Skip to content
CallCapture
FeaturesHow it worksFAQRecording laws

Legal

Privacy Policy

Last updated: July 2026

1. Introduction

Media Dot Ltd. ("we," "us," or "our") operates the CallCapture mobile application (the "App") and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

This Privacy Policy applies to all users of the Service, including those who record phone calls, create voice memos, or use any other features of the App.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your phone number for identity verification via SMS. We also collect your country code to determine your region. We use Twilio to send verification codes via SMS to confirm your phone number. We do not collect your name, email address, or other personal identifiers during registration.

2.2 Call Recordings and Voice Memos

The core functionality of the Service involves recording phone calls and voice memos. When you use the Service, we collect and store:

  • Audio recordings of your phone calls and voice memos, stored securely in Microsoft Azure Blob Storage
  • Recording metadata including duration, date and time, recording type (call or voice memo), phone numbers involved in calls, and call direction (incoming or outgoing)

2.3 AI-Generated Content

We process your recordings through third-party artificial intelligence services to generate enriched content, including:

  • Transcriptions — speech-to-text conversion of your recordings with speaker identification (diarization), generated by Deepgram
  • Summaries — AI-generated summaries of your recordings, generated by Anthropic Claude
  • Entities — names, organizations, locations, and other entities mentioned in your recordings, extracted by Anthropic Claude
  • Commitments and action items — tasks, promises, and follow-ups identified in your recordings, extracted by Anthropic Claude
  • Topics — subject matter categorization of your recordings, identified by Anthropic Claude
  • Sentiment analysis — overall tone and emotional context of your recordings, analyzed by Anthropic Claude
  • Vector embeddings — mathematical representations of your transcript text used for semantic search functionality, generated by OpenAI

2.4 Device Information

When you register your device for push notifications, we collect:

  • Device token — a unique identifier assigned by Apple Push Notification Service (APNS) to deliver notifications to your device
  • Platform — the operating system of your device (e.g., iOS)
  • Device information — basic device model and system version information

2.5 Usage Data

We collect information about how you use the Service, including:

  • Number of recordings created and their duration
  • Subscription status and usage against plan limits
  • Feature usage patterns to improve the Service

2.6 Subscription and Payment Information

Subscription purchases are processed entirely through the Apple App Store using Apple's in-app purchase system, managed by RevenueCat. We do not directly collect or store your credit card number, billing address, or other financial information. We receive confirmation of your subscription status, plan type, and transaction identifiers from RevenueCat to manage your access to premium features.

2.7 Support Communications

If you contact us for support through the App's "Contact Us" feature, we collect the content of your message and your contact information to respond to your inquiry. Support emails are delivered via SendGrid.

2.8 Analytics, Crash Reporting, and Session Replay

We use analytics and diagnostics tools to understand how the App is used and to find and fix problems. These tools are used only to operate and improve the Service — they are not used for third-party advertising, and we do not sell the data they collect.

  • Product analytics (PostHog) — we collect events about feature usage (for example, that a recording was played or a screen was viewed), along with your app user identifier and basic device information.
  • Session replay (PostHog) — we may capture visual recordings of your App screens to understand usage and diagnose problems. Text you type is masked (hidden) before capture.
  • Crash and error reporting (Sentry) — if the App or our servers encounter an error, we collect technical diagnostic information such as the error type, stack trace, device model, and operating system version.
  • Server diagnostics (Azure Application Insights) — our servers send diagnostic telemetry, such as request traces, performance metrics, and error information, to Azure Application Insights so we can monitor service health.

Personal content is stripped before analytics and crash data leaves the device or our servers: these tools never receive your phone number, recording audio, transcript text, summary text, or authentication tokens.

3. How We Collect Information

3.1 Directly From You

We collect information that you voluntarily provide when you register for the Service, initiate a call recording or voice memo, contact customer support, or interact with the App's features.

3.2 Automatically

Certain information is collected automatically when you use the Service, including device information for push notification delivery and recording metadata such as timestamps and duration.

3.3 From Third Parties

We receive subscription status and purchase validation information from RevenueCat and the Apple App Store. We receive call recording audio from Twilio's telephony infrastructure when you record a phone call using our service numbers.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery — to provide, operate, and maintain the core functionality of the Service, including recording, storing, and playing back your calls and voice memos
  • AI processing pipeline — to transcribe your recordings via Deepgram, generate summaries, extract entities and commitments, identify topics, analyze sentiment via Anthropic Claude, and create vector embeddings for semantic search via OpenAI
  • Push notifications — to send you notifications when your recordings have been processed and are ready for review, delivered via Azure Notification Hubs and Apple Push Notification Service
  • Billing and subscription management — to verify your subscription status, manage access to premium features, and process purchase events via RevenueCat
  • Customer support — to respond to your inquiries, troubleshoot issues, and provide technical assistance
  • Service improvement — to analyze usage patterns, identify areas for improvement, and develop new features
  • Security and fraud prevention — to protect the integrity of the Service, detect and prevent unauthorized access, and enforce our Terms of Service
  • Legal compliance — to comply with applicable laws, regulations, and legal processes

5. Third-Party Service Providers

We use the following third-party service providers to operate the Service. Each provider receives only the minimum data necessary to perform its function:

5.1 Twilio

Twilio provides SMS verification for account registration and the telephony infrastructure for call recording. When you register, your phone number is sent to Twilio to deliver a verification code via SMS. When you record a call, Twilio's service numbers facilitate a three-way conference merge to capture the audio. Twilio processes your phone number and call audio.

5.2 Deepgram

Deepgram provides speech-to-text transcription services. Your recorded audio is sent to Deepgram's API for transcription with speaker diarization (identifying who said what). Deepgram processes the audio content of your recordings.

5.3 Anthropic (Claude)

Anthropic's Claude AI model is used for post-transcription enrichment. Your transcript text (not raw audio) is sent to Anthropic's API to generate summaries, extract entities (names, organizations, locations), identify commitments and action items, categorize topics, and analyze sentiment. Anthropic processes the text content of your transcripts.

5.4 OpenAI

OpenAI provides text embedding services for semantic search. Your transcript text is sent to OpenAI's API to generate vector embeddings — mathematical representations that enable you to search across your recordings by meaning rather than exact keywords. OpenAI processes the text content of your transcripts.

5.5 RevenueCat

RevenueCat manages in-app subscriptions and purchase validation. RevenueCat receives your anonymous app user identifier and subscription transaction data from the Apple App Store to manage your subscription status and entitlements.

5.6 Microsoft Azure

Microsoft Azure provides cloud hosting and infrastructure for the Service, including:

  • Azure Blob Storage — secure storage for your recording audio files
  • Azure Notification Hubs — delivery of push notifications to your device via Apple Push Notification Service
  • Azure App Service — hosting for the backend API
  • Azure Database for PostgreSQL — storage of your account data, recording metadata, transcripts, and AI-generated content
  • Azure Application Insights — collection of server diagnostic telemetry (request traces, performance metrics, and error information; see Section 2.8)

5.7 SendGrid

SendGrid provides email delivery services. When you use the "Contact Us" feature in the App, your support message is delivered via SendGrid's email infrastructure.

5.8 PostHog

PostHog provides product analytics and session replay (see Section 2.8). PostHog receives feature-usage events, session replay captures with typed text masked, your app user identifier, and basic device information. PostHog never receives your phone number, recording audio, transcript text, or summary text.

5.9 Sentry

Sentry provides crash and error reporting for the App and our servers. Sentry receives technical diagnostic information about errors (error type, stack trace, device model, operating system version). Identifying information such as phone numbers and authentication tokens is stripped before reports are sent.

5.10 Apple

Apple processes in-app purchases through the App Store and delivers push notifications through Apple Push Notification Service (APNS). Apple's own privacy policies govern its processing of your data.

6. AI Processing Disclosure

Your recordings are processed by multiple third-party artificial intelligence services as part of the Service's core functionality. Specifically:

  • Your audio recordings are sent to Deepgram for speech-to-text transcription
  • Your transcript text is sent to Anthropic (Claude) for AI-powered summarization, entity extraction, commitment detection, topic identification, and sentiment analysis
  • Your transcript text is sent to OpenAI for generating vector embeddings used in semantic search

These third-party AI services process your data solely for the purpose of providing the requested functionality. We do not use your data to train AI models. However, each third-party provider is subject to its own privacy policy and data practices. We encourage you to review the privacy policies of Deepgram, Anthropic, and OpenAI for details on how they handle data received through their APIs.

AI-generated content (transcriptions, summaries, entities, etc.) may contain errors or inaccuracies. This content is provided for your convenience and should not be relied upon as a verbatim or authoritative record.

7. Non-User Data

When you use the Service to record a phone call, the voice and speech of all parties on the call — not just you — are captured, recorded, and processed through our AI pipeline. This means that the other party's voice is recorded, transcribed, and analyzed even though they may not be a user of the Service.

You are solely responsible for obtaining any consent required by applicable law from all parties before recording a conversation. Please see our Terms of Service for details on your legal responsibilities regarding recording consent.

If a non-user believes their data has been collected through a recording and wishes to exercise their rights, they may contact us at privacy@callcapture.me.

8. Data Sharing

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We share your data only in the following limited circumstances:

  • Service providers — with the third-party providers listed in Section 5 above, solely to operate and deliver the Service
  • Legal compliance — when required by law, regulation, legal process, or governmental request
  • Protection of rights — to protect the rights, property, or safety of Media Dot Ltd., our users, or the public
  • Business transfers — in connection with a merger, acquisition, reorganization, or sale of assets, in which case your data may be transferred to the acquiring entity

9. Data Retention

We retain your data as follows:

  • Recordings and associated data — stored until you delete them or delete your account. You can delete individual recordings at any time through the App.
  • Account information — retained for as long as your account is active. When you delete your account, all associated data is permanently removed.
  • AI-generated content — transcriptions, summaries, entities, and other enriched content are retained alongside the associated recording and are deleted when the recording is deleted.
  • Support communications — retained for a reasonable period to resolve your inquiry and for quality assurance purposes.

When you delete your account, we permanently delete all your data from our systems, including recordings, transcripts, AI-generated content, and account information. This deletion is irreversible. Diagnostic and analytics data already collected by our analytics and error-reporting providers (see Sections 2.8, 5.8, and 5.9) is retained and deleted according to those providers' retention schedules.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption in transit — all data transmitted between the App and our servers is encrypted using TLS (Transport Layer Security)
  • Row-level security — our database enforces row-level security (RLS) policies that isolate each user's data at the database level, ensuring that one user's queries can never access another user's data
  • Cloud security — our infrastructure is hosted on Microsoft Azure, which maintains industry-leading security certifications and compliance standards
  • Access controls — access to user data is restricted to authorized personnel and systems on a need-to-know basis

While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

Data Breach Response

If we become aware of a suspected security breach affecting your personal data, we will promptly investigate the incident and take appropriate steps to contain and remediate it. We will notify affected users and relevant authorities as required by applicable law.

11. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access — you can access your recordings, transcripts, and AI-generated content at any time through the App
  • Data export — you can request a copy of your data in a portable format by contacting us at privacy@callcapture.me
  • Deletion — you can delete individual recordings through the App, or delete your entire account in the App (Settings > Delete Account) to permanently remove all associated data from our systems (see Section 9)
  • Correction — you can contact us to request correction of inaccurate personal information

To exercise any of these rights, contact us at privacy@callcapture.me or use the relevant features in the App.

12. California Residents (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

  • Right to know — you have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, our purpose for collecting the information, and the categories of third parties with whom we share it
  • Right to delete — you have the right to request that we delete personal information we have collected from you, subject to certain exceptions
  • Right to opt-out of sale — we do not sell your personal information. We do not sell, rent, or trade personal data for monetary or other valuable consideration
  • Right to non-discrimination — we will not discriminate against you for exercising any of your CCPA rights

To exercise your CCPA rights, contact us at privacy@callcapture.me. We will verify your identity before processing your request.

13. EEA/UK Residents (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, the General Data Protection Regulation (GDPR) provides you with additional rights and protections.

Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance — processing necessary to provide the Service you have requested (recording, transcription, storage, AI enrichment)
  • Consent — where you have given explicit consent to specific processing activities
  • Legitimate interests — processing necessary for our legitimate interests (service improvement, security, fraud prevention), balanced against your rights and freedoms
  • Legal obligation — processing necessary to comply with applicable laws

Your GDPR Rights

Under the GDPR, you have the following rights:

  • Right of access — to obtain confirmation of whether we process your personal data and to receive a copy of it
  • Right to rectification — to request correction of inaccurate personal data
  • Right to erasure — to request deletion of your personal data under certain circumstances
  • Right to data portability — to receive your personal data in a structured, commonly used, and machine-readable format (contact us at privacy@callcapture.me to request an export)
  • Right to restriction of processing — to request limitation of processing under certain circumstances
  • Right to object — to object to processing based on legitimate interests
  • Right to lodge a complaint — you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement

Data Controller

Media Dot Ltd. is the data controller for the personal data processed through the Service. For data protection inquiries, contact us at privacy@callcapture.me.

14. Children's Privacy

The Service is not intended for use by children and is available only to users who are at least 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to promptly delete that information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@callcapture.me so we can take appropriate action.

15. International Data Transfers

Your data is processed and stored in the United States on Microsoft Azure infrastructure. Our third-party service providers (Twilio, Deepgram, Anthropic, OpenAI, RevenueCat, SendGrid, PostHog, Sentry) may also process data in the United States or other countries.

If you are located outside the United States, please be aware that your data will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States and its processing there.

For users in the EEA/UK, we rely on appropriate legal mechanisms for international data transfers as required by the GDPR.

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through the App or by other appropriate means.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Media Dot Ltd.
Email: privacy@callcapture.me

Every call, remembered.

Download on the App Store

Product

Features How it works FAQ

Legal

Privacy Policy Terms of Service Recording laws

Support

Help & contact support@callcapture.me

© 2026 Media Dot Ltd.. All rights reserved.

CallCapture · You are responsible for complying with the recording laws that apply to you.