Privacy Policy for GramAI
Last updated: March 05, 2026
Introduction
We ("we," "our," or "us") operate the GramAI mobile application (the "Service"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
App Overview
GramAI is an AI-powered content curation and chat assistant. The app uses artificial intelligence — including third-party AI services — to personalise your experience, curate content recommendations, and provide conversational assistance based on your stated preferences.
Information Collection and Use
Device Permissions
GramAI requires microphone access to function properly. This permission is used solely for the purpose of recording audio as initiated by you. We do not access your microphone without your explicit action to start a recording.
Additional Permissions:
- Storage: To save recordings and app data locally
- Notifications: To send you reminders and updates
- Network: To sync data and provide transcription services
Data We Do Not Collect
We want to be clear about what we don't collect:
- We do not collect personal information beyond what's provided during sign-up
- We do not track your precise location
- We do not collect your browsing history
- We do not access other apps on your device
- We do not collect biometric data beyond voice for transcription
- We do not record conversations without your explicit action
Data Shared with Third-Party AI Services
GramAI uses third-party AI services (such as Google Gemini and OpenAI) to power its chat and content personalisation features. Below is a clear description of exactly what data is shared with these services, how it is shared, and what is not shared.
What Data Is Sent
- Chat messages and stated preferences: When you interact with the GramAI chat, the text of your messages — including any content preferences, topics of interest, or opinions you voluntarily share during the conversation — is sent to third-party AI services for processing.
- Article context: If you ask about a specific news article or piece of content, a summary or excerpt of that article may be sent alongside your query to provide relevant responses.
What Data Is NOT Sent
- Your name, phone number, email address, or any other account credentials are never shared with third-party AI services.
- Your device information, location data, IP address, or unique device identifiers are not sent to third-party AI services.
- Your browsing history, contacts, or any data from other apps on your device are not shared.
Who the Data Is Sent To
- Google (Gemini API): Google LLC, based in the United States. Google's privacy policy applies to data processed through their API. Google Privacy Policy.
- OpenAI (GPT API): OpenAI, L.L.C., based in the United States. OpenAI's usage policies and privacy policy apply. OpenAI Privacy Policy.
How the Data Is Sent
- All data is transmitted securely via encrypted HTTPS (TLS) connections.
- Data is sent through our backend servers (not directly from your device to the AI provider), allowing us to strip any personally identifiable information before forwarding.
- We do not allow third-party AI providers to use your data for training their models. We use API configurations that opt out of data retention and training where available.
Your Consent
- Before you use the chat feature, the app will ask for your explicit consent to share your chat messages and stated preferences with third-party AI services.
- You may withdraw consent at any time by deleting your account or contacting us at support@gram.ai.
- If you do not provide consent, you will not be able to use the AI chat feature, but all other app features remain available.
Account Information
- Authentication: Email address, name, and profile picture (via Google/Apple Sign-In)
- User ID: Unique identifier for your account
- Device Information: Device type, operating system, and app version for compatibility
Usage Analytics
- App Analytics: Feature usage, session duration, and performance metrics (anonymized)
- Meeting Metadata: Meeting titles, dates, duration, and transcription results
- Sharing Activity: When you share meetings via secure links
- Error Reports: Crash logs and error reports to improve app stability
3. How We Use Your Information
- Transcription Services: Convert audio recordings to text using AI
- Meeting Analysis: Generate summaries, action items, and key insights
- Account Management: Provide secure access to your meetings and data
- App Improvement: Analyze usage patterns to enhance features
- Communication: Send important updates about the service
- Technical Support: Provide customer support and troubleshooting
Storage of Data
Server Storage
- Audio recordings and derived artifacts (such as transcripts and AI analysis) may be stored on our servers to deliver the Service and improve accuracy and reliability.
- We use Google Firebase and Google Cloud Platform for secure cloud storage with enterprise-grade security.
- We retain recordings for as long as necessary for the purposes described above or as required by law. Retention periods may vary based on operational needs and legal requirements.
- Upon verified request, we will delete or anonymize recordings from our systems, subject to legal or legitimate business obligations.
Local Storage
- Some recordings or cached data may be stored locally on your device to support app functionality and offline access.
- You can manage or delete locally stored files using your device settings or in-app controls, where available.
- Local data is protected by your device's security features.
Third-Party Cloud Infrastructure
- We use reputable cloud service providers (Google Cloud Platform/Firebase) to host and process recordings on our behalf under strict contractual and security obligations.
- All recordings are encrypted in transit (TLS) and at rest (AES-256).
- Access to your data is strictly controlled and monitored.
5. Data Sharing and Disclosure
5.1 We DO NOT sell your personal data to third parties.
5.2 We may share information in these limited circumstances:
- Service Providers: Google Firebase for hosting and analytics
- Third-Party AI Services: Google Gemini and OpenAI for chat processing and content personalisation. Only your chat messages and stated content preferences are shared — no personal identifiers (name, phone number, email) are sent. See "Data Shared with Third-Party AI Services" above for full details.
- Legal Requirements: When required by law or legal process
- Safety: To protect rights, property, or safety of users
- Business Transfers: In case of merger, acquisition, or asset sale
5.3 Meeting Sharing
- Secure Links: You control when and with whom to share meetings
- Access Control: Shared meetings are accessible only via secure links
- Revocation: You can revoke sharing access at any time
6. Third-Party Services
GramAI integrates with the following third-party services:
- Google Firebase: Authentication, database, storage, and analytics
- Google Sign-In: Account authentication service
- Apple Sign-In: Account authentication service
- Google Gemini (AI): Chat processing and content personalisation — receives only chat messages and stated preferences, no personal identifiers
- OpenAI (AI): Chat processing and content personalisation — receives only chat messages and stated preferences, no personal identifiers
- Meta SDK: Analytics and app events (Facebook Analytics)
These services have their own privacy policies governing their use of your information. All third-party AI services provide the same or equivalent level of data protection as described in this policy.
7. Your Privacy Rights
7.1 Access and Control
- Access: View all your stored meetings and data
- Download: Export your meetings and transcriptions
- Delete: Remove individual meetings or your entire account
- Correct: Update your profile information
7.2 Communication Preferences
- Notifications: Control push notifications in app settings
- Marketing: Opt out of promotional communications
- Analytics: Opt out of data collection for analytics
8. Data Retention
- Active Accounts: Data retained while your account is active
- Deleted Meetings: Permanently deleted within 30 days
- Account Deletion: All data deleted within 90 days of account closure
- Legal Hold: May retain data longer if required by law
- Backups: Data in backups deleted according to backup retention policies
9. Children's Privacy
GramAI is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us to have the information removed.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information during such transfers, including:
- Google Cloud Platform's global infrastructure and security measures
- Compliance with applicable data protection regulations
- Contractual protections for international data transfers
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy in the app
- Sending a notification through the app
- Updating the "Last updated" date at the top of this policy
Your continued use of GramAI after any changes constitutes acceptance of the updated Privacy Policy.
Security of Data
The security of your data is important to us. We implement administrative, technical, and physical safeguards appropriate to the nature of the data, including:
- Encryption: End-to-end encryption in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access with multi-factor authentication
- Monitoring: Continuous security monitoring and threat detection
- Regular Audits: Security assessments and compliance reviews
- Data Minimization: We collect and retain only what's necessary
While no method of transmission or storage is 100% secure, we work to protect your information and continuously improve our security practices.
Your Rights
You have the right to:
- Access, update, or delete your recordings and account data
- Control when and how recording takes place
- Download your data in a portable format
- Withdraw consent for microphone or other permissions through your device settings
- Request deletion of server-stored recordings
- Opt out of data use for model training
Compliance with Laws
This privacy policy is compliant with various privacy laws and regulations, including:
- General Data Protection Regulation (GDPR) - European Union
- California Consumer Privacy Act (CCPA) - United States
- Personal Data Protection Act (PDPA) - Singapore
- Apple App Store and Google Play Store guidelines
- Industry best practices for mobile application privacy
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: support@gram.ai
- Website: https://gram.ai