Privacy Policy

1. Information We Collect

Account information: email address, authentication provider IDs, profile avatar URLs when provided by Google or Apple, session records, and optional reminder email settings.

User-uploaded content: TXT or EPUB files, extracted chapter text, metadata such as title and author, generated audio, processing status, and storage object references.

Payment information: Stripe checkout session IDs, invoice IDs, customer IDs, subscription plan tier, expected credit balance, payment status, and webhook processing records. WristListen does not store full card numbers.

Invite and referral information: invite codes, inviter and invitee account relationships, claim status, reward ledger entries, review decisions, and related timestamps.

Device and diagnostic data: Garmin pairing codes, device tokens, library feed requests, and watch diagnostic logs submitted by the app.

User-provided TTS API key data: encrypted Xiaomi MiMo API keys, key prefixes, keyed fingerprints, validation status, sharing preference, validation timestamps, usage timestamps, failure timestamps, and related audit metadata. WristListen does not return the full key after saving.

Technical and analytics data: request metadata, IP-derived rate-limit keys, IP-derived country or ASN metadata, User-Agent-derived hashes, invite landing cookies, error logs, cookies, and analytics events used to operate, secure, and improve the service.

2. How We Use Information

We use account data to authenticate users, secure sessions, provide profile controls, and send transactional emails.

We process user-uploaded books only to parse chapters, estimate WristListen credit usage, generate requested audio, store generated files, and make the prepared library available for Garmin sync.

We use payment and ledger data to create checkout sessions, confirm paid invoices through Stripe webhooks, grant credit balances, record generated audio storage duration, and send purchase receipts.

We use invite, diagnostics, technical, and log data to debug product behavior, protect against abuse, detect suspicious reward patterns, review invite claims, reverse abusive credits when needed, and maintain reliable service.

We use user-provided TTS API keys to validate the key, generate audio requested by the key owner, and, only when sharing is enabled by the user, provide pooled TTS capacity for other users. Shared pool use does not disclose the key to other users.

3. User Content and Copyright

Books and source files are uploaded voluntarily and at the direction of the user. WristListen does not provide books, select source material for users, or verify the copyright status of uploaded files.

Users remain solely responsible for confirming that they own, control, or otherwise have the necessary rights and permissions to upload, process, transform, generate audio from, and sync any book or text they submit.

WristListen does not claim ownership of user-uploaded books or generated audio. To operate the service, users grant WristListen a limited license to host, process, transform, store, transmit, and make available their submitted content and generated outputs.

To the fullest extent permitted by law, WristListen is not responsible for copyright disputes, ownership disputes, licensing conflicts, takedown claims, or other liabilities arising from user-uploaded content or user-directed generation.

4. Service Providers

We may share necessary information with service providers that help operate WristListen, including Cloudflare for hosting, storage, databases, Workers, rate limiting, and email routing; Stripe for payments; Google and Apple for federated sign-in; analytics providers; and TTS or transcoding providers used to generate audio.

These providers process information for service operation, security, payment, authentication, storage, analytics, or audio generation purposes.

When Xiaomi MiMo TTS is used, WristListen may transmit the text selected for generation, voice settings, request metadata, and the applicable platform, shared, or user-provided MiMo API key to Xiaomi MiMo for TTS processing.

5. Retention and Deletion

We retain account, upload, generated audio, payment ledger, and device-sync data for as long as needed to provide the service, maintain balances, satisfy legal or accounting obligations, resolve disputes, prevent abuse, or enforce our terms.

Users can delete books and generated audio from the console where supported. Some transaction, security, diagnostic, and legal records may be retained after deletion when reasonably necessary.

Users can remove their saved MiMo API key from Profile. Removing the key deletes the stored encrypted key and removes it from any shared key pool.

6. Security, International Processing, and Changes

We use technical and organizational measures intended to protect user data, but no internet service can guarantee absolute security.

WristListen is built for overseas users and may process data in countries where our infrastructure or service providers operate.

We may update this policy as the product, providers, or legal requirements change. Material changes will be reflected by updating this page.

7. Contact

For privacy, copyright, or policy questions, contact support@WristListen.com.