Back to Wordcast

Legal

Privacy Policy

Last updated: February 23, 2026

Wordcast ("we", "us", or "our") is committed to protecting your privacy. This policy describes what information we collect, how we use it, and your rights regarding it. By using Wordcast, you agree to the practices described here.

1. Information We Collect

Account information: When you create an account we collect your email address, a hashed password (if using email sign-in), and your church or organization name. If you sign in with Google, we receive your name and email address from Google.

Audio and transcripts: During a live session the broadcaster's audio is streamed to our transcription provider (Deepgram) for real-time speech-to-text. The resulting transcript text — not the raw audio — is stored in association with your account. Raw audio is not retained by us after transcription.

Translation data: Transcript segments are sent to AI translation providers to generate translations in the listener's chosen language. Translated text is streamed to listeners in real time and is not stored separately.

Usage data: We collect session duration, listener count, languages selected, and similar operational metrics to run the service and calculate billing.

Listener data: Listeners join via QR code or link and are not required to create an account. We do not collect any personally identifiable information from listeners beyond their selected language and an anonymous session token that expires when the session ends.

Billing data: Payment information is collected and stored directly by Stripe. We receive only a customer ID and subscription status — we never see or store full card numbers.

2. Cookies and Local Storage

We use cookies and browser local storage to keep you signed in across sessions. These are functional cookies necessary for the service to operate — we do not use advertising or third-party tracking cookies.

Supabase, our authentication provider, sets a session cookie when you log in. This cookie is required for the service to function and cannot be opted out of while using Wordcast.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Wordcast service
  • Store and serve session transcripts to your account
  • Process subscription payments through Stripe
  • Send transactional emails (receipts, password reset, service notices)
  • Monitor performance, debug issues, and prevent abuse

We do not sell your personal information or use it for advertising purposes.

4. Third-Party Services

Wordcast relies on the following third-party providers to operate. Each has their own privacy policy governing their handling of data.

  • Deepgram — real-time speech-to-text transcription
  • OpenRouter / Google Gemini — AI-powered translation
  • Azure Cognitive Services — text-to-speech synthesis
  • Supabase — database, authentication, and file storage
  • Stripe — subscription billing and payment processing
  • Resend — transactional email delivery (team invitations, service notices)

Audio and transcript data is transmitted to Deepgram and AI translation providers as a necessary part of delivering the service. We do not authorize these providers to use your data for their own training or any purpose beyond delivering the service to you.

5. Data Retention

Session transcripts are retained for as long as your account is active. You may delete individual sessions or your entire account at any time from the dashboard.

Upon account deletion, all associated personal data and transcripts are permanently removed within 30 days. Billing records may be retained longer as required by law.

6. Children's Privacy

Wordcast is intended for use by adults (18+) on behalf of their churches or organizations. We do not knowingly collect personal information from children under 13. Listeners who join a session — including minors attending a church service — are anonymous and no personal data is collected from them.

If you believe a child under 13 has provided us with personal information, please contact us at privacy@wordcast.live and we will promptly delete it.

7. Security

All data is transmitted over HTTPS. Passwords are hashed and never stored in plaintext. Access to production systems is restricted to authorized personnel. We use Supabase's row-level security to ensure users can only access their own data.

No system is perfectly secure. We cannot guarantee absolute security and are not liable for unauthorized access that occurs despite reasonable precautions.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: request a copy of the data we hold about you
  • Correction: request correction of inaccurate data
  • Deletion: request deletion of your account and data
  • Portability: receive your data in a portable format
  • Objection: object to or restrict certain processing

EU/EEA residents (GDPR): Our lawful basis for processing your data is performance of a contract (to provide the service you signed up for). You have the right to lodge a complaint with your local data protection authority.

California residents (CCPA): We do not sell personal information. You have the right to know what data we collect and to request deletion.

To exercise any of these rights, email privacy@wordcast.live. We will respond within 30 days.

9. Changes to This Policy

We may update this policy from time to time. We will notify account holders of material changes by email at least 14 days before they take effect. Continued use of Wordcast after changes take effect constitutes acceptance of the updated policy.

10. Contact

Questions or concerns about your privacy? privacy@wordcast.live