Privacy Policy
Last updated: January 26, 2026
Introduction
PingVoice is operated by CoreProc, Inc. ("we," "our," or "us"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our text-to-speech notification service through our web application, Mac application, or API.
Data Collection Summary
The following table summarizes the data we collect and how it is used:
| Data Type | Linked to Identity | Used for Tracking |
|---|---|---|
| Contact Info (Email) | Yes | No |
| Identifiers (User ID) | Yes | No |
| Usage Data | Yes | No |
| User Content (TTS messages) | Yes | No |
| Diagnostics (Crash Data) | No | No |
Information We Collect
Account Information
When you create an account, we collect your email address and password. If you enable two-factor authentication, we store the necessary authentication data securely.
Social Authentication Data
If you sign in using Google or GitHub, we collect your OAuth provider identifier, encrypted access tokens, profile name, and avatar URL. We do not receive or store your password from these providers.
Payment Data
When you subscribe to a paid plan, PayPal handles all payment processing. We store your PayPal subscription ID, billing cycle dates, and subscription status. We do not store your credit card number, bank account details, or other payment credentials.
Service Usage Data
We collect information about your use of the service, including TTS message content, voice selection, character counts, timestamps, and credit usage. TTS message content is processed by our AI provider to generate audio and is logged for service quality purposes.
Technical Data
We automatically collect certain technical information, including IP addresses, browser type, device information, and session data for security and service improvement purposes. Sessions expire after 120 minutes of inactivity.
Diagnostic Data
If you use our Mac application and have enabled "Share with App Developers" in your macOS Privacy settings, Apple may share crash reports and performance data with us through App Store Connect. This diagnostic data is not linked to your identity and is used solely to improve app stability and performance. You can control this sharing in System Settings → Privacy & Security → Analytics & Improvements.
Third-Party Services
We use the following third-party services to operate PingVoice:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Gemini API | Text-to-speech generation | Text content, voice selection |
| PayPal | Payment processing | Name, email, billing info |
| Google OAuth | Social authentication | Profile, email |
| GitHub OAuth | Social authentication | Profile, email |
| Amazon Web Services (S3) | Audio file storage | Generated TTS audio files |
| Apple (App Store Connect) | Crash reporting (Mac app) | Crash logs, performance data (opt-in) |
Cookies and Tracking
We use essential cookies to operate the service:
- Session cookie: Maintains your logged-in state (expires after 120 minutes of inactivity)
- XSRF token: Protects against cross-site request forgery attacks
- Remember me: Optional persistent login (if you choose this option)
Important: We Do NOT Track You
We do NOT use cookies or any other technology for advertising purposes. We do NOT share your data with advertising networks. We do NOT participate in cross-app or cross-site tracking. We do NOT build advertising profiles based on your activity.
How We Use Your Information
- To provide and maintain our TTS notification service
- To process and deliver your text-to-speech messages
- To manage your account and process credit transactions
- To communicate with you about service updates and support
- To improve and optimize our service
- To detect and prevent fraud or abuse
Data Sharing
We do not sell your personal information. We share data only with the third-party service providers listed above to the extent necessary for them to perform their functions. We may also disclose information if required by law or to protect our legal rights.
Data Security
We implement industry-standard security measures to protect your information, including encryption in transit (TLS) and at rest, secure API token management, and regular security audits. However, no method of transmission over the internet is 100% secure.
Data Retention
We retain different types of data for different periods:
| Data Type | Retention Period |
|---|---|
| Account data | Until account deletion |
| Login sessions | 120 minutes of inactivity |
| TTS audio files | 14 days (cached in S3) |
| TTS message logs | 90 days |
| OAuth tokens | Until provider unlinked |
| API tokens | Until revoked by user |
International Data Transfers
Your data is processed and stored in the following locations:
- Primary infrastructure: Amazon Web Services, Asia Pacific (Singapore) region
- TTS processing: Google Gemini API may process data in Google's global infrastructure
- Payment processing: PayPal's global infrastructure
For users in the European Economic Area (EEA), data transfers outside the EEA are conducted pursuant to Standard Contractual Clauses or other approved transfer mechanisms.
Real-Time Features
PingVoice uses WebSocket connections to deliver real-time audio notifications. When connected, we track your online/offline presence status to ensure reliable delivery of TTS messages. This presence information is used solely for service delivery and is not shared with third parties.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Rectification: Request correction of inaccurate personal data
- Erasure: Request deletion of your personal data
- Portability: Request your data in a portable format
- Restriction: Request limitation of processing
- Objection: Object to certain processing activities
You can manage most of your data through your account settings. To exercise any other rights, contact us at support@pingvoice.io.
Regional Privacy Rights
European Economic Area, United Kingdom, and Switzerland (GDPR)
If you are located in the EEA, UK, or Switzerland, our legal basis for processing your personal data is:
- Contract performance: Processing necessary to provide you with the service
- Legitimate interests: Processing for fraud prevention, security, and service improvement
- Consent: Where you have given specific consent for processing
You have the right to lodge a complaint with your local data protection supervisory authority.
California (CCPA/CPRA)
If you are a California resident, you have the following rights:
- Right to Know: Request information about the personal data we collect
- Right to Delete: Request deletion of your personal data
- Right to Opt-Out: Opt out of the sale or sharing of personal information
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
We do not sell personal information.
Children's Privacy
PingVoice is not directed at children under the age of 13. You must be at least 13 years old to use our service. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will promptly delete that information. If you believe we have collected information from a child under 13, please contact us at support@pingvoice.io.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you by email.
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Email: support@pingvoice.io
- Company: CoreProc, Inc.