Narada
Download for Mac
Legal

Privacy Policy

Last updated: 2026-04-29

This Privacy Policy explains how Narada ("the App") handles your data. The App is designed to be local-first: your recordings, transcripts, and notes stay on your Mac and are never uploaded to our servers. Only the optional AI features send transcript text to OpenAI, and only when you actively use them.

1. Who we are

The App is published by Ivan Stepanok, an individual sole developer based in Ukraine. For any privacy-related question or request you may contact us at stepanokdev@gmail.com.

1.1 Recording transparency

Narada records meeting audio only after you explicitly grant macOS Microphone and Screen & System Audio Recording permissions and either tap Record manually or approve a calendar-detected meeting (the default is to ask before recording every meeting — even with a calendar connected).

While a recording is in progress, the App always shows two visible indicators:

  • A persistent recording window in the bottom-right of your primary display, with elapsed time, audio levels, and a reminder to notify other participants.
  • A red recording icon in the macOS menu bar.

You are responsible for obtaining permission to record from every meeting participant where local law requires it (e.g., two-party-consent jurisdictions in the United States, GDPR-grounded consent in the EU, workplace and labor-law restrictions in your country). Narada surfaces a reminder, but the legal responsibility is yours.

2. What data we handle

2.1 On your device — local only

The following data is created and stored exclusively on your Mac, in your user Documents folder and the macOS Keychain. We never receive a copy:

  • Audio recordings of your meetings (microphone and system audio).
  • Transcripts produced by on-device speech recognition.
  • Meeting metadata you create (titles, notes, tags, follow-up items).
  • Cached calendar events from connected accounts (see 2.3).
  • OAuth refresh tokens for connected calendars, stored in the macOS Keychain.

Speech-to-text runs fully on-device using a local model. Your audio never leaves your Mac for transcription.

2.2 AI features — opt-in, with explicit consent

AI features (summaries, action items, chat over your meeting history) are OFF by default on a fresh install. Before any meeting content leaves your Mac for AI processing, you must:

  1. Pick a cloud AI mode (Subscription or Bring-your-own-key) in onboarding or in Settings → AI, and
  2. Tap Allow and continue on the explicit in-app consent sheet that names OpenAI as the recipient, describes what data is sent (text transcript only; audio never leaves your Mac), and explains the purpose.

This consent is recorded locally with a timestamp. You can review or revoke it at any time in Settings → AI → Cloud AI data sharing. Revoking immediately switches the App back to Off mode; no further AI requests are sent until you opt in again.

When you do use an AI feature, the relevant transcript text is sent to OpenAI through one of two routes:

  • Subscription mode (Pro): requests are routed through our proxy server, which adds your subscription token and forwards the request to OpenAI. The proxy logs technical metadata (request id, timestamp, token counts, cost in USD) for billing and abuse prevention. The proxy does not store the content of your transcripts or model responses.
  • Bring-your-own-key (BYOK) mode: the App calls OpenAI directly using your own API key. We do not see, transmit, or store these requests. Your usage is governed by your own agreement with OpenAI.
  • Local LLM mode (e.g., Ollama, LM Studio): requests go to a user-provided endpoint on your own network. No third party is involved and the cloud-AI consent does not apply.

OpenAI processes inputs subject to its API data usage policy. We use the OpenAI API (not ChatGPT), and OpenAI does not use API inputs to train its models by default. The raw audio file never leaves your Mac under any mode.

2.3 Calendar integration

Connecting a Google or Microsoft calendar is fully optional and disabled by default.

  • Google scopes requested: https://www.googleapis.com/auth/calendar.readonly, plus openid, email, profile for sign-in.
  • Microsoft scopes requested: Calendars.Read, User.Read, plus openid, profile, email, offline_access.
  • We use these scopes only to read upcoming and past events so the App can attach a recording to its corresponding meeting. We never modify, create, delete, or share calendar data.
  • Calendar event titles, times, and attendee email addresses are cached in a local SQLite database on your Mac. This data never leaves your device — it is not sent to our servers or to OpenAI.
  • You can disconnect a calendar at any time from the App's settings. Disconnecting deletes the local cache and revokes the refresh token from the Keychain.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2.4 Subscription & payments

If you purchase a Pro subscription, billing is handled entirely by Apple via the Mac App Store. We never see your card or payment details. We use RevenueCat as our subscription-management vendor, which receives the App Store transaction events and forwards your subscription status (active / trial / expired) to our server so we can grant access to AI features. The data we receive is limited to: the App User ID (a random identifier tied to your Mac, not your name or Apple ID), product identifier, transaction time, renewal/expiration dates, and country code.

2.5 Account & device identification

The App generates a random device-scoped UUID stored on your Mac in standard application preferences. This identifier is sent to our proxy server only when you use Pro AI features, so we can associate requests with your subscription and enforce fair-use limits. It is not used for marketing, advertising, or cross-app tracking, and is not shared with third parties beyond what is required for the operation of the proxy and RevenueCat.

2.6 Diagnostics

We do not embed third-party crash reporting or analytics SDKs in the App (no Sentry, no Crashlytics, no Mixpanel, no PostHog, no Google Analytics). The only diagnostic data we may receive is what Apple provides through the standard App Analytics dashboard in App Store Connect — aggregated, anonymized crash and usage statistics that you can opt out of in System Settings → Privacy & Security → Analytics & Improvements → Share Mac Analytics.

If we add product-usage analytics in the future (for example, to learn which screens are popular), they will be limited to anonymous, per-launch session identifiers without any stable device or user identifier, and this Policy will be updated accordingly.

3. How we use your data

We use the limited data we do receive only to:

  • Provide, maintain, and improve the App and its AI features.
  • Process Pro subscriptions and enforce fair-use quotas.
  • Detect, investigate, and prevent abuse (e.g., excessive request volume that suggests account sharing).
  • Comply with our legal obligations (accounting, tax, response to lawful requests).

We do not sell your data. We do not use your transcripts, recordings, or chat queries to train any AI model — neither ours nor OpenAI's. We do not use your data for behavioral advertising. We do not create user profiles or share data with data brokers.

We process the data described above on the following legal bases:

  • Performance of a contract (Art. 6(1)(b)) — for processing necessary to deliver the App and your subscription.
  • Legitimate interests (Art. 6(1)(f)) — for abuse prevention and improving service reliability, balanced against your privacy.
  • Consent (Art. 6(1)(a)) — for connecting an external calendar account, and for sending transcript text to cloud AI providers (OpenAI) in Subscription or BYOK mode. You may withdraw either consent at any time: disconnect the calendar, or revoke cloud AI sharing in Settings → AI.
  • Legal obligation (Art. 6(1)(c)) — for retaining transaction records as required by law.

5. Retention

  • Local data (recordings, transcripts, calendar cache, OAuth tokens): kept until you delete it from the App or remove the App. Uninstalling the App does not by itself delete your Documents — you may need to remove them manually.
  • Server-side usage logs (request id, token counts, cost): retained for up to 90 days, then deleted or aggregated.
  • Subscription / transaction records: retained for as long as required by tax and accounting law (typically up to 7 years), in accordance with applicable Ukrainian and EU regulations.

6. Third-party processors

We rely on the following processors to operate the service. Each is bound by its own privacy commitments:

  • Apple Inc. — App Store distribution and subscription billing.
  • OpenAI, L.L.C. — large-language-model and embeddings inference for AI features (Pro mode and BYOK mode).
  • RevenueCat, Inc. — subscription state management.
  • Hetzner Online GmbH — server hosting (EU data center) for our proxy.
  • Google LLC — only if you connect a Google calendar; OAuth and Calendar API.
  • Microsoft Corporation — only if you connect a Microsoft calendar; Microsoft Identity Platform and Microsoft Graph.

If you would like the current list of subprocessors at any time, contact stepanokdev@gmail.com.

7. International data transfers

Our proxy server is hosted in the European Union. Some of our processors (Apple, OpenAI, RevenueCat, Google, Microsoft) operate globally, which may involve transfers of limited technical data outside the EU/EEA. Where applicable, these transfers are covered by the EU Standard Contractual Clauses or equivalent safeguards published by the respective vendors.

8. Your rights

If you are located in the EU, the UK, California, or another jurisdiction with similar protections, you have the right to:

  • access the data we hold about you;
  • request correction or deletion;
  • request portability in a machine-readable format;
  • object to or restrict certain processing;
  • withdraw consent (where consent is the legal basis);
  • lodge a complaint with your local data-protection authority.

Note that almost all of your data is stored locally on your Mac — you can access, export, or delete it directly from the App without contacting us. For server-side data (subscription records, usage logs), email stepanokdev@gmail.com with your request and your App User ID (visible in the App under Settings → Account). We will respond within 30 days.

California residents: we do not "sell" or "share" personal information as defined under the CCPA/CPRA, and we do not respond to Do-Not-Track browser signals because the App is not a website.

9. Children

The App is not directed to children under 13, and we do not knowingly collect data from them. If you believe a child has used the App, please contact us so we can delete the relevant data.

10. Security

We use TLS for all server communication. OAuth refresh tokens are stored in the macOS Keychain. Server-side databases are access-restricted and patched regularly. No system is perfectly secure; if we ever discover a breach affecting your data, we will notify affected users without undue delay, in line with applicable law.

11. Changes to this policy

We may update this Policy from time to time. Material changes will be announced inside the App at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent version. Continued use of the App after the effective date constitutes acceptance of the revised Policy.

12. Contact

For any question about this Policy or your data, contact stepanokdev@gmail.com.