Ding Notes

Privacy Policy

Who we are

Ding! is made by Mitchell Jeffrey, an Australia-based independent developer. We strive to protect your privacy and collect as little data about you as needed to conduct our business.

What this privacy policy covers

This Privacy Policy applies to information that we collect about you when you use:

  • Our website (dingnotes.com)
  • Our applications (including the Ding Notes web app, app.dingnotes.com)

Throughout this Privacy Policy we’ll refer to our websites, applications, and other products and services collectively as “Services”.

Information we collect

Information you provide to us

We may collect some information provided by you directly, including:

  • Contact information such as first and last name, email address.
  • Billing information such as credit card details and billing addresses.
  • Communications with us such as emails and bug reports.
  • Files uploaded for automated transcription.

Google Drive Integration (Optional Feature)

Ding Notes offers an optional Google Drive integration feature. If you choose to use this feature and connect your Google Drive account, we collect:

  • Your email address
  • Your name and profile photo
  • Access to your Google Drive files (with your explicit permission)

We use this information solely to authenticate your account and enable you to store and access your media files and annotations directly from your Google Drive. You can revoke this access at any time through your Google Account settings.

Information we collect automatically

We also collect some information automatically when you use our website or applications:

  • Log information: Like most software providers, we collect some information made available to us by web browsers and devices, including the operating system, IP address and unique device identifier.
  • Usage and troubleshooting information: We collect information about your usage of our Services. For example, we may track how often you open Ding!, use specific features in the app. Ding! is instrumented to send anonymous technical reports to help troubleshoot application performance.
  • Information from cookies & other technologies.

How we use this information

We make use of the information we collect:

  • to operate, troubleshoot and maintain our Services
  • to process transactions and orders
  • to meet our legal and compliance responsibilities
  • to understand how you use features in our applications, and improve them
  • to communicate with you (e.g. sending a newsletter when you are subscribed to it)

Files uploaded for automated transcription

When you upload audio or video files for transcription:

  • Files are temporarily stored on our servers
  • Files are sent to AssemblyAI, our third-party transcription service provider
  • Media files are automatically deleted 1 day after transcription completes
  • Transcript files are automatically deleted 3 days after you download them
  • AssemblyAI transcripts are deleted after 7 days

Data Retention

We retain your information for the following periods:

  • Session data (including Google Drive access tokens): 90 days from last activity
  • Uploaded media files: 1 day after transcription completes
  • Transcript files: 3 days after you download them (maximum 7 days if uncollected)
  • Credit purchase records and usage history: Retained indefinitely for accounting and tax compliance

Note: We do not maintain user accounts. When you connect via Google Drive, we only store a temporary session with encrypted tokens that grant Ding Notes access to your Drive. When the session expires or you revoke access, all associated data is automatically deleted.

Security

We implement industry-standard security measures to protect your data:

  • OAuth 2.0 with PKCE for secure authentication
  • AES-256 encryption for stored credentials
  • HttpOnly cookies to prevent cross-site scripting attacks
  • Service Worker isolation for sensitive tokens
  • HTTPS encryption for all data in transit

Sharing information

We do not share your personal information with marketers or unaffiliated third parties. We may share your personal information with:

Subsidiaries and independent contractors

We may disclose information about you to our subsidiaries and independent contractors who need the information to help us provide our Services or process the information on our behalf. We require our subsidiaries and independent contractors to follow this Privacy Policy for any personal information that we share with them.

Third-party vendors

We may share information about you with third-party vendors who need the information in order to provide their services to us, or to provide their services to you.

This includes vendors that help us provide our Services to you such as payment providers that process your credit and debit card information, fraud prevention services that allow us to analyze fraudulent payment transactions, cloud storage services, postal and email delivery services that help us stay in touch with you, customer chat and email support services that help us communicate with you; those that assist us with our marketing efforts (e.g., by providing tools for identifying a specific marketing target group or improving our marketing campaigns, and by placing ads to market our services); those that help us understand and enhance our Services (like analytics providers); those that make tools to help us run our operations (like programs that help us with task management, scheduling, word processing, email and other communications, and collaboration among our teams) and other third-party tools that help us manage operations.

Sub-Processors

We engage the following sub-processors to help us provide our Services. This list is not exhaustive and may be updated from time to time:

  • Google: Authentication and Drive storage integration (only when you use Google Drive features)
  • AssemblyAI: Automated transcription processing
  • Paddle: Payment processing
  • Cloudflare: Web hosting and infrastructure services
  • Sentry: Error monitoring and diagnostics
  • Fastmail: Transactional email delivery

Each sub-processor is contractually required to handle data in accordance with applicable privacy laws.

The public

When you have given us explicit permission, such as when posting on a public forum or sharing a testimonial. We may also use your company name to promote our Services.

Your Rights

You have the right to:

  • Access your personal information
  • Request deletion of your session data and transcription files
  • Revoke Google Drive access at any time (which automatically deletes your session when it expires)
  • Opt out of error reporting

To exercise these rights, contact [email protected]

Contact details

C/- PO Box 585 Mareeba QLD 4880 Australia.

For any privacy-related request, email [email protected]

Ding Notes

About Pricing FAQ
Get started by opening dingnotes.com
on your desktop or laptop.