Privacy Policy

Last updated: March 28, 2026

Overview

Cuvo is designed with privacy as a core principle. Speech recognition runs entirely on your device using Apple's on-device framework. No audio is ever uploaded to any server. You can enable Privacy Mode for fully local operation where no data leaves your device at all.

Privacy Mode

When Privacy Mode is enabled, all AI processing happens on your device. No transcripts, documents, or context data are sent to any server for coaching. Coaching cues are generated by an on-device model. Integration data (CRM contacts, documents, calendar events) is fetched directly from the provider to your device but is not sent to any AI service.

On-Device Processing

Cuvo performs speech recognition entirely on your device using Apple's SpeechAnalyzer framework. No audio is ever recorded, uploaded, or sent to any server. Audio data exists only in memory during active transcription and is discarded immediately. On macOS, system audio from meeting apps is captured and transcribed using the same on-device process.

Cloud Coaching

When Privacy Mode is off, Cuvo sends the text transcript (not audio) to an AI service via our Cloudflare Worker proxy at proxy.cuvo.app. This text is processed by OpenAI's API to generate coaching cues. We do not store transcripts on our servers — they pass through the proxy and are discarded.

Third-Party Integrations

Cuvo supports optional integrations that you connect at your discretion. All integrations use OAuth 2.0 authentication, and tokens are stored securely in your device's Keychain.

CRM Services (HubSpot, Pipedrive)

When you connect a CRM, Cuvo can fetch contact details, company information, and deal history to provide context-aware coaching during sales conversations. This data is fetched on demand when you select a contact, stored locally on your device, and sent to the cloud AI only when Privacy Mode is off.

Document Sources (Notion, Google Docs)

When you connect a document source, Cuvo can search and retrieve page content to provide reference context during conversations. Page content is fetched on demand, truncated to a limited size, stored locally, and sent to the cloud AI only when Privacy Mode is off.

Calendar (Apple Calendar, Google Calendar)

Cuvo reads upcoming calendar events — including titles, attendees, and notes — to provide meeting context for coaching. Apple Calendar access uses EventKit on your device. Google Calendar data is fetched via Google's API when you connect your Google account.

Device Authentication

Cuvo authenticates your device using Apple's AppTransaction framework. We store a hashed device identifier and request counts for rate limiting purposes. No personal information is derived from this identifier.

What We Don't Collect

• Audio recordings of any kind
• Conversation transcripts (they are not stored on our servers)
• Location data
• Usage analytics or tracking data
• Advertising identifiers

Third-Party Services

Cloudflare

Our API proxy runs on Cloudflare Workers. Cloudflare may process request metadata (IP addresses, headers) in accordance with their privacy policy.

OpenAI

Text transcripts are processed by OpenAI's API to generate coaching cues. OpenAI's data usage policies apply to this processing. We use the API with storage enabled for prompt caching to improve response times. See OpenAI's privacy policy.

Integration Providers

When you connect HubSpot, Pipedrive, Notion, Google Docs, or Google Calendar, your use of those services is subject to their respective privacy policies and terms of service. Cuvo accesses only the data necessary for coaching context and does not modify your data in any of these services.

Data Storage

Transcripts, documents, and session data are stored locally on your device. Cuvo does not maintain any cloud-based user database. The only server-side data is:

• Hashed device identifiers for rate limiting (Cloudflare KV, auto-expire)

OAuth tokens for connected integrations are stored in your device's Keychain, protected by hardware-backed encryption. Cuvo's servers never see or store these tokens.

Your Rights

You can:

• Enable Privacy Mode for fully on-device operation at any time
• Disconnect any integration to revoke Cuvo's access to that service
• Delete all local data by uninstalling the app

Children's Privacy

Cuvo is not directed at children under 13. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this policy as Cuvo evolves. Significant changes will be communicated via the app and this page.

Contact

Questions about this policy? Email support@cuvo.app.