🎙️ Whispery

 Demo

Privacy Policy

Your privacy is our priority. We believe in radical transparency.

Last updated: 9/16/2025

Overview

Whispery is a privacy-first demo application that generates voice summaries of your recent emails. We collect minimal data, store it temporarily, and delete everything automatically. This isn't just marketing speak—it's how our system actually works.

🔒 Privacy-First Design

  • One-time access only - No persistent login or stored credentials
  • Immediate token revocation - Gmail access revoked after processing
  • Limited use - Each email address can use the service up to 3 times
  • Automatic deletion - Voice files deleted after 1 day, no exceptions
  • Minimal data - We only store what's absolutely necessary
  • No tracking - No analytics, cookies, or behavioral monitoring

What Data We Collect

We collect only two pieces of information, and only when you actively use our service:

1. Your Email Address (Hashed)

Why we collect it: To enforce the lifetime limit of 3 uses per email address

How we store it: As a SHA-256 cryptographic hash (irreversible)

When it's deleted: Stored permanently to enforce lifetime usage limits

2. Your Voice Summary File

Why we create it: This is the core service - converting your email summary to speech

How we store it: As an audio file in secure cloud storage

When it's deleted: Automatically after exactly 1 day

What We DON'T Collect

  • Your email content - We read it to create your summary, then immediately discard it
  • Your personal information - No names, addresses, phone numbers, or demographics
  • Browsing behavior - No cookies, session tracking, or analytics
  • Device information - No IP addresses, browser fingerprints, or device IDs stored long-term
  • Login credentials - We use Google OAuth, so we never see your password

How We Process Your Emails

Here's exactly what happens when you use our service:

  1. One-Time OAuth: You grant temporary access using Google's OAuth with immediate token revocation after processing (no persistent authentication)
  2. Gmail Access: We read your last 24 hours of emails using the temporary access token
  3. Content Safety: We check email content for safety using Claude AI (emails never stored by Claude)
  4. Summary Generation: We create a summary using OpenAI (emails never stored by OpenAI)
  5. Voice Creation: We convert the summary to speech using Google Text-to-Speech
  6. Immediate Cleanup: All processed email content is immediately discarded from our systems
  7. Access Revocation: We immediately revoke your Gmail access token for maximum privacy

Data Retention & Automatic Deletion

We don't believe in keeping your data forever. Here's our automatic cleanup schedule:

⏰ Automatic Deletion Timeline

  • Email content: Deleted immediately after processing (never stored)
  • Voice summary files: Deleted automatically after 1 day
  • Email address hashes: Stored permanently to enforce lifetime limits
  • Processing logs: Deleted automatically after 24 hours

Third-Party Services

We use these trusted services to provide our functionality. None of them store your email content:

Google Services

Gmail API, OAuth, Text-to-Speech

Google Privacy Policy

OpenAI

AI-powered email summarization

OpenAI Privacy Policy

Anthropic (Claude)

Content safety validation

Anthropic Privacy Policy

Cloudflare

Hosting and file storage

Cloudflare Privacy Policy

Your Rights

Since we collect minimal data and delete everything automatically, here's what you should know:

  • Right to Access: Contact us to confirm what data we have (spoiler: very little)
  • Right to Deletion: Everything is deleted automatically, but you can request immediate deletion
  • Right to Portability: You can download your voice summary anytime before it expires
  • Right to Object: Simply don't use our service - no data collected

Security Measures

We take security seriously, even for temporary data:

  • All data transmission encrypted with HTTPS/TLS
  • OAuth-only authentication with immediate token revocation (we never see your password)
  • Email addresses stored as SHA-256 cryptographic hashes (irreversible)
  • Voice files stored in secure cloud storage with access controls
  • Regular security audits and updates

GDPR Compliance

For users in the European Union, we comply with GDPR requirements:

  • Lawful Basis: Consent (you actively choose to use our service)
  • Data Minimization: We collect only what's absolutely necessary
  • Storage Limitation: Automatic deletion ensures compliance
  • Transparency: This policy explains everything we do
  • Data Subject Rights: Contact us to exercise your rights

Changes to This Policy

If we update this privacy policy, we'll post the changes here with a new "last updated" date. Since this is a demo service with minimal data collection, major changes are unlikely.

Contact Us

Have questions about privacy or data handling? We're happy to help:

Email: privacy@email.whispery.site

Response Time: We aim to respond within 48 hours

Data Protection Officer: Available upon request for GDPR-related inquiries

Ready to Try Whispery?

Now that you know how we handle your privacy, you can use our service with confidence.

← Back to Home