Privacy Policy

There are two kinds of people whose data we handle: Podcasters who create accounts, and Listenerswho leave voice messages at a podcaster’s Hey Caller! URL. This policy covers both.

• Email address (used for login via magic link and billing).
• The show details you provide: title, slug, tagline, about text, cover art, links to your podcast and socials.
• Billing information is handled by Stripe — we store only your Stripe customer and subscription IDs, not your card number.
• Basic technical logs: IP address, user agent, timestamps of actions you take in the app, for security and debugging.

• The voice message you record.
• Your name and email if you choose to enter them (both optional).
• Whether you ticked the “can be played on the show” consent box (required to submit).
• A one-way hash of your IP address and your user-agent string, for abuse prevention. We do not store your raw IP with the message.

We do not track listeners across the web. We do not set advertising cookies. We do not sell any of this data.

• To deliver the service: host your show page, store the audio, transcribe it, generate titles and summaries, email notifications.
• To bill you via Stripe and keep your subscription in sync.
• To send operational email about your account (magic-link login, receipts, service announcements). We don’t send marketing email.
• To investigate abuse, debug errors, and improve reliability.

We share only the minimum necessary with service providers who help us deliver the product:

• Supabase — hosts our database, authentication, and audio storage.
• Vercel — hosts the web application.
• Google (Gemini API)— receives the voice message audio to produce a transcript, title, and summary. Google states that inputs to the paid API are not used to train their models; free- tier usage may be. See Google’s AI API terms.
• Mailgun — delivers transactional email.
• Stripe — processes payments.

We do not sell personal data. We do not share data with advertisers.

While a Podcaster’s subscription is active, their messages and related data are retained indefinitely. After cancellation, we keep data for 30 days (the “grace window”), then permanently delete audio, transcripts, and AI-generated fields. Account records and billing history are kept longer where required by law.

Listeners: if you want a message you left removed before the Podcaster’s retention window ends, contact us and we’ll delete it within 7 days.

You can request a copy of the personal data we hold about you, ask us to correct it, or ask us to delete it. Reach out via the contact form on our site and we’ll respond within 30 days. Residents of regions with specific privacy laws (GDPR, CCPA, etc.) have additional rights under those laws, which we honor.

Connections are encrypted in transit (HTTPS). Audio is stored in a private cloud bucket. Access is gated by row-level security tied to your account. We follow reasonable industry practices; no system is perfect, and if we discover a breach affecting your data we will notify you promptly.

Hey Caller! is not designed for users under 13, and we don’t knowingly collect data from them.

We may update this policy. Material changes will be announced by email and the “Last updated” date above will change.

Privacy questions or requests can be sent via the contact form on our site.