Prodius
Terms of Service  ·   Subprocessors  ·   DPA

Privacy Policy

Last Updated: April 24, 2026 · Version 3.1 · Effective: April 24, 2026

Data Controller: Zenocritus B.V.
Hendrick Goltziusstraat 5, 7425 PJ Deventer, Netherlands
Chamber of Commerce (KvK): 65524829 · VAT: NL856147370B01
Contact: privacy@prodius.ai

Introduction

Prodius is a cloud-based voice transcription service that provides real-time speech-to-text conversion with AI-powered enhancement. This Privacy Policy explains how we collect, use, store, and protect your personal data.

Important: Prodius is a cloud-based service. Your audio recordings are transmitted through the Prodius Gateway (Amsterdam, Netherlands) to AI providers for processing. Practice tier subscribers are guaranteed EU-only processing via Azure OpenAI West Europe. Free and Personal tier subscribers may use US-based processors.

Key Privacy Principles

1. What Data We Collect

1.1 Account Information

1.2 Audio Recordings

1.3 Transcription Text

1.4 Payment Information

Prodius uses direct B2B invoicing (Zenocritus B.V.). We do not store credit card numbers.

1.5 Usage Data

1.6 Cookies and Tracking

Prodius does not currently use analytics cookies or third-party tracking technologies.

The Prodius desktop application does not use cookies. Authentication is handled via secure tokens stored locally on your device.

2. How We Process Your Data

2.1 Two-Stage Transcription Process

All data flows through the Prodius Gateway (Amsterdam, Netherlands) with zero data retention.

Stage 1: Speech Recognition

  1. Audio is transmitted from your device to the Prodius Gateway via encrypted connection (HTTPS)
  2. The Gateway forwards audio to the transcription provider
  3. The transcription provider converts speech to text
  4. Audio is never stored — processed in memory and immediately discarded

Stage 2: AI Enhancement

  1. Raw transcription text is forwarded through the Gateway to an AI language model
  2. The model improves punctuation, capitalization, and formatting
  3. Enhanced text is returned through the Gateway to your device
  4. Final transcription is typed directly into your active application — no server-side storage

Data Flow: Desktop App → Gateway (Fly.io Amsterdam, NL) → AI Provider (Azure OpenAI West Europe for B2B) → Gateway → Desktop App

Zero Retention: The Prodius Gateway processes all data in memory. Audio, transcription text, and enhanced text are never written to disk on our servers.

Third-Party Data Handling:

2.2 Account and Usage Data

2.3 Application Context Processing

To provide context-aware transcription accuracy and intelligent text formatting, Prodius may capture:

Context data is transmitted to the AI provider in real-time for that single request and is never stored on Prodius servers. Privacy protections include automatic exclusion of password managers and private browsing detection.

2.4 Local Screenshot Cache (Desktop App)

When you issue a command while a destination window is explicitly bound (manual target pick or pinned modal), Prodius captures a single screenshot of that window, sends it to the AI provider to ground the response, and — by default — caches the resulting JPEG on your own device so that you can see in the conversation view exactly which image was sent. This cache is intended as a transparency control: you can verify the provenance of every AI response grounded by a screenshot.

Where the cache lives (on your device, never on Prodius servers):

Retention:

Your control: The cache can be disabled entirely via Settings → Privacy → "Cache context screenshots locally" (default ON). When disabled, screenshots are still displayed inline for the duration of the turn in which they were sent, but are not written to disk and do not survive closing the modal.

No new third-party transmission: The screenshot is sent to the AI provider only once, as part of the command turn itself — the same transmission that was already covered before this cache existed. The local cache is a local-only copy of that same image, read by the Prodius desktop application when rendering your conversation history. Nothing from the cache is uploaded to Prodius, to AI providers, or to any other party.

File security: Cached files use standard operating-system file permissions (user-owned, readable by your OS user account). They are not additionally encrypted at rest by Prodius. For devices protected by full-disk encryption (FileVault, BitLocker, LUKS), the cache is encrypted as part of the wider disk. We recommend full-disk encryption for any device used for professional client work.

For firms subject to professional secrecy (beroepsgeheim): because the cache may contain pixels of documents in Outlook, Word, Excel, case-management systems, or similar, the compliance officer or IT administrator should include the paths above in the firm's device-hygiene policy (e.g., the existing policy for browser caches, recent-document lists, and other local AI-assistant histories). Disabling the cache in Settings is the simplest way to remove this surface entirely.

3. How We Use Your Data

3.1 Primary Purposes (Legal Basis: Contract Performance)

3.2 Service Improvement (Legal Basis: Legitimate Interest)

3.3 Communications (Legal Basis: Consent or Legitimate Interest)

4. Data Retention

Data TypeRetention Period
Audio RecordingsZero — in-memory processing only
Transcription TextZero — not stored on Prodius servers
Application Context (app name, window title, selected text)Zero on Prodius servers — processed in real-time, not stored
Context Screenshot — Prodius serversZero — processed in real-time by the AI provider, not stored on Prodius infrastructure
Context Screenshot — your own device (local cache)Up to 7 days by default (configurable); deleted on conversation delete; can be disabled in Settings. See Section 2.4.
Account DataWhile account active + 30 days after deletion
Usage MetricsWhile account active + 30 days after deletion
Billing DataPer tax law requirements (typically 7 years)

5. Third-Party Service Providers (Subprocessors)

We use the following third-party services. Your data is shared with them only as necessary for service delivery.

See the full Subprocessor List for details.

SubprocessorPurposeLocation
Azure OpenAI (Microsoft)Transcription + AI enhancement (B2B)Netherlands (West Europe)
OpenAI, L.L.C.AI enhancement (fallback)United States
Groq, Inc.Transcription + AI (dev/free tier)United States
Fly.io, Inc.Gateway hostingAmsterdam, Netherlands
Supabase, Inc.Authentication + usage trackingFrankfurt, Germany
TransIPEmail deliveryAmsterdam, Netherlands
Sentry (Functional Software, Inc.)Error monitoring and performance tracingFrankfurt, Germany

Changes: We will notify you 30 days before adding new subprocessors that handle your personal data.

6. Data Security

6.1 Technical Safeguards

6.2 Limitations

In Case of Breach: We will notify affected users without undue delay, and in any event within 24 hours of becoming aware of the breach (see our DPA for full details). We will provide details about the breach, affected data, and remediation steps. We will also notify the Autoriteit Persoonsgegevens within 72 hours as required by GDPR Article 33.

7. Your Privacy Rights

7.1 GDPR Rights (EU/UK/EEA Residents)

Under the General Data Protection Regulation, you have the right to:

How to Exercise Rights: Email privacy@prodius.ai. We will respond within 30 days.

7.2 CCPA Rights (California Residents)

8. International Data Transfers

8.1 Practice Tier (EU-Only Processing)

For Practice subscribers, all data processing stays within the European Union:

8.2 Free & Personal Tiers (May Include US Processing)

For Free and Personal subscribers, AI processing uses Groq (US) with OpenAI (US) as fallback. These tiers are not suitable for processing client-confidential data. We implement safeguards including:

If you object to US processing, contact us about upgrading to the B2B tier for EU-only processing.

9. Children's Privacy

We do not knowingly collect data from children below minimum ages.

10. What Prodius Does NOT Do

11. HIPAA Compliance

Prodius is NOT HIPAA-Compliant. Do not use Prodius to transcribe Protected Health Information (PHI). See our Terms of Service for details.

12. Accuracy Disclaimer

Transcriptions may contain errors. You should independently verify all transcriptions, especially for legal documents, financial reports, and safety-critical communications. See our Terms of Service for full disclaimer.

13. Changes to This Policy

Material changes will be communicated via email notification (30 days advance notice) and updated effective date. Continued use after changes take effect constitutes acceptance.

14. Contact Information

Data Protection Authority: Dutch Data Protection Authority (Autoriteit Persoonsgegevens) — https://autoriteitpersoonsgegevens.nl/

Summary

Data TypeRetentionShared With
AudioZero — in-memory onlyAI provider (for transcription)
TranscriptionsZero — not storedAI provider (for enhancement)
App Context (text)Zero on Prodius serversAI provider (in enhancement request)
Context ScreenshotZero on Prodius servers; optional local cache on your device (default 7 days, can be disabled — see §2.4)AI provider (for the bound-destination command turn only)
Account InfoWhile active + 30 daysSupabase (Frankfurt, EU)
Usage MetricsWhile active + 30 daysSupabase (Frankfurt, EU)
Billing DataPer tax law (7 years)None (direct B2B invoicing)

Last Updated: April 24, 2026 · Version 3.1 · Effective: April 24, 2026

Changes in v3.1: Added Section 2.4 describing the optional local cache of bound-destination context screenshots on the user's device. Retention table in Section 4 and the Summary table now distinguish server-side retention (zero) from the local-device cache (default 7 days, configurable, can be disabled in Settings).