Privacy Policy

Effective date: 2026-05-21 (auth-provider list reduced to Apple + Google; §12 third-party-services restated with explicit non-affiliation disclaimer)

This Privacy Policy describes how Glass Prompter ("Glass Prompter," "we," "us," "our") collects, uses, and discloses information when you use our website at glassprompter.com (the "Site"), our iOS mobile app (the "App"), and any related services (collectively, the "Service").

By using the Service you acknowledge this Policy. If you disagree, do not use the Service.

1. Who we are and how to reach us

Glass Prompter is operated by Edi Simon, a sole proprietorship ("persoană fizică autorizată") established in Romania, European Union. For the purposes of the EU General Data Protection Regulation (GDPR), the UK GDPR, and similar laws, Edi Simon (trading as Glass Prompter) is the data controller of the personal data described below.

We do not currently have a designated EU representative under GDPR Art. 27 because we are established in the EU. If that changes we will publish their contact here.

2. Information we collect

We deliberately collect as little as possible. There are five sources of personal data:

2.1 Account identity

You can sign in with Apple or Google. In each case the identity provider returns a stable user identifier and (if you allow it) your name, email address, and profile picture URL. If you choose Apple's Hide-My-Email feature, we only see the Apple relay address. We store the returned identity record in Supabase as your account row. We do not store your identity-provider password. That account is managed entirely by Apple or Google respectively. If you later choose to sign in with a different provider using the same email address, the providers are linked to the same Glass Prompter account.

2.2 Script content

Scripts you create are stored in our database encrypted at rest with AES-256-GCM using a per-script data-encryption key (DEK). The DEKs are themselves wrapped by a key-encryption key (KEK) held server-side as an environment secret on Vercel and never written to the database or to logs. Our server decrypts scripts only to provide product features that you ask for, such as rendering them in the dashboard, displaying them on your glasses during a session, exporting your data, or running an account deletion. This is encryption at rest, not end-to-end encryption. A compromised Glass Prompter server, or a court order to us, could decrypt your scripts; we cannot truthfully promise otherwise.

2.3 Session metadata

When you cast a script to your glasses we store the session id, the script id, your cursor position (which line you're on), and a device identifier for the glasses webview. We do not record audio, transcripts of your speech, or your camera. Speech recognition runs on-device on your iPhone via Apple's SFSpeechRecognizer with requiresOnDeviceRecognition = true; the audio never leaves your phone.

2.4 In-App Purchase record

If you upgrade to Glass Prompter Pro we record the Apple StoreKit transaction id, product id, entitlement status, and any refund/revocation state. Glass Prompter Pro is a one-time non-consumable In-App Purchase, not a subscription. There is no recurring billing, no renewal, and no trial. The signed transaction (JWS) is kept for entitlement verification. We do not see your payment method. That is handled entirely by Apple's In-App Purchase system.

2.5 Server logs and security telemetry

Our hosting providers automatically capture short-lived request logs (IP address, user-agent, timestamps, path, status code) for abuse and incident response. We do not correlate these logs with account identifiers for product analytics. Error reports sent to Sentry are scrubbed of personally identifiable information before transmission.

2.6 Anonymous usage events

To understand whether the Service is working, including how many people pair their glasses, cast a script, finish a session, encounter an error, we record a small set of anonymous usage events in our own database. We deliberately built this in-house rather than using a third-party analytics product so that no usage data leaves our servers.

What we record:

What we never record:

You can see your own usage events at any time by emailing privacy@glassprompter.com. Deleting your account erases all of your events.

We do not collect: contact lists, photos, precise location, ad identifiers, third-party tracker identifiers, behavioural-advertising data, or biometric data.

3. What we do not do

To remove ambiguity:

4. Legal bases for processing (GDPR)

For users in the EU, EEA, UK, or Switzerland, we rely on the following legal bases under GDPR Art. 6:

ProcessingLegal basis
Account creation, sign-in, syncPerformance of a contract (Art. 6(1)(b))
Storing and rendering your scriptsPerformance of a contract (Art. 6(1)(b))
Casting to your glasses and tracking cursorPerformance of a contract (Art. 6(1)(b))
Pro purchase verification and entitlement gatingPerformance of a contract (Art. 6(1)(b))
Anonymous usage events (§2.6), service healthLegitimate interests (Art. 6(1)(f))
Security logs, abuse prevention, fraud defenceLegitimate interests (Art. 6(1)(f))
Compliance with tax, accounting, legal requestsLegal obligation (Art. 6(1)(c))
Establishing or defending legal claimsLegitimate interests (Art. 6(1)(f)) / Art. 9(2)(f)

You may object to processing based on legitimate interests by emailing privacy@glassprompter.com. If we cannot demonstrate a compelling override, we will stop the processing.

5. How information is shared

We share information only with the recipients below, each strictly to operate the Service. The role column reflects how the recipient acts with respect to your data:

RecipientPurposeRole with respect to your dataRegion
Apple Inc.Sign in with Apple, App Store purchases, IAPIndependent controller / service provider (its own terms)United States
Google LLCSign in with Google (when you choose this)Independent controller (its own terms)United States
Vercel Inc.Web hosting and serverless API runtimeProcessor (acts on our instructions)United States
Supabase Inc.Postgres database, authentication, file storageProcessor / sub-processorUnited States
Cloudflare Inc.DNS, edge TLS termination, R2 backup storageProcessor / sub-processorGlobal
Functional Software, Inc. (Sentry)Error reporting (PII-scrubbed)Processor / sub-processorUnited States

Apple and Google process data for their respective sign-in flows under their own published privacy terms, and each acts as an independent controller for that activity. We only see the identity record they hand back to us after you authorise the sign-in. Vercel, Supabase, Cloudflare, and Sentry act on our documented instructions under written data-processing agreements meeting the requirements of GDPR Art. 28.

We will update this list when we add or replace a recipient and note the change on this page; in some cases we will also notify account holders by email.

Outside of these sub-processors, we disclose personal data only:

6. International data transfers

Most of our infrastructure is in the United States. When personal data of users in the EU, EEA, UK, or Switzerland is transferred to the United States we rely on:

We have assessed the risk of these transfers and concluded the combination of contractual safeguards plus our minimisation and encryption practices is appropriate. You can request a copy of the relevant transfer impact assessment by emailing privacy@glassprompter.com.

7. Your rights

You have the following rights regardless of jurisdiction. Where a specific regime (GDPR, UK GDPR, CCPA/CPRA, LGPD, PIPEDA, etc.) grants you more, we honour the stronger right.

California rights (CCPA/CPRA). California residents may request (i) the categories and specific pieces of personal information we have collected, (ii) the categories of sources and the business purpose, (iii) the categories of third parties with whom we share it, (iv) deletion of personal information, and (v) correction of inaccurate personal information. We do not sell or "share" personal information as those terms are defined under CCPA/CPRA and therefore do not offer a "Do Not Sell or Share My Personal Information" link. We do not offer financial incentives for personal information. We will not discriminate against you for exercising these rights. You may use an authorised agent; we will verify both your identity and the agent's authority before responding.

California notice at collection. In the past 12 months we have collected the following categories of personal information for the purposes described in Sections 2 and 3:

Category (CCPA)ExamplesSourcePurposeRetention
IdentifiersApple user identifier, account email (incl. relay email)You via AppleAccount creation, sign-in, syncUntil account deletion
Customer recordsDisplay name (if provided)You via ApplePersonalisationUntil account deletion
Commercial informationPro purchase transaction id, product id, statusApple StoreKitPurchase verification, entitlement gating7 years (Apple/tax compliance)
Internet or other electronic network activityIP address, user-agent, request timestampsYour deviceSecurity, abuse prevention30 days
Geolocation dataCoarse country/region inferred from IP onlyYour deviceSecurity, abuse prevention30 days
User-generated contentScripts, folder names, cursor positionYouService operationUntil account deletion
Internet / electronic network activity (in-app)Anonymous event names + counts + durations (§2.6)Your deviceService health and product improvement1 year
InferencesNone drawn

We do not collect "sensitive personal information" as defined by CPRA (e.g. social security number, geolocation precise to within 1,850 feet, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric identifiers, mail/email/text contents not directed to the business, sex life or sexual orientation, citizenship or immigration status, health data). The on-device speech recognition does not transmit audio or transcripts to us, so no biometric or audio data is collected.

Both the export and delete flows require re-authentication within the last five minutes to prevent a stolen session from triggering them. We respond to verifiable rights requests within 30 days (GDPR) or 45 days (CCPA), extendable once for complex requests as the law allows.

8. Retention

DataRetention
Account record + scriptsUntil you delete your account.
Folder structureUntil you delete your account.
Active session rowUntil the session ends; row retained for history.
Pairing codesExpire 10 minutes after issue; expired rows are deleted at least once daily by a scheduled purge.
Glasses device tokensUntil you unpair the device.
Pro purchase transaction record7 years (tax and Apple audit obligations).
Server access logs (no PII linkage)30 days.
Sentry error reports90 days.
Audit log (decrypt + export events)Up to 1 year, then deleted by a scheduled purge job.
Anonymous usage events (§2.6)Up to 1 year, then deleted by a scheduled purge job.
Deletion proof recordIndefinite (HMAC-hashed; cannot be linked back).
Off-site encrypted backups (production)30 days rolling (GPG/AES-256 encrypted).
Off-site encrypted backups (staging)3 days rolling (rehearsal-only; staging holds no real user data).
Supabase-managed point-in-time backupsPer Supabase plan retention, currently 7 days.

After deletion, residual copies may remain in encrypted backups until the backup window rolls forward, but those backups are not restored except in a disaster recovery scenario.

9. Children

The Service is not directed to children under 13 (or the higher minimum age of digital consent in your jurisdiction, e.g. 16 in some EU states), and we do not knowingly collect personal information from them. If you believe a child has registered, email privacy@glassprompter.com and we will delete the account and any associated data promptly.

10. Security

No system is perfectly secure. If we determine a personal-data breach has occurred we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of it, as required by GDPR Art. 33. If the breach is likely to result in a high risk to your rights and freedoms we will also notify you directly without undue delay (GDPR Art. 34), or by other means of public communication where direct notice would involve disproportionate effort. If you discover a vulnerability, email security@glassprompter.com; we welcome coordinated disclosure.

11. Business transfers

If Glass Prompter is involved in a merger, acquisition, financing, reorganisation, or sale of all or substantially all of its assets, personal data may be transferred as part of that transaction. We will require the acquirer to honour the commitments in this Policy or to provide you with prior notice and a meaningful opportunity to delete your account before the transfer takes effect.

12. Third-party services

The App relies on Apple iOS and on the Meta AI companion app for pairing with Meta Ray-Ban Display smart glasses. Glass Prompter is an independent app and is not affiliated with, endorsed by, sponsored by, or otherwise authorized by Meta Platforms, Inc., Ray-Ban, EssilorLuxottica, or Apple Inc. "Meta", "Ray-Ban", "EssilorLuxottica", and "Apple" are trademarks of their respective owners and are used here only to describe interoperability. Once data is handed to those third-party services it is governed by their respective privacy policies. We are not responsible for the privacy practices of Apple, Meta, EssilorLuxottica, or any other third party.

13. Changes to this Policy

We will post material changes here and update the effective date. For material changes we will provide notice at least 14 days in advance via the Service or by email. Continued use of the Service after the effective date of a change constitutes acceptance of the updated Policy. If you do not agree, your remedy is to stop using the Service and delete your account.

14. Contact

For any question about this Policy or about how your data is handled, email privacy@glassprompter.com. We aim to respond within 5 business days and at most within the windows required by applicable law.