Which trades do you support?

Plumbers, electricians, HVAC technicians, roofers, painters, landscapers, exterminators and locksmiths.

What happens to my voice recordings?

Audio is processed transiently by our transcription provider (Whisper) and language model. The recording auto-deletes from our storage after 30 days. We never train AI models on your data.

Do I need internet on every job?

You can record without signal. Estimates, clients and photos work fully offline thanks to our local cache; audio gets transcribed when connectivity returns.

How do client payments work?

Stripe Connect Express. Money goes straight to your bank account — Pro Speak Artisan never holds the funds.

Privacy Policy

Effective date: 2026-06-01

This Privacy Policy explains how Pro Speak Artisan ("ProSpeak", "we", "us") collects, uses, shares and protects your personal data when you use the Pro Speak Artisan mobile application (the "App"), the related web services at prospeakartisan.com (the "Services") and any feature that links to this policy.

We respect your data. We never sell it, we never use it to target you with third-party advertising, and we never use it to train artificial intelligence models that benefit anyone other than you.

1. Who we are


Controller	Pro Speak Artisan
Registered address	— address pending —
Privacy contact	contact@prospeakartisan.com
Data Protection Officer (EU/UK residents)	contact@prospeakartisan.com

2. What data we collect

We collect the minimum necessary to run the App. Every category below maps to a concrete feature — if you don't use the feature, the corresponding data is not collected.

2.1 Account data

Data	When we collect it	Why
Email address	Sign-up	Identifier, password reset
Password (hashed)	Sign-up	Authentication. We never see your plaintext password.
Business name	Onboarding	Shown on PDFs and shared estimates
Primary trade	Onboarding	Tunes the voice-AI's vocabulary and catalog
Language preference	Settings or device default	Localising the UI and the AI prompts
User ID (system-generated)	Sign-up	Internal identifier across our backend

2.2 Content you create

Data	When we collect it	Why
Voice recordings (m4a, 16 kHz mono)	When you tap and hold the mic	Transcribed via our voice provider to generate a draft estimate. Deleted from our object store within 30 days unless you choose to keep it.
Transcribed text	After a successful transcription	Stored against the related estimate so you can review and edit
Photos (before/after job site)	When you attach a photo	Linked to the estimate, never embedded in the PDF
Estimates, line items, totals	When you save a draft	Core product data
Clients you create (name, email, phone, address, notes)	When you add a client	Linking customers to estimates and reminders
Maintenance reminders	Auto-generated from accepted estimates	Recurring service alerts

2.3 Subscription and billing

When you subscribe to a paid plan or buy an additional voice-minute pack, the actual payment happens in the App Store (iOS) or Google Play (Android). We never see your payment card. The store sends us :

A transaction identifier
Your plan tier (Starter, Pro, Business)
Subscription expiration date and renewal status
One-time purchase identifier (for voice-minute packs)

We use RevenueCat as a relay between the stores and our backend (see § 4). RevenueCat's privacy policy is at https://www.revenuecat.com/privacy.

When your end client pays an invoice through the App, that payment goes through Stripe Connect directly into the artisan's bank account. ProSpeak never touches the funds. Stripe's privacy policy is at https://stripe.com/privacy.

2.4 Optional data

Data	When we collect it	Why
Coarse location	If you grant the permission	Tag photos and estimates with the job-site city for your own records. Never shared.
Device push token (FCM)	When you sign in	Send you maintenance reminders, payment confirmations and acceptance notifications. You can disable each category in Settings → Notifications.
Crash diagnostics	Always (anonymous)	Find and fix bugs. Sent to Sentry (https://sentry.io/privacy). Crash data is not linked to your name or email.

2.5 Data we do not collect

We don't track your physical movements continuously.
We don't read your contacts, calendar, or messages.
We don't access photos other than the ones you explicitly attach.
We don't use third-party advertising trackers (no Facebook SDK, no AdMob, no Google Analytics).
We don't sell your data to data brokers.

3. How we use your data (purposes)

Purpose	Legal basis (GDPR)
Provide the core voice-to-estimate feature	Contract (Art. 6.1.b)
Provide the client and estimate management features	Contract
Authenticate you, secure your account	Contract + Legitimate interest
Send maintenance reminders, payment confirmations	Contract
Send marketing / product news (only if you opt in)	Consent (Art. 6.1.a)
Detect fraud, abuse, and stuck-recorder scenarios	Legitimate interest
Compute and bill voice-minute usage	Contract
Comply with tax and accounting law	Legal obligation
Improve the App through anonymised analytics and crash data	Legitimate interest

4. Who we share data with

We share only with sub-processors that are necessary to run the App. All have signed Data Processing Agreements (DPAs) with us where applicable.

Sub-processor	What they receive	Location	Why
Cloudflare R2	Voice recordings, photos	Region `auto` (currently US/EU edge)	Object storage for media
Groq Inc.	Voice recordings (transient), transcript text	USA	Speech-to-text and language-model processing
Appwrite (self-hosted by us)	All structured data (estimates, clients, profiles, …)	France	Our own backend — no third party involved here
RevenueCat	App user ID, subscription events	USA	Subscription state aggregation
Apple App Store / Google Play	Email tied to your store account, payment confirmation	USA / Ireland	In-app purchases and subscriptions
Stripe	Estimate amount, currency, client email (if provided)	USA	Client-to-artisan invoice payments. Stripe acts as a separate controller of the payment data.
Firebase Cloud Messaging	Device push token	USA	Delivering push notifications
Sentry	Anonymised crash reports, stack traces	USA / EU	Bug tracking

We never share data for advertising or for any purpose outside the ones listed above.

5. International data transfers

Some of our sub-processors are located in the United States. When we transfer your personal data outside of the European Economic Area or the United Kingdom, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, plus additional technical measures such as end-to-end TLS, encryption at rest and access controls.

6. How long we keep your data

Data	Retention
Account data	Until you delete your account (see § 9)
Voice recordings	Auto-deleted from our object store 30 days after upload (the transcript remains attached to your estimate)
Photos	Until you delete the estimate or the client they're linked to
Estimates and clients	Until you delete them or your account
Crash diagnostics	90 days, then auto-purged by Sentry
Subscription history	7 years, for accounting and tax compliance
Payment records (client invoices)	10 years, per applicable accounting law
Voice-minute usage events	13 months, for billing reconciliation
Server logs	30 days

After the retention period, data is either deleted or anonymised so that you can no longer be identified.

7. How we protect your data

All traffic between the App and our servers uses TLS 1.3.
Passwords are hashed with bcrypt before storage.
Object storage (R2) is encrypted at rest with provider-managed keys.
The MariaDB database is encrypted at rest.
Production secrets live in HashiCorp Vault, not in code.
Daily encrypted backups are stored in a separate, restricted bucket.
We use 2FA for every administrative account on every third-party service that supports it.
We don't use ad tracking SDKs that could leak your data to brokers.

8. Your rights

8.1 Rights of all users

You can :

Access the data we hold about you (Settings → Help & Support → email us).
Correct anything that's wrong — directly in the App for most fields, or by emailing us.
Delete your account and all associated data (see § 9 and the dedicated Data Deletion procedure).
Export your data (we'll send a JSON archive within 30 days of your request).

8.2 Additional rights for EU / UK residents (GDPR + UK GDPR)

Right to object to processing based on legitimate interest.
Right to restrict processing.
Right to data portability.
Right to withdraw consent for marketing communications at any time.
Right to lodge a complaint with your local Data Protection Authority (in France : CNIL, https://www.cnil.fr/en/plaintes).

8.3 Additional rights for California residents (CCPA / CPRA)

Right to know what personal information we collect, use, disclose, and sell.
Right to delete personal information.
Right to correct inaccurate personal information.
Right to opt out of the "sale" or "sharing" of personal information — we don't sell or share your information for cross-context behavioral advertising. There is nothing to opt out of.
Right to limit the use of sensitive personal information.
Right to non-discrimination for exercising any of the above.

To exercise any right, email contact@prospeakartisan.com. We'll respond within 30 days (or 45 days for complex requests, with a notice if we need the extension).

9. How to delete your account

The fastest path is in the App :

Settings → Account section → Delete my account.
Type DELETE to confirm.

Your data is purged immediately across our database, R2 object storage, RevenueCat subscriber records and the Appwrite auth user. Encrypted backups roll over within 30 days.

If you can't open the App, email contact@prospeakartisan.com from the address on your account, subject Account deletion. We confirm within 7 days and complete deletion within 30 days.

Full procedure : Data Deletion.

10. Children

The App is intended for use by professional tradespeople. We do not knowingly collect personal data from anyone under 16. If you believe a minor has provided us with personal data, contact us and we'll delete it.

11. Voice recordings and the AI providers

When you dictate an estimate :

The recording is uploaded to our Cloudflare R2 bucket.
Our backend Function sends the audio to Groq for transcription (Whisper Large v3 Turbo model).
The resulting transcript is sent to a large-language model hosted by Groq (Llama 3.3 70B) to extract structured line items.
The structured result is returned to your device, prefilled into a draft estimate that you review and edit.

Groq processes the audio transiently to produce the transcript and does not use ProSpeak customer data to train its models (per the Groq Enterprise terms in effect at the time of writing).

You can always review and delete the recording from the estimate detail screen. After 30 days the recording is automatically purged from our object store, but the transcript and the line items you saved remain unless you delete them.

12. Cookies and similar technologies

The App itself does not use cookies (it's a native mobile app). The marketing website at prospeakartisan.com uses only strictly-necessary cookies (session and CSRF). We do not use third-party tracking cookies.

13. Changes to this Privacy Policy

We may update this policy from time to time. Material changes will be notified inside the App at least 30 days before they take effect. The bottom of every screen of this document carries the Effective date — any version dated later than the one you read previously is the new one.

Past versions are kept at https://prospeakartisan.com/privacy/archive.

14. Contact

Topic	Email
Privacy questions, data access / deletion	contact@prospeakartisan.com
Data Protection Officer (EU / UK)	contact@prospeakartisan.com
Other support	contact@prospeakartisan.com
Postal	Pro Speak Artisan, — address pending —