Privacy Policy
Conduck
Last Updated: 2026-05-24
Data Controller: GigaDuck OÜ Tornimäe tn 5, 10145 Tallinn, Estonia Registry code: 17501858 (Estonian Business Register) Email: [email protected] · General: [email protected]
Overview
Conduck is a voice and text client for your own AI assistant. It transcribes your speech and relays your messages to a speech-to-text provider and an AI gateway that you configure and pay for directly. It runs on iPhone, iPad, Mac, Apple Watch, and Apple CarPlay.
The defining fact of this app: it has no servers. GigaDuck OÜ operates no backend, runs no analytics, and never receives your audio, your messages, your AI’s replies, your gateway address, or your access keys. Everything happens either on your device or directly between your device and services you chose.
Key points:
- No backend, no account. We run no servers. You are identified only by a random device ID stored in your device Keychain — never sent to us (we have nowhere to send it).
- By default, your audio never leaves your device. Fresh installs use Apple’s on-device speech recognition; transcription happens locally.
- If you choose a cloud transcription provider, your audio goes directly from your device to that provider using your own API key. We are not in that path.
- Your messages go directly to the AI gateway you configured, using your own access token. We never see the address, the token, or the conversation.
- Your conversation history is stored on your device and in your own iCloud (Apple CloudKit private database). We have no access — the same way we can’t read your Apple Notes.
- No analytics, no telemetry, no tracking. Zero outbound data to GigaDuck.
1. What We Collect
We collect nothing on any server, because we operate no server. GigaDuck OÜ has no database, no logs, and no analytics that receive any data from this app.
The table below describes where your data lives and who, if anyone, receives it.
| Data | Who receives it | Stored by us? |
|---|---|---|
| Voice recordings | (a) No one when Apple on-device transcription is active — processed locally, then discarded; (b) the cloud transcription provider you selected, sent directly with your key, if you opt into one | No |
| Transcribed text + your messages | The AI gateway you configured, sent directly with your token | No |
| AI replies | Returned from your gateway to your device | No |
| Conversation history | Your device + your iCloud (Apple CloudKit private database) | No |
| Device identifier | Your device Keychain only | No — never transmitted |
| Access keys / tokens (transcription provider, gateway) | Your device Keychain only | No — never transmitted, never logged |
| Tip purchase | Apple (App Store) | No |
Data We Do NOT Collect
- No audio, transcripts, messages, or replies on any GigaDuck server (we have none)
- No account, email, name, or contact information
- No analytics, usage events, or crash telemetry
- No advertising identifiers, no fingerprinting, no tracking
- No precise or coarse location
2. How Your Data Flows
Conduck performs two independent, device-direct hops. GigaDuck is in neither.
Hop 1 — Speech to text.
- Apple on-device (default): audio is transcribed by Apple’s Speech framework entirely on your device. It is never uploaded anywhere. Audio is held in memory only for the duration of transcription, then discarded.
- Cloud provider (optional): if you switch to a cloud transcription provider in Settings, your audio is sent directly from your device to that provider using the API key you entered. That provider processes the audio under its own privacy policy. You chose the provider; you hold the key; you are responsible for that relationship.
Hop 2 — Message to your AI gateway. Your transcribed (or typed) message, together with the prior turns of the current conversation, is sent directly from your device to the AI gateway address you configured, authenticated with the access token you entered. The reply is returned to your device. GigaDuck never sees the address, the token, the message, or the reply.
Because you bring your own keys and your own server, the privacy and data-retention terms that apply to these hops are those of the provider and gateway you selected — not GigaDuck’s. We recommend reviewing the privacy policy of any cloud transcription provider you enable and of the AI gateway you operate or subscribe to.
3. Third-Party Services
GigaDuck OÜ does not contract any sub-processors for this app. The third parties below are involved only because of your own configuration or Apple’s platform:
Apple Inc.
- App distribution and tip purchases via the App Store and StoreKit. If you leave an optional tip, Apple processes the payment; GigaDuck receives no payment details and keeps no record (there is no backend to keep one).
- iCloud / CloudKit stores your conversation history and settings in your own iCloud private database, encrypted in transit and at rest by Apple. GigaDuck has no access.
- Watch Connectivity and CarPlay frameworks support the watch and in-car surfaces.
- Apple Privacy Policy
Transcription provider you selected (optional)
If you enable a cloud transcription provider, your audio is sent to that provider under your own account and key. GigaDuck has no contract with them on your behalf, and their handling of your audio is governed by their policy. (The default — Apple on-device transcription — involves no third party.)
AI gateway you configured
The AI assistant you connect to is a server you operate or subscribe to. Your messages and conversation context go there under your own token. GigaDuck has no relationship with it.
4. Storage and Security
| Data | Location |
|---|---|
| Voice recordings | Not stored. Held in memory only during transcription, then discarded. With a cloud provider, any retention is governed by that provider. |
| Transcribed text / messages / replies | Not stored by us. Persisted as conversation history on your device + your iCloud. |
| Conversation history | Your devices + your iCloud private database (Apple CloudKit). Encrypted by Apple. We have no access. |
| Device identifier + access keys/tokens | Your device Keychain only. Never transmitted. |
Security measures:
- Audio is held in memory and deleted immediately after each transcription (cleanup is enforced on every path, success or failure).
- Access keys and gateway tokens are stored in the device Keychain and are never logged or shown in error messages.
- Connections to your gateway use HTTPS; plain-HTTP gateway addresses are rejected. For a self-signed gateway certificate, you may pin its fingerprint.
5. Data Retention
- On GigaDuck servers: none — we have no servers.
- Audio: not retained by us. On-device transcription discards it immediately; a cloud provider’s retention is governed by that provider (review their policy).
- Conversation history: kept on your devices and in your iCloud until you delete a conversation in the app, delete the app, or sign out of iCloud. Deleting on one device propagates to the others via iCloud.
- Device identifier / keys / tokens: kept in your device Keychain until you delete the app or remove them in Settings.
6. International Data Transfers
GigaDuck OÜ initiates no international data transfers — we receive no data to transfer. Any transfer that occurs is between your device and a service you chose (a cloud transcription provider or your AI gateway), or is Apple’s iCloud/StoreKit handling under Apple’s own published safeguards. Those transfers are governed by the terms of the service you selected and by Apple’s standard agreements.
7. Your Rights (GDPR)
Because we hold no personal data about you on any server, there is in practice almost nothing for us to access, correct, or erase — and we cannot identify you (we have no account system and never receive your device ID).
You remain in full control of the data the app does touch:
- Your conversation history: view, edit, or delete it directly in the app on any of your devices; deletions sync via iCloud. Removing the app and its iCloud data erases it entirely.
- Your keys and tokens: remove them in Settings at any time.
For any data you believe we hold, or to ask about this policy, email [email protected]; we will respond within 30 days. Under the GDPR you also have the right to lodge a complaint with a supervisory authority; our lead authority is the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon).
For data held by a cloud transcription provider or by your AI gateway, exercise your rights directly with that provider — they, not GigaDuck, are the controller for what you send them.
8. Children’s Privacy
Conduck is not directed at children under 13. We do not knowingly collect data from children (and, having no backend, we collect no server-side data from anyone). For questions about the app, email [email protected].
9. Changes to This Policy
We may update this policy from time to time. We will update the “Last Updated” date and post the current version in the app and on our website. Continued use after changes constitutes acceptance.
10. Contact
Email: [email protected] Data Controller: GigaDuck OÜ, Tornimäe tn 5, 10145 Tallinn, Estonia · Registry code 17501858 · General: [email protected]