Privacy Policy

This Privacy Policy explains what information Recall collects, why, how it is handled, and the choices you have. Recall (“Recall”, “we”, “us”) is a desktop application currently operated by an independent individual developer (a sole trader) based in the Republic of Moldova. We are forming a registered company, and we will update this page to name it once it exists.

For a plain-English overview of how Recall watches the shape of your work and the limits we hold to, see our Privacy overview. This page is the formal policy. Where the two differ, this page governs.

Recall is built so that your work stays with you. Capture and grouping run on your own machine, and the local store is encrypted at rest using your operating system keychain. Your work content is not sent to us and is not stored on our servers.

This policy is therefore mostly about the small amount of account, payment, and support information we need to run the business around the app, not about the content of your work.

We collect only what we need:

• Account and license data. Your name, email address, country, and the status of your subscription, so we can give you access and provide support. Most of this comes to us from Paddle after a purchase.
• Payment data, held by Paddle. When you buy a subscription, payment details such as your card information are collected and processed by Paddle, our Merchant of Record. We do not receive or store your full card details.
• Waitlist and download sign-ups. If you join the waitlist or request a download, we store the email address you give us so we can contact you about access.
• Support messages. If you email us, we keep your message and contact details so we can help and keep a record of the conversation.
• Optional diagnostics. If you choose to send a diagnostic report, it may include technical details about your device and the error. It does not include the content of your work.

The following never leave your machine and are never sent to us:

• microphone audio, calls, camera, or video of any kind;
• keystrokes, passwords, or clipboard contents;
• the content of password, payment, or two-factor fields, which are redacted on device;
• the bodies of your private messages, emails, or documents;
• anything captured while Recall is paused, or inside a private window.

We do not sell, rent, or share your personal information with advertisers, and we do not use your work to train any model, ours or anyone else’s.

We use the information above to:

• create and maintain your account and license;
• process payments, renewals, and refunds through Paddle;
• provide support and respond to your messages;
• send service messages about your account, security, or important changes;
• keep Recall working, secure, and reliable, and to fix problems;
• meet our legal and tax obligations.

We send product or marketing email only where you have asked to hear from us, such as by joining the waitlist, and you can opt out at any time.

Where the GDPR or UK GDPR applies, we rely on these legal bases: performance of our contract with you, to provide the app and your subscription; our legitimate interests, to keep Recall secure and to improve it; your consent, for optional things like marketing email or diagnostics, which you can withdraw at any time; and compliance with legal obligations, such as tax and accounting.

We do not sell your data. We share the limited information above only with the service providers we need to run Recall, under agreements that require them to protect it:

• Paddle, our Merchant of Record, for checkout, billing, payment processing, invoicing, tax, and billing support. See Paddle’s Privacy Notice.
• Hosting and infrastructure providers that run our website and the systems behind accounts and licenses.
• Email providers that deliver account, support, and waitlist messages.

None of these providers receive the content of your work. We may also disclose information if the law requires it, or to protect our rights, safety, or property.

Optional AI features run against a model provider using your own key, or against a local model. When you use your own key, your request goes to that provider under their terms, not ours.

We and our providers may process information in countries other than yours. Where personal data moves out of the EU, UK, or other regions with data-transfer rules, we rely on appropriate safeguards, such as standard contractual clauses, to keep it protected.

We keep account and support information for as long as your account is active and for a reasonable period afterward, then delete or anonymize it. We keep billing and tax records for as long as the law requires.

The content of your work lives in the encrypted local store on your machine. You control it: you can wipe a session, a day, or everything from within the app, at any time.

Depending on where you live, you may have the right to access the personal data we hold about you, to correct it, to delete it, to export it, to object to or restrict certain processing, and to withdraw consent. Residents of the EU and UK have these rights under the GDPR. California residents have similar rights under the CCPA, including the right to know and to delete, and we do not sell personal information.

To exercise any of these rights, email hello@joinrecall.com. We will respond within the time the law allows. You also have the right to complain to your local data-protection authority.

We protect information with measures appropriate to its sensitivity, including encryption of the local store at rest, encrypted connections in transit, and access controls on the limited account data we hold. No method of storage or transmission is perfectly secure, but keeping your work on your own device is the strongest protection we can offer, and it is the default.

Our website uses only the cookies needed to make it work. We do not load advertising trackers or third-party analytics SDKs, and the Recall application does not track you across other apps or websites. Checkout pages provided by Paddle may use cookies necessary to process your payment, governed by Paddle’s policy.

Recall is not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.

We may update this policy as the product and our company evolve, including when we move from an individual operator to a registered company. We will update the date at the top of this page, and for material changes we will let you know by email or in the app.

For any privacy question, or to exercise your rights, write to us at hello@joinrecall.com. For questions about payment data, you can also contact Paddle using the details on your receipt.