Privacy Policy

Last Updated: June 7, 2026

At Transcribe API ("Transcribe API," "we," "us," or "our"), we respect your privacy. This policy explains how we collect, use, and protect your data when you use our speech-to-text transcription service. Our guiding principle is data minimization: we collect only what is necessary to provide the Service, and we delete audio files as soon as transcription is complete.

1. Information We Collect

We collect information in two main ways: information from our direct customers who create accounts and use the Service, and Customer Content submitted to the Service for transcription.

Customer Account Data:

• Account Data: Your full name, email address, and account credentials.
• Billing & Transaction Data: Billing country, postal/zip code, purchase history, and limited payment-related information made available to us by our payment processor, Stripe, such as card brand and the last 4 digits of your payment method. Full card numbers are handled exclusively by Stripe and are never stored on our servers.
• Usage Data: Information about your use of the Service, such as the number of API requests, seconds of audio transcribed, and associated billing metrics.
• Technical, Security, and Fraud Prevention Data: We maintain server-side usage statistics, such as request counts and seconds transcribed, for billing and service operations. Our infrastructure and security providers may process IP addresses, request metadata, and related technical information for security, traffic routing, rate limiting, abuse prevention, and service reliability. We may create and retain a one-way hashed, pseudonymous identifier derived from your email address to detect duplicate accounts, enforce one-time free-trial eligibility, and prevent fraud or abuse.

Customer Content:

• Audio Data: Audio files you upload for transcription. These are processed solely to generate transcriptions and are permanently deleted from our systems immediately after processing is complete.
• Transcription Output: The text, VTT, and segment data generated from your audio files. Depending on the endpoint and delivery method used, transcription output may be returned directly, delivered via webhook, and/or stored temporarily in your account for retrieval via the API, as described in the “Data Retention & Account Deletion” section below.

If you use the Service on behalf of your own users, customers, employees, contractors, or other individuals, you are responsible for ensuring that you have the necessary rights, notices, consents, and legal basis to submit their audio or personal information to the Service.

2. How We Use Your Data & Legal Basis

We process Customer Account Data to provide, secure, bill for, support, and improve the Service, to communicate with you, to prevent fraud and abuse, and to comply with legal obligations. Where we process Customer Content, we do so on behalf of our customers to provide the transcription Service, including generating transcription output, delivering results, maintaining security, enforcing usage limits, and complying with applicable law. Where required by applicable law, we rely on appropriate legal bases such as performance of a contract, legitimate interests, legal obligations, and consent.

• To Provide the Service: We use your email to manage your account, your audio files to generate transcriptions, and your usage data to track and bill for transcription volume.
• Security: We use account-related signals, transaction-related signals, and infrastructure-level protections (including Cloudflare's edge security) to help prevent brute-force attacks, bots, automated scraping, duplicate accounts, repeated free-trial claims, payment abuse, fraud, and other abusive activity.
• Communication: We send transactional emails (e.g., password resets, purchase receipts, service-related notices, and critical account notifications). We may also send marketing, promotional, product update, newsletter, survey, or similar communications about our Service where permitted by applicable law and, where required, with your consent. You can opt out of marketing communications at any time by using the unsubscribe link in the message or by contacting us at support@transcribeapi.com.

3. Cookies, Local Storage, and Similar Technologies

We use cookies, local storage, and similar technologies only where necessary to operate the Service.

• Strictly Necessary Technologies: We use strictly necessary cookies and storage technologies for authentication, account security, fraud prevention, session management, and other functions required to provide the Service.
• Preferences and Functionality: We use local storage and similar technologies to remember your settings and improve performance, such as saving dashboard preferences and caching content for faster loading.
• Infrastructure and Security: We use infrastructure and security providers for security, traffic routing, rate limiting, and global performance. These technologies are not used by us to track you across third-party sites. For measuring overall traffic and search performance, we use Google Search Console, which does not place cookies on your device.
• Managing Your Preferences: Where required by applicable law, we will obtain your consent before deploying certain technologies. Depending on your jurisdiction, you may have the right to manage, accept, or reject these technologies through our provided consent tools, cookie settings, or similar browser controls.

4. Third-Party Service Providers and Processing Infrastructure

To provide a reliable, secure, and scalable transcription service, we use trusted third-party service providers and infrastructure providers. These providers process limited data only as necessary to help us operate, secure, bill for, and provide the Service.

• Hosting and Application Infrastructure: We use cloud hosting, database, storage, networking, and security infrastructure to operate the Service, host our application, protect accounts, route traffic, enforce rate limits, and maintain service reliability.
• Transcription Compute and AI Inference Providers: We use third-party cloud compute, GPU, and AI inference infrastructure to process audio files and generate transcription output. Depending on the endpoint, job type, system load, and availability, audio files and related Customer Content may be routed to different compute or inference providers. These providers process Customer Content solely to generate transcription output, maintain service security and reliability, and support operation of the Service. We do not permit these providers to use your audio files or transcription output to train or improve speech recognition models.
• Payments: We use Stripe for PCI-compliant payment processing. Full payment card numbers are handled by Stripe and are not stored on our servers.
• Search and Site Performance: We use Google Search Console to measure overall search performance and site visibility. Google Search Console does not place cookies on your device through our Service.

Your data, including Customer Account Data and Customer Content, may be processed in countries other than your own, including by trusted service providers who help us operate, secure, bill for, and provide the Service, subject to appropriate contractual and security safeguards.

When we process Customer Content through our infrastructure, compute, GPU, and AI inference providers, we do so to provide the transcription Service on behalf of our customers. We do not sell Customer Content, use Customer Content for advertising, or use Customer Content to train or improve speech recognition models.

Where required by applicable law, an applicable written agreement, or a reasonable business customer security review process, we may provide additional information about specific subprocessors upon request.

5. Data Retention & Account Deletion

• Audio Files: Deleted immediately after transcription is complete.
• Transcription Output: For async jobs and sync transcriptions delivered via webhook, the output (text, VTT, and segments) is retained for 7 days from transcription completion, after which it is automatically deleted. You may delete jobs and their associated output at any time before then through the API.
• Security, Fraud Prevention, and Usage Retention: We retain usage records, billing metrics, operational logs, and security-related records only for as long as reasonably necessary for billing, account administration, fraud prevention, abuse detection, security monitoring, dispute resolution, service protection, and legal compliance. Operational and security logs are generally retained for up to 90 days unless a longer period is reasonably necessary to investigate fraud, abuse, security incidents, billing disputes, or legal obligations. Billing, transaction, tax, and accounting-related records may be retained for longer where required or permitted by applicable law.
• Account Deletion: You may delete your account at any time via your account settings. Upon deletion, Transcribe API will remove your saved payment methods and delete your account profile, plain-text email address, credentials, and transcription output from our active databases. We may retain limited records where reasonably necessary for billing, tax, accounting, fraud prevention, security, dispute resolution, service protection, or legal compliance. We may also retain a one-way hashed, pseudonymous identifier derived from your email address to detect duplicate accounts, enforce one-time free-trial eligibility, and prevent fraud or abuse.
• Stripe Legal Retention: While we delete your data from our systems, our payment processor, Stripe, may retain basic transaction records as required by law for tax, auditing, and anti-fraud purposes.

6. Data Security & Breach Notification

We implement industry-standard security measures, including encryption in transit, to protect your data. However, no system is entirely impenetrable. In the unlikely event of a data breach that compromises your personal information, we will notify affected users via email within the timeframes required by applicable law, detailing the nature of the breach and the steps we are taking to resolve it.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Request a copy of the personal data we hold about you.
• Request that we correct inaccurate data.
• Request the permanent deletion of your data (achievable via your account settings).

For any privacy concerns, data requests, or questions about this policy, please contact us at support@transcribeapi.com.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our Service, our data practices, or legal requirements. When we make material changes to this Privacy Policy, we will update the "Last Updated" date and provide prominent notice before the changes take effect. Where required by law, we will obtain your consent before applying the changes.