What we collect, what we don't, and why.
Last updated April 2026
Talking. is built to be private by default. Free decodes happen entirely on your device — no chat text ever leaves your phone. Pro decodes send your text to our server so a higher-quality AI model can read it, then immediately forget it. We never sell your data, and we never train public AI models on your conversations.
Account info — your email address and password (hashed, never stored in plain text) to sign you in on any device. Your display name, avatar, and a unique username that you pick during onboarding.
Profile signals — the current relationship stage you select and your self-reported attachment style, used only to personalize your decode experience inside the app.
Purchase receipts — when you subscribe to Pro, Apple sends us a receipt we verify so we can unlock Pro features. We do not see your card number, billing address, or Apple ID password.
Crash and basic usage events — things like "a decode was started" or "the paywall was shown." Never the content you decoded.
We do not collect or store: your contacts, your location, your browsing activity, the identity of the person you're decoding, or the text content of conversations decoded in free mode. We do not use advertising identifiers. We do not track you across other apps or websites.
On the free plan, decodes run entirely on your phone. When you paste text or upload a screenshot, the analysis happens locally using on-device pattern matching. Nothing is sent to us, to Google, to Anthropic, or to any other server.
When you subscribe to Pro and run a decode, the text of the conversation (and, if you uploaded a screenshot, the cleaned-up text extracted from it) is sent over an encrypted connection to our server, which forwards it to either Google's Gemini API or Anthropic's Claude API for analysis.
Those providers return an analysis to us, which we return to your app. We do not store the text of your decode on our server after the response is returned. Our providers have contractual terms stating they will not use API inputs to train their public AI models.
The Reply Drafter feature works the same way — your conversation text is sent to the AI provider to generate reply suggestions, then discarded.
The voice memo feature transcribes your audio on-device using Apple's speech recognition. The audio itself is not uploaded or stored anywhere — only the resulting text transcript enters the decode pipeline described above.
Screenshots you upload are processed to extract just the message text (skipping usernames, timestamps, and interface elements). On the free plan, this extraction happens on-device using Apple's Vision framework. On Pro, extraction uses Google's Gemini Vision API for higher accuracy, which means the image is sent to Google over an encrypted connection. The image is not retained on our server, and per Google's API terms, is not used to train models.
We use a small number of providers strictly to operate the app:
Apple — authentication, push notifications, App Store payments and receipt verification.
Cloudflare — hosts our backend API, CDN, email routing, and rate-limiting.
Resend — sends your verification codes and account emails.
Google (Gemini API) — processes Pro decodes, reply drafts, and screenshot text extraction. Not used on the free plan.
Anthropic (Claude API) — processes Pro decodes and reply drafts when available. Not used on the free plan.
We do not share your data with advertisers, data brokers, or analytics networks. We never sell your data to anyone.
We will never train any public AI model on your decoded conversations, uploaded screenshots, or voice transcripts. Our AI providers (Google, Anthropic) have committed via their API terms that customer API inputs will not be used to train their consumer-facing models. If we ever want to change anything about how your data is used, we will tell you clearly and ask for your consent first.
You can view or export your account data by emailing support@heytalking.com. You can delete your account and all associated data from Settings inside the app, or by emailing us. If you're in the EU, UK, California, or another region with privacy laws, you have additional rights (to access, correct, port, and erase your data) and we will honor them.
Talking. is not directed at children under 13. You must be at least 13 to use Talking., and if you are under 16 in the EU (or under 13 in the US), you need a parent or guardian's permission. If you believe we have personal information from a child under 13, please email us and we will delete it.
Account info: for as long as you have an account, plus up to 90 days after you delete it (for billing records and fraud prevention). Purchase receipts: up to 24 months to comply with Apple's requirements. Crash and usage events: up to 12 months. Decode text is not retained on our server after a Pro decode completes.
We are based in the United States. Our backend runs on Cloudflare's global network. If you use Talking. from outside the US, your data may be processed in any country where our infrastructure operates, under standard contractual safeguards.
If we change this policy in a way that affects you, we'll notify you in the app (and by email if the change is material) before it takes effect.
Privacy questions, data requests, or concerns.
support@heytalking.com