Published beta document
Privacy Policy
Last updated: April 2026
This Privacy Policy was drafted by the author without attorney review. GDPR, CCPA, and other jurisdiction-specific requirements may not be fully addressed. This document describes actual data-handling practices in good faith but is not a substitute for a lawyer-reviewed policy. Consult a qualified attorney before relying on these terms for regulatory compliance.
Summary
Talk-to-Tux has two user-facing modes. Hosted mode uses Supabase Edge Functions, GitHub OAuth, quotas, audit rows, and Groq-backed STT and rewrite services today. BYO-key mode sends STT and rewrite data to the providers you configure and does not use Talk-to-Tux hosted STT/rewrite for those requests.
Data flow
| Data | Hosted mode | BYO-key or local provider mode |
|---|---|---|
| Audio | Sent to Supabase Edge Functions and proxied to Groq Whisper. | Sent to your configured STT provider chain, including local endpoints when configured. |
| Transcript | Returned from Groq to the backend and desktop, then sent to hosted rewrite as text. | Returned from your configured provider and used locally for rewrite. |
| Active-app context | Window title, app name, hints, directives, AT-SPI/internal context, and related text can be sent to Supabase and forwarded into Groq messages. | Passed to configured rewrite providers through the local BAML path. |
| Screenshot | Supabase can receive screenshot bytes when enabled; current hosted rewrite forwards a text marker to Groq rather than image bytes. | Configured image-capable rewrite providers may receive screenshots. |
| Local debug cache | Stored only on your machine when enabled. | Stored only on your machine when enabled. |
Account, quota, and audit data
Hosted mode stores GitHub login, GitHub numeric ID, email, beta application data, quota usage by monthly period, and audit events such as token issuance or quota cap hits in Supabase. Retention automation is not fully repo-owned yet, so this policy does not promise a fixed transcript, quota, or audit retention period beyond account deletion/export handling.
Local storage
The local debug run cache under ~/.cache/talk-to-tux/runs/
is off by default. If enabled, it can store audio, transcripts,
screenshots, rewrites, telemetry, errors, and feedback artifacts.
Correction-learning and feedback files can also live under
~/.config/talk-to-tux/ and are separate from the run cache
toggle.
Processors
Active beta processors include Supabase, Groq, Cloudflare, Sentry, Resend, and GitHub. User-configured BYO-key providers may include local GPU servers, ElevenLabs, Groq, OpenAI, Google, Gemini, Ollama, or other endpoints you configure. Stripe and GCP are not active hosted beta processors for the current service.
Error reporting
Backend Sentry may receive error reports when configured for Supabase Edge Functions. Desktop error reporting must be disclosed before it is enabled in a shipped client. Talk-to-Tux does not publish a blanket no-telemetry claim because hosted mode uses account, quota, audit, and error-reporting systems.
Your choices
Use BYO-key mode if you do not want Talk-to-Tux hosted STT/rewrite. Disable screenshots or the local debug cache in configuration if those features do not match your risk tolerance. Email viperjuice@users.noreply.github.com for access, deletion, or export requests.