connect to third-party services (Jira, Gemini) on your behalf, using your credentials. - Push Token: To deliver notifications about app events. |
| Usage Data |
- Feature Usage: Information about how you interact with the App (e.g., features used, buttons clicked, number of recordings, chat queries initiated). - Performance Data: Crash logs, performance metrics (e.g., processing times). - Settings & Preferences: Onboarding completion status, selected AI model, app theme, user-defined context string, action push endpoint configuration. - Free Tier Usage: Count of processed meetings if you are using the free tier. |
Yes | No |
- To understand app usage, improve functionality, and identify areas for enhancement. - To diagnose and fix technical issues. - To personalise your app experience. - To manage free tier limitations. |
| Sensitive Data |
- Audio Recordings: Voice recordings of your meetings. - Speaker Audio Samples: Short voice recordings you provide for speaker identification. - Meeting Transcriptions: Text generated from your audio recordings. - Meeting Summaries: AI-generated summaries of your meetings. - Action Items & Jira Ticket Content: Details of tasks, including descriptions, assignees, and other metadata derived from meetings or manually entered. - Chat Messages (with AI Assistant): Text of your conversations with the in-app Gemini-powered chat assistant, which includes a context of your meeting data (transcriptions, summaries, actions, tickets). |
Yes | No |
- Audio Recordings & Speaker Samples: Core app functionality for capturing meetings and identifying speakers. This data is processed by AI services (Google Gemini) to provide transcriptions, summaries, etc. - Transcriptions, Summaries, Action Items, Jira Tickets: Core app functionality for providing you with insights and manageable outputs from your meetings. This data is generated by AI services and stored locally. - Chat Messages: To provide AI-powered assistance and answers based on your meeting data. This data (including the meeting context) is sent to Google Gemini for processing. |
| Purchases | - Purchase History: Information about your in-app purchases or subscriptions (e.g., "premiumUnlocked," "subscriptionActive" flags). Specific payment details are handled by Apple and not directly accessed or stored by tickoff. | Yes | No | - To manage access to premium features and validate subscriptions. |
"Linked to User?": Indicates whether the data is tied to your identity (e.g., through your device, account, or information you provide).
"Used for Tracking?": "Tracking" refers to linking user or device data collected from our app with user or device data collected from other companies’ apps, websites, or offline properties for targeted advertising or advertising measurement purposes. tickoff does not use your data for tracking purposes.
We collect and use your data for specific purposes, relying on appropriate legal bases as required by applicable laws (e.g., GDPR, CCPA/CPRA).
You provide your Jira credentials (URL, email, API token) and Gemini API key (if not using a subscription with a server-side key) directly in the App's settings. By providing these, you consent to the App using them to interact with these third-party services on your behalf as described.
tickoff does not engage in "tracking" as defined by Apple (i.e., linking user or device data from our app with data from third-party apps or websites for targeted advertising or advertising measurement). Therefore, we do not currently display Apple's App Tracking Transparency (ATT) prompt for this purpose.
If future versions of the App were to include features that constitute tracking, we would:
To provide its features, tickoff interacts with certain third-party services and may utilise SDKs.
identifierForVendor (IDFV) is sent to our backend for authentication.
Privacy Manifests (PrivacyInfo.xcprivacy):
We are committed to complying with Apple's requirements for privacy manifests. Our App's privacy manifest will declare the data types collected by the App and any third-party SDKs we use, along with the reasons for their collection and use, particularly for Required Reason APIs. We regularly review our SDKs and their privacy practices to ensure our declarations are accurate.
PrivacyInfo.xcprivacy files, which are merged by Xcode.You have rights regarding your personal data.
To exercise any of these rights, please contact us using the details in Section 11. We will respond to your request within the timeframes required by applicable law.
UserDefaults (metadata) and the App's sandboxed storage or App Group container (audio files) until you delete them through the App or uninstall the App.
UserDefaults and remain until you clear them in settings or uninstall the App.
ChatView appear to be session-specific and are not explicitly persisted in UserDefaults in the same way as recordings. They are cleared when you manually refresh the chat or navigate away in a manner that reloads the view.
We will retain your information only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required or permitted by law.
UserDefaults. UserDefaults is not considered secure storage for highly sensitive information like API tokens. While this provides persistence across app launches, you should be aware that data in UserDefaults is not encrypted by default beyond standard device encryption (if enabled on your iOS device). We strongly recommend using unique and revocable API tokens where possible and understanding this storage method.
.xcconfig files not committed to the repository or via CI environment variables, to prevent them from being exposed in the codebase.While we strive to use commercially acceptable means to protect your Personal Information, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure.
Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.
If we transfer your data, we will take steps to ensure that your data is treated securely and in accordance with this privacy policy and that appropriate safeguards are in place (e.g., Standard Contractual Clauses, Data Privacy Framework certification if applicable).
tickoff is not intended for use by children under the age of 13 (or the equivalent minimum age in the relevant jurisdiction). We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from children without verification of parental consent, we take steps to remove that information from our servers and/or the user's device.
If you have any questions about this Privacy Policy, wish to exercise your rights, or have privacy concerns, please contact us:
We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and/or by other means, such as a push notification, email, or an in-app modal, at least 30 days before the changes take effect. We will also update the "Last Updated" date at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.