CouchVox is a commercial macOS app built by Lex Tang (“I”, “me”). This Privacy Policy explains what the app collects, how it is used, and the third-party services it contacts.
The most important thing to know: by default, your voice recordings and transcripts are processed on your device and are never uploaded to any server. The only data the app itself sends off-device automatically is limited, anonymized crash reports and basic usage analytics through Google Firebase, described below—and only after you allow Events & Crash Reports. Anything beyond that (cloud ASR/LLM, licensing) is strictly opt-in and initiated by you.
Full Privacy Mode
In Settings -> General you can enable Full Privacy mode (off by default). When it is on, CouchVox prioritizes keeping work on your Mac and turns off network-facing product features that are not required for local use:
- Analytics events and crash reports are disabled (same effect as turning off Events & Crash Reports; the separate Events toggle is hidden while Full Privacy is on).
- Remote (cloud) ASR models are unavailable. You can still use on-device transcription models.
- Remote LLM providers (cloud model services) are unavailable. Local providers such as Ollama or LM Studio can still be used when configured on your machine.
- AI Automation (Computer Use, Browser Use, Script Automation) is disabled.
Full Privacy mode does not delete existing history, models, or settings on disk. You can turn it off at any time in General settings. For what analytics would collect when Full Privacy is off and Events & Crash Reports is on, see App Analytics Events.
Voice and Audio Data
When you use CouchVox, audio from your microphone (or from a paired Siri Remote) is captured and transcribed on your Mac. Voice recordings, transcripts, and any text you speak are kept locally on your device. The app does not send your voice records, audio files, or transcription text to any server operated by me.
Voice-operation history—including transcripts, timing metrics, and (if you enable it) the audio recordings—is stored in a local database on your Mac under ~/Library/Application Support/CouchVox/. You can browse and delete this history at any time from the app’s History settings. Nothing in this history is ever transmitted off the device by the app.
Crash Reports and Usage Analytics
On first launch, CouchVox asks whether you want to share crash reports and key event statistics. You can change this anytime in Settings -> General under Events & Crash Reports, or turn on Full Privacy mode to disable analytics along with remote ASR, remote LLM providers, and AI Automation.
When you allow analytics, CouchVox uses Google Firebase to collect limited crash reports and basic usage analytics. This may include:
- Anonymous crash diagnostics (stack traces, app state, and OS/app version) when the app crashes;
- Product events such as dictation outcomes (success/failure, model id, mic source—not transcript text), preference snapshots, and aggregated remote usage counts;
- Which screens and features are opened;
- An anonymized, app-scoped instance identifier used to group events;
- Approximate region inferred from IP address (no precise location is collected).
For the full public list of event names and fields, see App Analytics Events. The in-app Review Events control opens that page.
Firebase analytics does not receive your voice recordings, transcripts, account credentials, or any content you dictate—audio stays on your device whether Events & Crash Reports is on or off. No Advertising Identifier (IDFA) is collected. Firebase is a data controller for this limited data; see Google’s privacy policy at firebase.google.com/support/privacy.
Website Analytics
This website (couchvox.com) uses Google Analytics 4 to measure anonymous traffic — which pages are visited, roughly where visitors come from, and aggregate counts of downloads and purchases. IP addresses are anonymized, no personal account information is sent, and you can opt out via any standard ad/tracking blocker or your browser’s “do not track” setting. See Google’s privacy policy at policies.google.com/privacy.
How Models Are Downloaded
CouchVox does not bundle its speech-recognition (ASR) or language (LLM) models. Instead, models are downloaded on demand the first time you need them. Depending on the download source you choose, the app contacts one of these public model hubs:
| Domain | Purpose |
|---|---|
huggingface.co | Default model hub (Hugging Face) for ASR and LLM model files. |
hf-mirror.com | Optional Hugging Face mirror, useful in regions with limited connectivity to the default hub. |
modelscope.cn | Alibaba ModelScope, an alternative source for model files. |
Only the model files themselves are transferred—your audio and transcripts are never sent to these hubs. Once downloaded, models live in ~/Library/Application Support/CouchVox/VoiceAI/Models/ and are used entirely offline.
Network Domains the App Contacts
The following table summarizes every external domain CouchVox may contact, what each is used for, and what data (if any) is sent to it. Domains marked “automatic” are contacted by the app on its own; the rest are contacted only when you explicitly enable a feature or connect an account.
| Domain | Purpose | Sent automatically? |
|---|---|---|
firebase*.google.com | Firebase crash reports and usage analytics. | Yes |
google-analytics.com, googletagmanager.com | Website (couchvox.com) traffic analytics — visited only in your browser, not by the app. | On the website |
couchvox.com | Checking for app updates (Sparkle appcast). | Yes |
lex.sh | Loading the “other apps” list shown in the About page. | On opening About |
huggingface.co | Downloading ASR/LLM model files. | When you download a model |
hf-mirror.com | Downloading model files from the mirror. | When you download a model |
modelscope.cn | Downloading model files from ModelScope. | When you download a model |
api.polar.sh / entitlement gateway | Activating and validating a Pro license via Polar (through the CouchVox entitlement gateway). | Only when activating Pro |
Optional cloud AI providers. CouchVox lets you connect your own cloud accounts for transcription or language models. If you add an AI provider (for example OpenAI, Anthropic, Google Gemini, Groq, DeepSeek, Deepgram, AssemblyAI, ElevenLabs, and others), the app will send your audio and/or transcript text directly to that provider’s API so it can process your request. These connections are entirely optional—you must enter your own API key to enable them—and the data goes straight from your Mac to the provider, not through me. If you stick with the default on-device models, none of this happens.
Information Stored on Your Device
The app keeps the following on your Mac and does not transmit any of it to me:
- App settings and preferences (stored in macOS user defaults);
- Your voice-operation history: transcripts, timing, and optional audio recordings (stored in a local database you control);
- Downloaded model files;
- API keys and license tokens you enter (stored in macOS Keychain).
Licensing and Purchases
CouchVox Pro is activated with a license key. When you activate, your license key is sent to the Polar gateway to validate your purchase. A license token is then stored locally on your Mac. No account or password is required, and I do not maintain a user account system.
Permissions
CouchVox requests the following macOS permissions, each used only for its stated purpose:
- Microphone — to capture audio for on-device transcription.
- Speech Recognition — for Apple’s on-device speech framework, when selected.
- Bluetooth — to pair with an Apple TV Siri Remote used as a wireless microphone.
- Accessibility — for optional AI automation features (typing text and running commands on your behalf).
Service Providers
I rely on these third parties to operate the app:
- Google Firebase — crash reporting and usage analytics, as described above.
- Hugging Face, hf-mirror.com, and ModelScope — hosting model files for download.
- Polar — payment processing and license management.
Each provider has its own privacy policy governing any data they receive.
Security
I use commercially reasonable measures to protect any data collected. However, no method of transmission over the internet or electronic storage is 100% secure, so I cannot guarantee absolute security.
Children’s Privacy
CouchVox is not directed at children under 13. I do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact me so I can delete it.
Changes to This Privacy Policy
I may update this policy from time to time. I will post changes on this page and update the effective date above.
This policy is effective as of 2026-07-13.
Contact
If you have any questions about this Privacy Policy, contact me at [email protected].