Legal

Privacy Policy

Last updated: February 18, 2026

Typeone AI (“we,” “our,” or “us”) operates Tikko, an iOS application for solo sales professionals. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. We are committed to handling your information with transparency and care.

By using Tikko, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the app.

1. Information We Collect

1.1 Account Information

When you create a Tikko account, we collect the following depending on your sign-in method:

  • Apple Sign In: your name (if shared) and an anonymized Apple-generated email relay address or your real email address if you choose to share it.
  • Email registration: your email address and a hashed password (we never store passwords in plain text).

1.2 Voice Recordings

Tikko allows you to record voice memos immediately after phone calls. These recordings are:

  • Captured and stored locally on your device using Apple's AVFoundation framework.
  • Never transmitted to our servers unless you have enabled cloud sync in Settings.
  • If sync is enabled, encrypted audio files are stored in your Supabase-backed cloud storage associated with your account.
  • Used solely to generate transcripts — they are not listened to, analyzed, or shared by us.

1.3 Transcripts

Transcription is performed entirely on your device using Apple's Speech framework. The resulting text:

  • Is stored locally in the app's SwiftData database.
  • Is optionally synced to your Supabase cloud account if sync is enabled.
  • Is sent to our AI processing edge function (see Section 1.4) to extract intelligence.

We do not retain or sell transcript text. It is processed transiently to generate the AI outputs described below.

1.4 AI-Processed Data

When you request AI processing, your transcript text is sent from your device to a Supabase Edge Function operated by us. That function calls the Anthropic API on the server side to extract:

  • A summary of the call.
  • Key details (e.g., budget, timeline, objections, next steps).
  • Sentiment analysis (e.g., positive, neutral, or cautious).
  • Suggested follow-up actions and dates.

Important: Transcript text is sent to Anthropic's API server-side only, through our edge function. Your data is not sent directly from your device to Anthropic. The results returned by the AI (summaries, key details, sentiment, follow-ups) are stored locally on your device and optionally synced to your Supabase account.

Anthropic processes data pursuant to their own Privacy Policy. We use Anthropic Claude under a commercial API agreement; Anthropic does not train on API data by default.

1.5 Lead and Contact Information

You may create lead records containing information you enter manually, including:

  • Contact names and company names.
  • Phone numbers.
  • Pipeline stage and deal status.
  • Notes and custom fields.

This information is entirely user-generated. It is stored locally and optionally synced to your Supabase account. We do not share or sell this data.

1.6 Usage Analytics

We may collect basic, anonymized usage information to improve the app, such as:

  • Which features are used and how frequently.
  • App session duration.
  • Crash reports and error logs.

This data does not contain the content of your recordings, transcripts, or leads. It is used solely for product improvement.

1.7 Device Information

For debugging and support purposes, we may collect limited device information including:

  • iOS version.
  • Device model (e.g., iPhone 15 Pro).
  • App version.
  • Crash logs and stack traces.

1.8 What We Do Not Collect

  • Location data — we do not access or collect GPS or location information.
  • Payment or financial information — Tikko is currently free with no in-app purchases.
  • Contacts from your device address book.
  • Cookies — Tikko is an iOS app with no cookie-based tracking.
  • Third-party social profile data beyond what Apple Sign In provides.

2. How We Use Your Information

  • To authenticate you and maintain your account.
  • To provide the core features of the app: recording, transcription, AI extraction, lead management, and follow-up reminders.
  • To sync your data across devices when you enable cloud sync.
  • To send you transactional notifications (e.g., follow-up reminders) via Apple Push Notification Service (APNs).
  • To improve the app through aggregated, anonymized analytics.
  • To respond to your support requests sent to support@tikko.ai.
  • To comply with applicable laws and regulations.

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We share limited data only in these circumstances:

3.1 Service Providers

We use the following sub-processors to operate Tikko. Each is bound by data processing agreements:

ProviderPurposeData Shared
SupabaseAuthentication, cloud sync, edge functionsAccount info, recordings (if sync enabled), transcripts, AI outputs, leads
AppleSign In with Apple, on-device Speech framework, push notificationsAuthentication tokens; on-device processing only for Speech
AnthropicAI intelligence extraction via server-side edge functionTranscript text (server-side only, not sent directly from your device)

3.2 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of Typeone AI, our users, or the public.

3.3 Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred. We will provide notice before your data is subject to a different privacy policy.

4. Data Storage and Security

4.1 Local Storage

By default, all your data — recordings, transcripts, AI-processed results, and leads — is stored exclusively on your device using Apple's SwiftData framework. This data is protected by iOS device encryption and your device passcode or biometrics.

4.2 Cloud Sync (Optional)

If you enable cloud sync, your data is encrypted in transit (TLS) and stored in Supabase infrastructure. Supabase stores data in AWS data centers. Row-level security policies ensure your data is accessible only by your authenticated account.

4.3 Security Practices

  • All data in transit is encrypted using TLS 1.2 or higher.
  • API keys and secrets are stored server-side and never embedded in the app binary.
  • We follow industry-standard security practices and promptly address known vulnerabilities.
  • We limit internal access to user data to personnel with a legitimate need.

4.4 Data Retention

Data stored locally on your device is retained until you delete it or uninstall the app. Data in your cloud account is retained until you delete your account or request deletion. We may retain anonymized analytics data for product improvement after account deletion.

5. Your Rights and Choices

5.1 Access and Portability

You may request a copy of the personal data we hold about you by contacting us at privacy@tikko.ai. For data stored locally on your device, you have direct access at all times within the app.

5.2 Correction

You can update your account information directly within the app or by contacting us. Lead and interaction data can be edited at any time.

5.3 Deletion

You can delete individual recordings, transcripts, interactions, or leads within the app. To delete your entire account and associated cloud data, contact us at privacy@tikko.ai. We will process deletion requests within 30 days.

5.4 Opt Out of Analytics

You can opt out of usage analytics in the app's Settings screen. Opting out does not affect core functionality.

5.5 Disable Cloud Sync

Cloud sync is optional and can be toggled off in Settings at any time. When disabled, no new data is sent to our servers.

6. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA):

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the purposes for which it is used, and any third parties with whom it is shared.
  • Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is needed.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To exercise your California rights, contact us at privacy@tikko.ai. We will respond within 45 days as required by law.

7. European and UK Privacy Rights (GDPR / UK GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under GDPR / UK GDPR, including:

  • Right of access to your personal data.
  • Right to rectification of inaccurate data.
  • Right to erasure ('right to be forgotten').
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to processing based on legitimate interests.
  • Right to withdraw consent at any time (where processing is based on consent).

7.1 Legal Bases for Processing

  • Contract performance: processing necessary to provide the services you signed up for.
  • Legitimate interests: improving the product, preventing fraud, and ensuring security.
  • Legal obligation: compliance with applicable law.
  • Consent: where you have specifically opted in (e.g., analytics).

7.2 International Transfers

Your data may be transferred to and processed in the United States. Where such transfers occur, we rely on appropriate safeguards including Standard Contractual Clauses (SCCs) where applicable.

To exercise your GDPR rights, contact us at privacy@tikko.ai. You also have the right to lodge a complaint with your local data protection authority.

8. Children's Privacy

Tikko is not directed to children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at privacy@tikko.ai and we will promptly delete it.

9. Third-Party Links and Services

The app may reference or link to third-party services (such as Supabase or Apple). This Privacy Policy does not apply to those third parties, and we encourage you to review their own privacy policies. We are not responsible for the privacy practices of third-party services.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app or by email at least 14 days before the change takes effect. Continued use of Tikko after that period constitutes acceptance of the updated policy.

The “Last updated” date at the top of this page reflects the most recent revision.

11. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy, please contact us:

Typeone AI

Privacy inquiries: privacy@tikko.ai

General support: support@tikko.ai

Website: tikko.ai