Privacy Policy
Effective date: · What changed: disclosed a privacy-first, cookieless visit counter (Cloudflare Web Analytics) on the marketing website (summary and section 3.4).
Your audio and its transcription happen on your Mac. WhisprDesk does not upload your recordings, and the app runs no analytics or telemetry. If you turn on the optional AI cleanup or agent features, your transcribed text (not your audio) is sent from your Mac directly to the AI provider whose API key you configured. When you buy a license, Stripe processes your payment; through our Stripe account we (RBJ Global LLC) may see your email address, billing details, and your purchase, refund, and tax/accounting records. We never receive your full card number. Keygen issues and manages your license key, and Resend delivers your license and refund emails. Our marketing website (whisprdesk.com) uses one privacy-first, cookieless analytics counter (Cloudflare Web Analytics) to count visits, and sets no analytics or advertising cookies.
1. Who we are
WhisprDesk is a Mac dictation application and a product of RBJ Global LLC, a Texas limited liability company (“WhisprDesk,” “we,” “us”). You can reach us at [email protected].
2. Our design principle
WhisprDesk is a local-first application. Your audio and the transcription of that audio are processed on your device and stored on your device; we do not operate a server that receives, stores, or processes your audio or transcripts. If you enable the optional AI cleanup or agent features, the transcribed text is sent from your Mac directly to the AI provider you configured (see section 3.3). The third-party services we rely on are limited to: payment processing and sales-tax calculation (Stripe), license issuance and device management (Keygen), transactional email (Resend), website hosting (Cloudflare), software distribution and notarization (Apple), and, only if you explicitly configure them, the AI provider whose API key you enter into the app (OpenAI, Anthropic, Google).
3. Information we collect
3.1 Information that stays on your device
The following data is stored locally on your Mac and is never transmitted to us:
- Audio recordings (temporary, deleted after transcription)
- Transcribed text and transcription history
- Custom dictionary entries
- App settings and preferences
- Uploaded audio files you transcribe
- API keys for BYOK AI providers
A copy of your license key is also stored on your Mac. The authoritative license record is held by Keygen (see section 3.2).
3.2 Information involved when you buy and activate a license
When you purchase and activate WhisprDesk:
- Stripe processes your payment. Stripe collects your email address, card details, and billing address. Your billing address is used to calculate any sales tax that applies to your purchase. We never receive or store your full card number. Stripe handles card data under its own PCI-compliant systems. Through our Stripe account we can access your email, billing details, and your purchase, refund, and tax records for tax, accounting, support, and legal purposes.
- Keygen issues and manages your license key. When you activate WhisprDesk on a Mac, the app sends Keygen a device fingerprint, a one-way value derived from a hardware identifier on your Mac; your raw hardware identifier never leaves your Mac. Along with it, the app sends your computer's name (for example, “Jay's MacBook”) and a platform label (such as “macOS, Apple Silicon”) so you can recognize and manage your devices in the app's device list. This lets your license be limited to a set number of devices and lets you free a device's slot later. Keygen stores your license key and, for each device you activate, its fingerprint, name, and platform label.
- Resend delivers our transactional email to you: your license key after purchase, and a refund confirmation if you are refunded. Stripe issues your payment receipt.
In short: we see the email address you buy with and your license and device-activation records, and through Stripe we can see your billing details and payment, refund, and tax records. We do not receive your full card number.
3.3 Information you send to third-party AI providers
If you enable the optional AI cleanup or agent features, your transcribed text is sent directly from your Mac to the AI provider whose API key you configured (OpenAI, Anthropic, or Google). Those requests are governed by the provider's own privacy policy, not ours. WhisprDesk does not proxy, inspect, log, or store these requests.
3.4 Website analytics and app behavior
Our website (whisprdesk.com) is hosted on Cloudflare Pages. Cloudflare may log basic request metadata for security and reliability purposes (IP address, user agent, request time). We use one privacy-first, cookieless analytics counter (Cloudflare Web Analytics, provided by our host) to understand how many people visit and which pages are read; it sets no cookies, does not identify you, and does not track you across other sites. We run no tracking pixels, no advertising cookies, and no other third-party measurement: no Google Analytics, no Meta Pixel, no LinkedIn Insight Tag.
The WhisprDesk desktop app includes no analytics, no telemetry, and no usage tracking. It does contact Keygen to activate and periodically validate your license, and, only if you configure and enable the optional AI features, it contacts the AI provider whose API key you entered. It does not otherwise send information about you or your use of the app to us or anyone else.
Follow on LinkedIn link. This site includes a link to our LinkedIn company page. We do not load LinkedIn scripts, set LinkedIn cookies, or track visitors on this site. If you click the link, LinkedIn opens in a new tab and LinkedIn's own privacy practices apply once you are there.
4. How we use information
We use the limited information we receive to:
- Validate your license key and enforce your device limit when the app starts
- Send you your license key and refund confirmations (Stripe issues your payment receipt)
- Respond to support inquiries you send us
- Notify you of critical updates to the software or terms
- Comply with legal obligations, including sales-tax collection and remittance
We do not use your information for advertising, behavioral tracking, or training AI models.
5. Data retention
Data stored locally on your Mac remains there until you delete it or uninstall WhisprDesk. We retain your email address and license and device-activation records for as long as your license is active, plus a reasonable period afterward for bookkeeping and legal purposes (typically up to seven years, consistent with U.S. federal tax and accounting record-keeping practice). Stripe retains your payment and tax records under its own retention policy; we retain the payment and tax records we need to meet our own tax and accounting obligations.
6. Data security
We implement reasonable technical and organizational measures to protect the limited data we receive. Your API keys are stored on your Mac using the operating system's secure storage APIs. Our website is served over TLS. No system is perfectly secure; we cannot guarantee absolute security, and we minimize the data we hold so there is little to secure in the first place.
7. Your rights
Depending on where you live, you may have rights under privacy laws including the Texas Data Privacy and Security Act (TDPSA), the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA), the EU and UK General Data Protection Regulation (GDPR/UK GDPR), and similar US state laws (Virginia VCDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA). These may include the right to:
- Confirm whether we process personal information about you and access it
- Correct inaccurate information
- Request deletion of your personal information
- Obtain a portable copy
- Opt out of targeted advertising, sale of personal information, or profiling that produces legal or similarly significant effects
- Object to or restrict certain processing (GDPR/UK GDPR)
- Lodge a complaint with a data-protection authority in your jurisdiction
Sale and sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA, and we do not engage in targeted advertising as defined under the TDPSA, VCDPA, CPA, CTDPA, or UCPA. We also do not engage in profiling that produces legal or similarly significant effects.
How to exercise your rights. Email [email protected] from the address on your license. We will acknowledge within ten days and respond within forty-five days, with a one-time forty-five-day extension if the request is complex. You may appeal a refusal by replying to our response email; we will respond to the appeal within sixty days.
8. Children's privacy
WhisprDesk is not directed at children under thirteen years old (or, in the European Economic Area and the United Kingdom, under the age set by the relevant member state, which ranges from thirteen to sixteen). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, contact us and we will delete it.
9. International data transfers
WhisprDesk is operated from the United States and is intended primarily for customers in the United States. If you access or purchase WhisprDesk from outside the United States, the limited information we process (primarily your email and license state; your payment and billing details are held by Stripe) may be processed on servers in the United States or in the locations where our sub-processors operate. Where applicable, we rely on the data-transfer safeguards that our sub-processors (Stripe, Keygen, Resend, Cloudflare) make available. We are a small U.S. business; if you are located in the EEA or the UK and have a question or request about your data, contact us at [email protected] and we will address it in good faith.
10. Third-party services we rely on
- Stripe: payment processing and sales-tax calculation. See stripe.com/privacy.
- Keygen: license key issuance and device-activation management. See keygen.sh/privacy.
- Resend: transactional email delivery (your license key and refund confirmations). See resend.com/legal/privacy-policy.
- Cloudflare: website hosting and DNS. See cloudflare.com/privacypolicy.
- Apple: software distribution, code signing, and notarization. See apple.com/legal/privacy.
- OpenAI / Anthropic / Google: only if you explicitly configure a BYOK API key and enable optional AI features. Each provider has its own privacy terms; WhisprDesk is not a party to that relationship.
11. Cookies and similar technologies
Our marketing website sets no analytics or advertising cookies. Cloudflare may set a small number of functional cookies necessary for website security and caching; those are required to deliver the site. The WhisprDesk desktop application does not use cookies. Full breakdown on our Cookies page.
12. Changes to this policy
We may update this Privacy Policy as the app evolves. We commit to updating before changing, not after. The effective date at the top reflects the last revision. For material changes, we will attempt to notify existing license holders by email, and, where your jurisdiction requires it, we will deploy any consent mechanism before the change takes effect. Your continued use of WhisprDesk after an update indicates your acceptance of the updated policy.
13. Contact us
Questions about this policy or your data? Email [email protected].
Changelog
- July 7, 2026. Initial publication.