Back to home

Privacy Policy for Brain Spill

GDPR – EU

Last updated: January 26, 2026

1. Introduction

Brain Spill ("we", "our", or "us") respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

This Privacy Policy explains how personal data is collected, used, stored, and protected when you use the Brain Spill Android application ("App").

2. Data Controller

For the purposes of GDPR, the data controller is:

Brain Spill

Contact email: support@brainspill.net

3. Who This App Is For

Brain Spill is not intended for children under the age of 13.

We do not knowingly collect personal data from children under 13. If such data is discovered, it will be deleted without delay.

4. Legal Bases for Processing (GDPR Article 6)

We process personal data under the following legal bases:

Contractual necessity

To provide core app functionality (account, sync, AI features)

User consent

For voice recordings, AI processing, and analytics

Legitimate interest

For app security, performance monitoring, and crash reporting

You may withdraw consent at any time by deleting your account.

5. Account Types

Guest mode

Limited functionality, no account required

Registered account

Required for:

  • Voice-to-AI notes and tasks
  • Voice transcription
  • Cloud backup and sync

6. Personal Data We Collect

6.1 Account Information

  • Email address
  • Password (stored securely using encryption or hashing)

6.2 User-Generated Content

  • Voice recordings
  • Voice transcriptions
  • AI-generated notes and tasks

This data is processed only to provide app functionality.

6.3 Technical & Usage Data

  • Device model and Android version
  • Anonymous identifiers
  • App usage statistics
  • Crash and error reports

7. How We Use Your Data

Your data is used to:

  • Operate and maintain the App
  • Transcribe voice input and generate notes/tasks using AI
  • Sync and back up your content
  • Improve performance and reliability
  • Detect and resolve errors
  • Ensure security and prevent misuse

We do not sell personal data.

8. AI Processing & Third-Party Processors

Brain Spill uses third-party data processors to deliver its services, including:

  • AI services (OpenAI - for transcription and task generation)
  • Cloud storage providers (for backup and sync)
  • Firebase Analytics (Google) - for anonymous usage statistics and app improvement
  • Crash reporting services
  • Authentication providers (e.g. Google, Apple)

These processors act only on our instructions and are contractually bound to comply with GDPR.

Analytics Opt-Out: You can disable analytics collection at any time in the app settings under Privacy → Share usage analytics.

9. International Data Transfers

Some data may be processed outside the European Union. When this occurs, we ensure appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • GDPR-compliant processing agreements

10. Data Retention

We retain personal data:

  • While your account remains active
  • Until you delete your content or account

After account deletion:

  • Personal data is permanently removed
  • Some data may remain temporarily in encrypted backups, then deleted automatically

11. Your GDPR Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify incorrect or incomplete data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time

You can exercise most of these rights directly inside the app, including full account deletion.

12. Data Deletion

You may delete your account at any time using the in-app account deletion feature.

If you don't have access to the app, you can request account deletion through our web form:

Request Account Deletion

Once deleted:

  • All personal data and content are permanently removed
  • Recovery is not possible

13. Data Security

We apply appropriate technical and organizational measures to protect your data, including:

  • Encrypted data transmission
  • Secure storage
  • Restricted access controls

While no system is completely secure, we take data protection seriously.

14. Ads & Tracking

Brain Spill:

  • Does not show ads
  • Does not use advertising trackers
  • Does not share data for marketing or profiling

15. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the "Last updated" date. Material changes may be communicated within the app.

16. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local EU Data Protection Authority (DPA).

17. Contact

For any questions regarding this Privacy Policy or your personal data:

Email: support@brainspill.net