TalkTheDoc
Privacy PolicyTerms of ServiceCookie PolicySecurity

Privacy Policy

How we collect, use, and protect your information

Last updated: December 26, 2025

1. Introduction

TalkTheDoc ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our voice-enabled document conversation platform.

By using TalkTheDoc, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name (first and last name)
  • Email address
  • Authentication credentials (managed by Clerk)

2.2 Document Data

When you upload documents, we store:

  • Full text content of your documents
  • Document metadata (filename, size, type, page count)
  • AI-generated summaries and suggested questions
  • Text embeddings for search functionality

2.3 Conversation Data

When you interact with our service, we collect:

  • Chat messages (both your questions and AI responses)
  • Voice recordings during voice sessions
  • Transcripts of voice conversations
  • Input mode preferences (text or voice)

2.4 Usage Information

We automatically collect:

  • Documents uploaded count
  • Voice minutes used
  • Chat messages sent
  • Session timestamps and duration
  • Feature usage patterns
  • Page views and navigation patterns (via Google Analytics)
  • Device and browser information (via Google Analytics)

2.5 Billing Information

Payment processing is handled by Polar. We store subscription status and plan information but do not store payment card details directly.

3. How We Use Your Information

We use your information to:

  • Provide and maintain our service
  • Process your documents and enable AI conversations
  • Generate document summaries and search embeddings
  • Process voice input and generate responses
  • Manage your account and subscription
  • Send service-related communications
  • Improve our service and develop new features
  • Enforce our terms and prevent abuse

4. Third-Party Services

We share data with the following third-party services to provide our functionality:

4.1 Authentication (Clerk)

Clerk handles user authentication and stores your login credentials securely. View their privacy policy at clerk.com/privacy.

4.2 AI Processing (OpenAI & Google)

Your document content and conversations are processed by:

  • OpenAI - For text chat responses, document summaries, and embeddings
  • Google Gemini - For real-time voice conversations

These services process your data to generate AI responses. We do not control how these providers handle data beyond their published policies.

4.3 Payment Processing (Polar)

Polar handles subscription billing. They receive your email address for payment receipts. View their privacy policy at polar.sh/legal/privacy.

4.4 Data Storage (Convex)

Your data is stored securely on Convex cloud infrastructure. View their privacy policy at convex.dev/legal/privacy.

4.5 Analytics (Google Analytics)

We use Google Analytics 4 to understand how users interact with our service. This helps us improve the user experience and identify issues.

Data collected includes:

  • Page views and navigation patterns
  • Feature usage (uploads, chat, voice sessions)
  • Session duration and frequency
  • Device type, browser, and general location (country/city)

This data is anonymized and aggregated. We do not use it to identify individual users. View Google's privacy policy at policies.google.com/privacy.

5. Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • Documents: Until you delete them or your account
  • Chat history: Until you delete the conversation or your account
  • Usage logs: For service improvement and billing purposes

When you delete your account, we remove your personal data from our active systems. Some data may be retained in backups for a limited period.

6. Data Security

We implement security measures including:

  • Server-side storage of all API keys (never exposed to clients)
  • Webhook signature verification for all external integrations
  • Rate limiting to prevent abuse
  • Ephemeral voice tokens that expire after 30 minutes
  • Encrypted data transmission (HTTPS/TLS)

7. Your Rights

Depending on your location, you may have rights to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Delete your account and associated data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to certain processing activities

To exercise these rights, contact us at contact@talkthedoc.com.

8. International Transfers

Your data may be transferred to and processed in countries other than your own. Our service providers (including OpenAI, Google, Clerk, and Convex) operate globally. By using our service, you consent to these transfers.

9. Children's Privacy

TalkTheDoc is not intended for users under 13 years of age. We do not knowingly collect information from children. If you believe we have collected data from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: contact@talkthedoc.com