Privacy Policy

Last updated: May 31, 2026

This policy describes how Niro Software handles information for Cue Timer. It is written for transparency and App Store review, but it is not legal advice.

Who We Are

Cue Timer is provided by Niro Software. You can contact us about privacy requests at privacy@nirosoftware.com.

Information We Collect

Cue collects the minimum information needed to build and run custom timers, protect the service, process purchases, and diagnose failures.

• Voice recordings. When you use the microphone, Cue records a short audio prompt so it can be transcribed and turned into a timer. Audio is sent to our API for transcription and is not retained after normal timer creation unless you explicitly submit a correction or debug sample.
• Transcripts and timer prompts. Cue processes voice transcripts and typed prompts to generate timer specifications. These may be associated with a Firebase user ID, client install ID, request ID, and provider metadata while the request is processed.
• Generated timer data. Cue stores timer specifications you save in the app so the timers can run and be reopened.
• Account and device identifiers. Cue uses Firebase Authentication, including anonymous authentication, Firebase App Check, a client install ID, and request IDs to protect the API from abuse and keep usage tied to the correct app install.
• Purchase records. Cue uses RevenueCat, Apple, and Google to process purchases, restore purchases, and maintain credit balances. We receive purchase and entitlement events needed to grant and reconcile credits.
• Crash and diagnostic data. Cue uses Sentry and Cloudflare logs to understand crashes, API errors, rate limits, and service health. We scrub prompt and transcript fields from Sentry events before they are sent.
• Optional correction samples. If you choose to submit a correction or debug sample, Cue may retain the audio, transcript, corrected transcript, client install ID, Firebase user ID, device platform, app ID, project ID, transcription provider, transcription model, and timestamps so we can improve transcription and timer quality.

Information We Do Not Collect

Cue does not collect contacts, location, photos, calendar data, health data, browsing history, voice biometric identifiers, or advertising identifiers. Cue does not sell personal information, does not use third-party ad networks, and does not use your data for cross-app tracking.

How We Use Information

• To transcribe voice prompts and generate timer specifications.
• To save and run timers you create.
• To authenticate requests, prevent abuse, enforce rate limits, and protect paid provider usage.
• To process purchases, restore entitlements, manage credits, and reconcile purchase events.
• To debug crashes, production incidents, and failed requests.
• To improve Cue when you explicitly submit a correction or debug sample.

Service Providers

Cue relies on service providers to operate the app. Depending on the feature and current routing configuration, information may be processed by:

• Cloudflare, including Workers, D1, R2, Workers AI, AI Gateway, Pages, rate limiting, and operational logs.
• OpenAI for transcription and timer generation.
• Anthropic, Google Gemini, OpenRouter, or Cloudflare Workers AI as model providers or fallback providers.
• Firebase Authentication and Firebase App Check.
• RevenueCat, Apple, and Google for purchases, entitlements, and purchase restoration.
• Sentry for crash reporting and diagnostics.

Model-provider policies may change. As of this policy date, OpenAI states that API inputs and outputs are not used to train OpenAI models by default unless the customer opts in, and Anthropic states that commercial API data is not used to train generative models unless the customer opts in or submits feedback. Cue does not intentionally opt in to provider model training with your prompts, transcripts, or audio.

Retention

• Normal voice audio: processed transiently for transcription and not retained after normal timer creation.
• Optional correction samples: retained for up to 90 days unless a longer period is needed to investigate abuse, security, or legal obligations.
• Transcripts and timer specifications: retained while needed to provide the app and, for account-tied server records, for up to 30 days after deletion unless a longer period is required by law or abuse prevention.
• Crash and diagnostic data: typically retained for 30 to 90 days depending on the provider and plan.
• Purchase records: retained as long as needed for purchase restoration, tax, accounting, dispute, fraud-prevention, and legal requirements.

Security

Cue uses HTTPS in transit and relies on provider-managed encryption at rest for production services. Access to production systems is limited to operational needs. No internet service can be guaranteed completely secure, but we work to keep collection limited and logs scrubbed.

Your Choices and Rights

You can choose not to grant microphone permission and use typed prompts instead. You can decline optional correction or debug-sample submission. Depending on where you live, including the European Economic Area, United Kingdom, California, and other jurisdictions, you may have rights to access, correct, delete, export, or object to certain processing of your personal information.

To make a privacy request, email privacy@nirosoftware.com. We may need information sufficient to verify the request and locate relevant records.

Children

Cue is not directed to children under 13. If you believe a child under 13 has provided personal information through Cue, contact us and we will take appropriate steps to delete it.

International Processing

Cue and its service providers may process information in the United States and other countries where they operate. Those countries may have privacy laws that differ from your location.

Changes

We may update this policy as Cue changes. We will update the "Last updated" date above and, for material changes, provide additional notice where appropriate.

Contact

Niro Software
privacy@nirosoftware.com