[00:00]// Legal
Privacy Policy
Updated
Effective date: 3 July 2026. SpeekSearch is a live-conversation research copilot: it listens to audio you choose to capture, transcribes it in real time, and shows AI research cards about the people, places and topics that come up. A tool that listens to conversations should be very clear about what it does with them — so this policy is written in plain English, and every claim in it reflects how the product actually works.
On this page
- The short version
- Who we are
- What we collect
- How your audio is handled
- Transcripts and research cards
- Payments
- Emails
- Cookies, local storage and tracking
- Third-party services
- Where your data lives (overseas disclosure)
- How long we keep things
- Deleting your account and data
- Security
- Your rights
- Changes to this policy
- Contact
The Short Version
- We never store your audio. Anywhere.When you start listening, audio streams directly from your browser to our speech-recognition provider (Deepgram). The app never sends your audio to SpeekSearch’s own servers — it goes straight to Deepgram, and we never store it.
- We don’t store your transcripts or conversations on our servers. Transcripts live only in your browser’s memory and disappear when you close or reload the tab.
- Your research cards are saved only on your device (browser local storage), and you can clear them at any time.
- No advertising trackers, no analytics SDKs, no third-party cookies — none.Our security policy technically prevents your browser from contacting anything except our own backend (hosted with Supabase), Deepgram, Google’s AI API and Wikipedia while you use the app.
- Your card details never touch our systems. Payments are handled entirely by Stripe on Stripe-hosted pages.
- What we do store: your email address, encrypted password credentials (managed by Supabase Auth), your subscription state and your usage minutes — not what you said.
- Where: your account data is stored in Australia (Sydney). Audio transcription and AI processing use overseas providers, mainly in the United States.
Who We Are
SpeekSearch Pty Ltd (ABN 71 685 968 138) (“SpeekSearch”, “we”, “us”, “our”) operates speeksearch.com, a browser-based service that transcribes live conversation and generates AI research cards. We’re an Australian company based in Queensland, and we handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
SpeekSearch runs entirely in your browser — there is no meeting bot, nothing joins your calls, and nothing is installed on your device. That design choice matters for privacy: it means the product only ever hears what your microphone hears, only while you have pressed listen.
Questions about this policy or your data can go to hello@speeksearch.com.
What We Collect
Account information
- Email address and password. You sign up with an email and password. Passwords are handled entirely by our authentication provider (Supabase Auth) as encrypted credentials — our application code never stores or sees your password.
- Basic device information. When you log in, we record a short identifier for your browser (the first part of its user-agent string) and a last-active timestamp, so you can see where your account is used.
- Your settings. Language preference and any custom trigger words you set up are saved to your account so they follow you across devices.
Billing and usage records
- Subscription state: your plan (trial, Starter, Pro, top-ups), its status, billing period dates, and your Stripe customer and subscription identifiers.
- Usage minutes. Usage is metered in live-research minutes — the time you spend recording and researching. Our usage records are metadata only — things like session identifiers, seconds of audio streamed, and the length (a character count, not the text) of AI requests. They never contain what was said.
What we deliberately do not collect
- Recordings of your audio — we never store audio, anywhere.
- Transcripts of your conversations in our databases.
- Behavioural analytics, advertising identifiers or tracking profiles — we don’t run any analytics or ad tech at all.
How Your Audio Is Handled
This is the part that matters most, so here it is in detail.
- Your microphone is only used when you start it. SpeekSearch asks your browser for microphone access, and your browser stays in control of that permission. Nothing is captured until you begin a listening session, and capture stops when you stop the session or close the tab.
- Audio streams directly from your browser to our speech-recognition provider, Deepgram. The stream travels over an encrypted connection straight from your device to Deepgram for real-time transcription. The app’s code never sends your audio to SpeekSearch’s own servers, and we never store it. Our security policy also blocks the app from contacting any host other than Deepgram, our own backend, Google’s AI API and Wikipedia.
- Our server’s only role is to issue a short-lived (five-minute) access token that lets your browser open the transcription stream, and to receive a count of seconds streamed so we can meter your minutes. Neither of those requests contains audio.
- We never store your audio.There is no recording, no audio file, and no audio database column anywhere in SpeekSearch. The only buffering is a rolling few seconds held in your own browser’s memory so the stream can recover from a dropped connection — it’s discarded as soon as the session ends.
- A pseudonymous account identifier travels with the stream. Each transcription stream is tagged with an internal account ID (not your name or email) so we can reconcile usage with Deepgram. Deepgram processes audio under its own data-processing terms — see Deepgram’s privacy policy.
One thing that’s your job, not ours: if you use SpeekSearch to transcribe conversations involving other people — meetings, interviews, calls — you’re responsible for getting any consent that recording and listening laws in your jurisdiction require.
Transcripts, Research Cards and Voice Commands
Transcripts stay in your browser
The live transcript you see on screen exists only in your browser’s memory. We don’t store your transcripts or conversations in our databases, and they’re gone when you close or reload the tab. Voice commands like “look up X” are just part of that same live transcript and are handled identically.
How research cards are generated
- To generate a card, short transcript snippets and recent conversation context are sent from our backend to Google’s Gemini API, which returns the card text. Google processes this under its own data-processing terms — see Google’s Gemini API terms.
- One honest footnote: to avoid paying for the same AI request twice, the AI-generated card text (which can reflect what was said) is briefly cached on our servers to serve identical repeat requests — it stops being served after about five minutes and is automatically deleted within about ten. The transcript text itself is not stored; the cache is looked up by a one-way fingerprint of the request.
- When you use Ask AIon a card, your browser fetches background information for that card’s term (for example, a person’s name) directly from Wikipedia’s public API. Wikipedia therefore sees your IP address and the term looked up — never your transcript.
- The Google and YouTube buttons on cards are ordinary search links that open in a new tab when you click them. There are no embeds or tracking pixels — nothing is sent to Google or YouTube unless you click.
Cards are saved on your device
Research cards (including pinned cards and Ask AI answers) are saved only in your browser’s local storage on your own device — never synced to our servers. You can clear them at any time from within the app, and clearing your browser data removes them too.
Payments
Payments for subscriptions (Starter A$12/month, Pro A$25/month) and minute top-ups (A$5) are processed by Stripe on Stripe-hosted checkout and billing pages. Your payment card details never touch our systems — there are no card fields anywhere in SpeekSearch.
- We send Stripe your email address and your SpeekSearch account ID so payments can be matched to your account.
- We store the resulting subscription state: Stripe customer and subscription identifiers, your plan and status, billing period dates, and your minute balances.
- Stripe processes your payment information under its own privacy policy — see Stripe’s privacy policy.
Emails
No marketing emails — we don’t run a mailing list. We only email you for account actions, such as confirming your email address when you sign up. Those transactional emails are delivered through Resend, which processes your email address for that purpose (see Resend’s privacy policy).
Cookies, Local Storage and Tracking
Cookies
We only use cookies to keep you signed in. SpeekSearch sets authentication session cookies (managed by Supabase Auth) and nothing else — no advertising cookies, no analytics cookies, no third-party cookies. That’s why there’s no cookie banner: there’s nothing to consent to beyond staying logged in.
Local storage
The app saves a few things in your browser’s local storage, all of which stay on your device and are never uploaded:
- Your saved research cards (up to 100)
- Your chosen microphone device
- Interface preferences (card auto-dismiss, panel layout and split position)
Trackers: none
SpeekSearch contains no advertising trackers, no analytics SDKs and no tracking pixels. This isn’t just a promise — our Content-Security-Policy technically prevents the browser from contacting anything except our own backend (hosted with Supabase), Deepgram, Google’s AI API and Wikipedia. Fonts are bundled with the site, so there are no font-service requests either.
Third-Party Services and What Each Receives
We keep the list of services short and give each one only what it needs. Each provider processes data under its own privacy and data-processing terms, linked below.
| Provider | Location | What it receives |
|---|---|---|
| Deepgram | United States | Your live audio stream (directly from your browser) and a pseudonymous account identifier; produces the transcript |
| Google (Gemini API) | United States | Transcript snippets and conversation context needed to generate research cards; card terms and Wikipedia extracts for Ask AI answers |
| Stripe | United States / global | Your email address and account ID; your payment details (entered on Stripe-hosted pages only) |
| Supabase | Australia (Sydney) | Hosts our database and authentication: account details, encrypted password credentials, settings, subscription state and usage records |
| Resend | United States | Your email address, for delivering account emails |
| Vercel | United States / global | Hosts the website: standard web-hosting request data such as IP addresses and request logs |
| Sentry | United States | Error and diagnostic reports when something breaks: technical error details, and where relevant the account ID or IP address attached to that error — never your transcript or audio |
| Wikipedia (Wikimedia) | United States | The looked-up card term and your IP address (your browser calls Wikipedia directly for Ask AI background) — never your transcript |
We do not sell personal information, and we don’t share it with anyone beyond the providers above except where the law requires us to.
Where Your Data Lives (Overseas Disclosure)
Under APP 8 we need to tell you when personal information leaves Australia. Here’s the honest map:
- Stored in Australia: your account data — email, encrypted credentials, settings, subscription state and usage records — is stored with Supabase in the Sydney region.
- Processed overseas:audio transcription (Deepgram) and AI card generation (Google’s Gemini API) happen in the United States. Stripe, Resend, Sentry (error monitoring) and Vercel also operate primarily from the United States or globally.
These providers process data under their own published privacy and data-processing terms (linked in the table above), and we limit what each receives to what its job requires. If you’re not comfortable with overseas processing of your audio and AI requests, SpeekSearch isn’t able to offer an Australia-only processing mode at this time.
How Long We Keep Things
| Data | Retention |
|---|---|
| Audio | Never held by SpeekSearch. Deepgram’s handling is governed by its own terms. |
| Transcripts | Your browser’s memory only — gone when you close or reload the tab. |
| Cached AI card text | No longer served after about five minutes and automatically deleted from our servers within about ten. |
| Research cards | On your device until you clear them. |
| Usage records (metadata only) | Kept in our active systems for 90 days, then moved to an archive we retain for billing integrity and dispute resolution. |
| Account and billing records | For as long as your account exists, then deleted on request (subject to records we must keep by law, e.g. for tax purposes). |
Deleting Your Account and Data
We don’t yet offer a self-serve delete button in the app. To delete your account, email hello@speeksearch.com from your account’s email address and we’ll delete your account and the personal information we hold about it. We may need to retain limited billing records where the law requires it (for example, tax and payment-dispute records held with Stripe).
Remember that your research cards live in your own browser’s local storage — clear them in the app or via your browser’s site-data settings; we can’t reach them from our side.
Security
- Encryption in transit: all traffic — including the audio stream to Deepgram — travels over encrypted (TLS) connections.
- Passwords: handled by Supabase Auth as encrypted credentials; we enforce a minimum length and complexity, and our application never stores your password.
- Database isolation: row-level security is enabled on every table, so an account can only ever read its own records.
- Locked-down browser policy: a strict Content-Security-Policy limits what the app can talk to, which blocks whole categories of attack (and, as a side effect, makes third-party tracking technically impossible).
- Minimal data by design:the best protection for your conversations is that we don’t keep them. You can’t breach what was never stored.
No system is perfectly secure, and we can’t promise otherwise — but if we become aware of a data breach that’s likely to cause serious harm, we’ll notify affected users and the regulator as required by the Notifiable Data Breaches scheme.
Your Rights
Under the Privacy Act 1988 (Cth) and the APPs, you can:
- Accessthe personal information we hold about you — email us and we’ll provide it.
- Correctit if it’s wrong — you can change your password in the app; for anything else, email us.
- Delete your account and data, as described above.
- Complain.If you think we’ve mishandled your information, contact us first at hello@speeksearch.com and we’ll respond within 30 days. If you’re not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Nothing in this policy excludes or limits rights you have under the Australian Consumer Law or any other law that can’t be excluded. This policy is governed by the laws of Queensland, Australia.
Changes to This Policy
If we change how we handle your data, we’ll update this page and the date at the top. For material changes — anything that expands what we collect or who we share it with — we may also notify you at your account email. The current version always lives at speeksearch.com/privacy.
Contact
SpeekSearch Pty Ltd (ABN 71 685 968 138) — Queensland, Australia
Email: hello@speeksearch.com
Effective 3 July 2026. This policy describes the SpeekSearch product as it actually operates — if you spot anything that doesn’t match your experience, tell us and we’ll fix the product or the policy, whichever is wrong.