Privacy Policy for SayWaader

Last Updated: Mar 31, 2026

RokaByte LLC, a California Limited Liability Company (“RokaByte,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SayWaader mobile application, our website located at saywaader.com (“Website”), and related services (collectively, the “Service”).

GEOGRAPHIC SCOPE: This Service is intended for use by individuals located in the United States and other supported jurisdictions listed in Section 10. This Service is NOT intended for, nor marketed to, residents of the European Economic Area (EEA) or the European Union (EU). If you are an EEA/EU resident, please do not use the Service.

Please read this Privacy Policy carefully. BY ACCESSING OR USING THE SERVICE, YOU AGREE TO THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE, DO NOT ACCESS OR USE THE SERVICE.

This Privacy Policy should be read in conjunction with our Terms of Service.

1. Information We Collect

In the course of providing the Service, we may collect various types of information from and about you, as described below. The specific types of information we collect may depend on the features you use and how you interact with the Service.

(A) Personal Data You Provide to Us:

  • Account Information: When you register for an account, which may involve using third-party authentication providers (such as Google Sign-In or Apple Sign-In, or other providers we may support in the future), we receive certain profile information from these services or directly from you. This may include your name, email address, and profile picture, as permitted by your settings on those services, their privacy policies, or the information you provide during registration.
  • User Content: We process the content and information you create, input, upload, or store within SayWaader to provide immediate feedback. This includes voice recordings, text inputs, practice session data, and any other materials you generate or manage through the Service (“User Content”). While this content is processed by our third-party AI providers to generate results, the content itself is stored locally on your device and is not retained on RokaByte servers.
  • Audio Recordings for Pronunciation Practice: To enable pronunciation analysis, the Service captures your audio input. This audio data is transmitted to our third-party AI service provider, Google (Gemini API), for analysis. This processing is transient: RokaByte transmits the audio for processing, and once the analysis (feedback/score) is returned, the audio file is stored locally on your device. RokaByte does not retain a copy of your audio recordings on our cloud servers. As of the “Last Updated” date of this Privacy Policy, Google’s terms for Paid Services indicate that they do not use your audio prompts to improve their general AI models.
  • Support, Feedback, and Bug Reports: When you use the “Provide Feedback” feature in the App, the Service automatically associates your submission with your registered account identifiers, including your name and email address. We also collect the specific text and content of your report. If you contact us via direct email, reply to our follow-up communications, or use other channels, we collect the information you share, including the message history and any attachments or diagnostic data. We process this information to investigate issues, improve the Service, and maintain a record of our correspondence with you.

(B) Information We Collect Automatically:

  • Usage Data: We automatically collect information about your interactions with the Service using Firebase Analytics and other tools. This includes features you use, actions you take (e.g., initiating analysis requests, consuming credits), settings configurations, timestamps, and frequency of use. We specifically track the count and frequency of your feature usage associated with your account for the purpose of enforcing credit limits, managing quotas, and preventing abuse.
  • Device and Technical Information: We collect information about the device or browser you use to access the Service, such as your device model, operating system and version, browser type, app version, IP address (which may be used to infer approximate geographic location), device identifiers.
  • Practice History and Recordings (Local Storage): Your audio recordings, feedback (including scores and text-based corrections), and practice logs are stored locally on your device. This data is not automatically synced to our cloud servers. If you delete the App or switch devices without a backup, this history will be permanently lost.

(C) Information from Third Parties:

  • Authentication Providers: As mentioned, if you use a third-party service to create or log into your account (e.g., Google Sign-In, Apple Sign-In, or others we may offer), we receive profile information from that provider as permitted by their policies and your privacy settings on that service.
  • Subscription Management (RevenueCat): We receive your Firebase Auth UID and subscription status information from RevenueCat to manage your Free or Pro tier access and monitor your Credit balance. We do not receive or store your payment card details; these are handled by Apple App Store or Google Play Store.

2. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, operate, maintain, and improve the Service.
  • Create and manage your account, and authenticate your access.
  • Process your User Content with AI/LLM services to provide the Service’s functionalities.
  • Personalize your experience (e.g., remember your preferences).
  • Process subscriptions, manage user tiers (Free/Pro/Ultra), and track consumption of Credits (Usage Ledger).
  • Enforce our “No Re-registration” policy and prevent abuse of the Free Tier by retaining a cryptographic hash of credentials for voluntarily deleted accounts.
  • Communicate with you, including responding to your inquiries, providing customer support, engaging in follow-up correspondence regarding feedback or bug reports, and sending you service-related announcements, updates, security alerts, and administrative messages.
  • Monitor and analyze trends, usage, and activities in connection with our Service to improve user experience and performance. This may include using aggregated and anonymized data for our business purposes, such as data analysis, audits, fraud monitoring and prevention, diagnosing and fixing technical problems, developing new products and features, enhancing, improving or modifying our Service, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
  • Enforce our Terms of Service, prevent abuse, and ensure the security and integrity of our Service (e.g., rate limiting, Firebase App Check).
  • Comply with legal obligations and protect our rights and the rights of others.
  • For any other purpose with your consent.

AI Model Training Clarification: RokaByte LLC does not use your identifiable User Content to train its own proprietary AI models (if any exist separately from third-party provided models). When you use SayWaader, your User Content (such as audio for transcription or text prompts for AI features) is processed by our third-party AI service provider, Google (using the Gemini API as a “Paid Service”). As of the “Last Updated” date of this Privacy Policy, Google’s terms for such Paid Services (see Gemini API Additional Terms of Service) state that Google does not use your prompts or responses from this Paid Service usage to improve their general AI models. Their processing is governed by their specific Data Processing Addendum. While we select vendors that contractually agree not to train on your data, RokaByte provides the interface, not the underlying AI infrastructure. You acknowledge that RokaByte does not have visibility into the internal processing logs of third-party providers. RokaByte makes no warranties regarding the data retention or training practices of third-party providers beyond passing through their then-current terms of service. To the maximum extent permitted by law, RokaByte disclaims all liability for the data handling acts, omissions, or security breaches of third-party AI providers. Your use of the Service constitutes an acknowledgment that you are subject to the inherent risks of third-party AI processing. Because these third-party terms can be updated by Google, we encourage you to review them directly for the most current information on their data handling practices.

3. How We Share Your Information

We may share your information in the following situations:

  • With Third-Party Service Providers: We share information with third-party vendors, consultants, and other service providers who perform services on our behalf. These include:
    • Cloud Infrastructure (Firebase by Google): We use Firebase for authentication, analytics, app security (App Check), and to store Account Metadata (such as credit balances and subscription status). Note: Your User Content remains stored locally on your device and is not hosted on Firebase.
    • AI/LLM Provider (Google Gemini API - Paid Service): To provide the Service’s analysis and feedback features, we transmit relevant User Content (which may include audio, text inputs, and associated metadata) to Google’s Gemini API for processing. As of the “Last Updated” date of this Privacy Policy, Google’s terms for this Paid Service (see Gemini API Additional Terms of Service) indicate they do not use your prompts or responses from this Paid Service to improve their general AI models and process this data under their Data Processing Addendum, logging data for a limited time for abuse detection and legal purposes. You acknowledge that Google’s data handling practices are ultimately governed by their terms and data processing agreements, which can change, and which we encourage you to review.
    • Subscription Management (RevenueCat): We share your Firebase Auth UID with RevenueCat to manage your subscription status.
    • Analytics Providers (Firebase Analytics): To help us understand usage patterns.
  • For Legal Reasons: We may disclose your information if we believe it’s necessary to:
    • Comply with applicable law, regulation, legal process, or governmental request.
    • Enforce our Terms of Service, including investigation of potential violations.
    • Detect, prevent, or otherwise address fraud, security, or technical issues.
    • Protect the rights, property, or safety of RokaByte, our users, or the public as required or permitted by law.
  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your account information, subscription status, and usage ledger may be transferred as part of that transaction. Please note that because your User Content and practice history are stored locally on your device, this data cannot be transferred by us and will remain on your device regardless of any change in ownership. We will use reasonable efforts to notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information, as well as any choices you may have.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you for research, analysis, or other purposes. For example, we may share statistics about Service usage.
  • With Your Consent: We may share your information for other purposes with your explicit consent.

We do not sell your personal information. SayWaader does not currently display third-party advertisements. If this changes, we will update this Privacy Policy.

4. Data Storage and Security

  • Data Location: Your account metadata, subscription status, and credit ledger are stored in Firebase Firestore and processed in the United States. However, your User Content and practice data (including recordings, feedback, scores, and other learning progress) remains stored locally on your personal device.
  • Security Measures: We implement reasonable administrative, technical, and physical security measures designed to protect your information from unauthorized access, use, alteration, or destruction. This includes using Firebase security features and securing API keys.
  • Your Role in Security: In addition to the security measures we implement, the security of your information also depends on you. You are responsible for keeping your account credentials (including your social login details and any app-specific passcode) confidential and for using secure practices when accessing the Service.
  • Limitations: Despite our efforts, no security measures are perfect or impenetrable. We cannot guarantee the absolute security of your information. Any transmission of information is at your own risk.
  • Data Breach Notification: In the event of a data breach that is likely to result in a real risk of harm to individuals, we will investigate the matter and notify the affected individuals and relevant authorities as required by applicable law.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. We may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, protect our assets, enforce our agreements, and for legitimate business purposes (e.g., improving the service with aggregated/anonymized data).

  • Locally Stored Data: User Content and other data generated by your use of the App (such as practice history, feedback, progress tracking, and settings) are retained locally on your device until you delete them or uninstall the application. RokaByte does not host this data. Consequently, if you lose your device or uninstall the App, RokaByte cannot recover this data for you.
  • Inactive Accounts: As per our Terms of Service, accounts inactive for twelve (12) months may be deleted, along with associated data, after a 30-day notice period.
  • Deleted Account Credentials: If you voluntarily delete your account, RokaByte retains a cryptographic hash for as long as necessary to protect the security and integrity of the Service. This limited data is used strictly to enforce our usage policies and prevent unauthorized account creation. Because this processing is required for security and fraud prevention purposes, it may be exempt from certain data erasure requests to the extent permitted by law.

6. Your Rights and Choices

You have certain rights and choices regarding your personal information, which you can exercise as described below. Depending on your jurisdiction, you may have additional legal rights, which are detailed in Section 10.

  • Access and Update: You can view your locally stored practice history and recordings by opening the App. The name and email address associated with your Google or Apple login are provided by those services. While you cannot change this information directly through SayWaader, updates made in your Google or Apple account will generally be reflected in your SayWaader profile upon subsequent logins. You can manage app connections and data sharing through your respective Google or Apple account settings.

  • Delete User Content(Local Data): Because your User Content and practice history are stored exclusively on your device, RokaByte cannot delete this data for you. To delete your locally stored data, you must uninstall the SayWaader application or use your device settings to “Clear App Data.” This action will permanently erase all User Content and history stored on that device.

  • Account Deletion and Data Erasure: You have the right to delete your account and erase your associated personal data. We provide two methods for you to exercise this right:

    • Option 1. In-App Deletion (Recommended): The fastest and most direct way to permanently delete your account is through the settings menu within the SayWaader application.

    • Option 2. Email Request: You may also request deletion by sending an email to saywaader_support@rokabyte.com. To help us identify your account and process your request efficiently, please use the exact subject line: “Request to delete account and data [Your Google or Apple Account Email]”, replacing the bracketed text with the email address you use to sign in to SayWaader. For your security, we will take steps to verify your identity to confirm you are the legitimate owner of the account before processing any deletion request submitted via email.

    CRITICAL NOTICE ON LOCAL DATA: Regardless of the method used (In-App or Email), deleting your account only removes your data from RokaByte’s cloud servers (such as your account ID and subscription ledger). RokaByte does not have remote access to your device and cannot wipe any data stored locally within the App. To permanently erase all locally stored history, files, and content, you MUST also manually uninstall the SayWaader application or use the “Clear App Data” function in your device settings.

    Regardless of the method you choose, we will process your request in accordance with applicable law and our data retention policies. Please be aware that some information may be retained for a limited period for legal or legitimate business purposes, including for backup, archival, fraud prevention, or audit purposes, or as otherwise required by law. The methods for exercising these rights may be subject to limitations and exceptions under applicable law.

  • Location Services: You can disable location services through your device settings if you do not want us to collect location information.

  • Promotional Communications: If we send promotional emails, you can opt-out by following the unsubscribe instructions in those emails. You may still receive transactional or administrative emails related to your account and the Service.

7. Children’s Privacy

The Service is intended for users who are at least 18 years of age or older. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that an individual under the age of 18 has provided us with personal information, or in violation of our Terms of Service, we will take steps to delete such information from our files.

If you are a parent or guardian and believe that an individual under the age of 18 (for whom you are responsible) has provided us with personal information, please contact us at saywaader_support@rokabyte.com so that we can take appropriate action. By using the Service, you represent that you are at least 18 years old.

8. Third-Party Websites and Services

The Service may contain links to third-party websites or services that are not owned or controlled by RokaByte. This Privacy Policy does not apply to the practices of third parties that we do not own or control. We encourage you to review the privacy policies of any third-party service you interact with.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make changes we determine to be material, we will endeavor to notify you before such changes become effective. Notification methods may include updating the “Last Updated” date at the top of this policy, providing notice through the Service (such as a pop-up or announcement), or, where we deem it appropriate for significant changes or if required by applicable law, by sending a notification to your registered email address. The timing and method of notice will be at our reasonable discretion, taking into account the nature of the changes and applicable legal requirements. We encourage you to review this Privacy Policy periodically to stay informed about our information practices. Your continued use of the Service after any changes to this Privacy Policy become effective constitutes your acceptance of such changes.

10. Jurisdiction-Specific Provisions

The following provisions apply to users located in the specific jurisdictions listed below and are intended to supplement the terms in the main body of this Privacy Policy. In the event of a conflict between this Section 10 and the rest of the Privacy Policy, this Section 10 shall control for users in the applicable jurisdiction.

10.1. International Data Transfers (Global)

Our Service is operated from the United States. If you are located outside of the United States, please be aware that:

  • Account and Subscription Data will be transferred to, processed, and stored in the United States (via Google Firebase).
  • User Content (such as audio) will be transmitted to the United States for transient processing by our AI partners, but is not stored on RokaByte servers in the United States. It remains stored on your local device.

The data protection laws in the United States may differ from those in your country of residence and may not provide the same level of protection. By using the Service and acknowledging this Privacy Policy, you expressly consent to the transfer of your personal information to the United States and its processing there in accordance with this policy. We take steps to ensure that your data is treated securely, including by entering into appropriate data processing agreements with our service providers.

10.2. United States (California Residents)

Because RokaByte LLC is a startup with limited revenue and data processing activities, we are not currently subject to the California Consumer Privacy Act (CCPA) or CPRA. However, in compliance with the California Online Privacy Protection Act (CalOPPA), we provide the following disclosures: Do Not Track: We do not currently respond to browser “Do Not Track” signals. No Sale of Data: We do not sell your personal information to third parties for monetary value. Your Rights: You may review and request changes to your information or delete your account at any time via the App settings or by contacting saywaader_support@rokabyte.com.

10.3. United Kingdom and Switzerland

If you are accessing the Service from the UK or Switzerland, RokaByte LLC is the Data Controller of your personal information.

  • Legal Basis: We process your data to fulfill our Contract with you (providing the App’s features) and based on your Consent (specifically for capturing audio for AI analysis).
  • Data Transfer: Your data is processed in the United States. By using the App, you acknowledge that the US is not considered to have “adequate” data protection laws by UK or Swiss authorities. We rely on the “Performance of Contract” derogation to process your data in the US, as the Service cannot function without our US-based cloud infrastructure.
  • Your Rights: Under the UK Data Protection Act 2018 and the Swiss Federal Act on Data Protection (FADP), you have the right to request access to, correction of, or deletion of your personal data. Contact saywaader_support@rokabyte.com to exercise these rights.

10.4. Canada

  • Privacy Officer: RokaByte has designated a Privacy Officer for PIPEDA compliance. You may contact them via saywaader_support@rokabyte.com with the subject line “Attn: Privacy Officer”.
  • Notice: Your personal information may be accessible to US law enforcement and national security authorities.

10.5. Australia and New Zealand

  • Access/Correction: You have the right to request access to and correction of your personal information.
  • Contact: Email saywaader_support@rokabyte.com. If dissatisfied with our response, you have the right to lodge a complaint with the privacy regulator in your country.

10.6. Singapore

  • Data Protection Officer (DPO): To contact our DPO regarding the PDPA or to withdraw consent, please email saywaader_support@rokabyte.com with the subject line “Attention: Singapore DPO”.

10.7. India

  • Grievance Officer: In compliance with the Information Technology Act, you may contact our designated Grievance Officer.
  • Contact: Please email saywaader_support@rokabyte.com with the subject line “Attention: India Grievance Officer”.
  • Redressal: We will acknowledge complaints received with this subject line within 24 hours and resolve them within 15 days.

10.8. South Korea

  • Chief Privacy Officer: You may contact our CPO via saywaader_support@rokabyte.com.
  • Data Transfer Consent: Your data is transferred to RokaByte’s third-party cloud service providers (located in the United States and globally) for the provision of the Service. You may refuse this transfer by not using the App.
  • Data Destruction: We destroy personal data immediately once the purpose of collection is fulfilled using irreversible electronic erasure.

10.9. Japan

  • Joint Use: We do not jointly use your personal data with third parties other than our service providers listed in Section 3.

10.10. Exclusion of EEA (European Economic Area)

Prohibited Use: This Service is NOT intended for, nor marketed to, residents of the European Economic Area (EEA), which includes the European Union (EU), Norway, Iceland, and Liechtenstein. Accessing the Service from the EEA is strictly prohibited. RokaByte blocks the distribution of the App in these jurisdictions. If you circumvent these blocks (e.g., via VPN), you acknowledge that you do so in violation of our Terms of Service and consent to having your data processed in the United States.

Clarification: For the avoidance of doubt, this prohibition does not apply to the United Kingdom or Switzerland. Residents of the UK and Switzerland are authorized to use the Service subject to Section 10.3.

10.11. Rest of World

If you are accessing the Service from a jurisdiction not explicitly listed above (including Mexico, Brazil, Chile, South Africa, Nigeria, Kenya, UAE, Taiwan, Hong Kong, Philippines, Malaysia, Thailand, Indonesia, and Laos):

  • Consent to Transfer: To the extent permitted by applicable local law, you expressly consent to the transfer, storage, and processing of your personal data in the United States via our third-party infrastructure providers.
  • Governing Law: You agree that the handling of your data is governed by the laws of the United States and the State of California, and, to the extent permitted by applicable local law, you waive any rights to local jurisdiction handling to the fullest extent permitted by applicable law.
  • Data Subject Rights: RokaByte will honor requests to Access, Correct, or Delete your personal data regardless of your location. Please contact saywaader_support@rokabyte.com.

10.12. Limitation on Rights (Third-Party Store Data)

Regardless of your location or jurisdiction, please note that RokaByte can only exercise rights (such as access or deletion) over personal data under our direct control. We do not possess, and therefore cannot delete, your App Store/Google Play account data or payment information (such as credit card details). This information is controlled entirely by Apple and Google. You must contact them directly to manage your subscriptions or payment methods.

11. Dispute Resolution

Any disputes, claims, or controversies arising out of or relating to this Privacy Policy, including its interpretation or breach, shall be resolved in accordance with the Binding Arbitration and Class Action Waiver provisions set forth in the RokaByte Terms of Service. By using the Service, you acknowledge that you have read and agree to be bound by those dispute resolution procedures.

12. Contact Us and Privacy Officer

If you have any questions or concerns about this Privacy Policy or our data practices, or if you wish to exercise your rights regarding your personal information, please contact us. We have appointed a Privacy Officer to oversee our compliance with this Privacy Policy.

RokaByte LLC
Attn: Privacy Officer
Email: saywaader_support@rokabyte.com