Privacy Policy

Cocoon ("the App", "we", "us", or "our") is a meeting transcription and AI summarization application available on iOS (iPhone/iPad) and macOS. This Privacy Policy describes how we collect, use, store, and protect your information when you use our App.

Cocoon is built on a foundational principle: your conversations are private and should never leave your device. We designed every feature around this commitment.

By downloading or using Cocoon, you agree to this Privacy Policy. If you do not agree, please do not use the App.

Cocoon uses artificial intelligence for transcription and summarization. Before using these features, the App presents a clear disclosure and obtains your consent. Here is what you should know:

• ✓100% On-Device AI: All transcription and summarization runs locally on your device. Your meeting audio, transcripts, and summaries are never sent to any external AI service.
• ✓No Cloud AI Services: Cocoon does not use OpenAI, Google, Anthropic, or any third-party cloud AI service. No meeting content is ever transmitted to third parties.
• ✓One-Time Model Download: AI model files are downloaded once from Hugging Face (huggingface.co), an open-source model repository. During this download, Hugging Face's servers may collect standard connection metadata (IP address, device type). No personal data or meeting content is sent.
• ✓User Consent: The App obtains your explicit consent before downloading AI models or processing any data.

Cocoon operates entirely on your device. This means:

• ✓All audio recording and transcription happens locally on your device
• ✓All AI-powered summarization runs on-device using embedded machine learning models
• ✓Your meeting recordings, transcripts, and summaries are never uploaded to any server
• ✓No user accounts are required — optional Sign in with Apple stores only an anonymous identifier in your device's Keychain
• ✓No advertising networks or analytics SDKs are embedded in the App
• ✓No telemetry, usage tracking, or behavioral profiling is performed
• ✓The App functions fully offline after the initial one-time model download
• ✓Optional iCloud sync (when enabled) uses Apple's end-to-end encrypted CloudKit storage — only your devices can read your data

a) Audio Recordings

When you use the recording feature, Cocoon captures audio through your device's microphone. This audio is processed in real-time by Apple's on-device speech recognition (SFSpeechRecognizer) and is stored locally on your device. Audio data is never transmitted to any external server or third party.

b) Transcripts & AI Summaries

Transcripts are generated from your audio using Apple's on-device speech recognition. Summaries, key points, and action items are generated using the on-device LLaMA language model. All AI inference runs locally — no API calls are made to cloud AI services.

c) User Profile

You may optionally set a display name during onboarding. This is stored locally on your device using UserDefaults and is never transmitted externally.

d) Sign in with Apple (Optional)

You may optionally sign in with your Apple ID for cross-device sync. Cocoon stores only the anonymous user identifier provided by Apple in your device's Keychain — we never receive or store your email address, name, or Apple ID password. This identifier is used solely to link iCloud sync across your devices.

e) App Preferences & Settings

Language preferences, theme settings, and other configurations are stored locally on your device using standard platform storage mechanisms (UserDefaults on iOS, UserDefaults on macOS).

f) Calendar Data (macOS only)

On macOS, Cocoon may request access to your calendar to display upcoming meetings for context. Calendar data is read locally and is never stored, copied, or transmitted by the App.

All meeting data is stored locally on your device using the following protections:

• ✓Encrypted Storage: Meeting transcripts and summaries are encrypted using AES-256 encryption via Apple's CryptoKit framework before being stored in Core Data
• ✓Platform Encryption: Data is further protected by iOS/macOS device-level encryption (Data Protection)
• ✓No Cloud Backup of Sensitive Data: Session logs and meeting backup directories are excluded from automatic iCloud backup
• ✓Local-Only Storage: By default, all data resides exclusively on your device's local storage
• ✓Optional iCloud Sync: When enabled, meeting data is synced via Apple CloudKit using CKRecord.encryptedValues (end-to-end encrypted). Audio files are only synced if you separately enable audio sync. You can disable sync at any time in Settings

You maintain full control over your data and can delete individual meetings or all data at any time through the App's interface.

On first launch, Cocoon downloads one open-source AI model to enable on-device summarization:

• ✓LLaMA (Summarization) — An open-source language model developed by Meta, downloaded from Hugging Face

Speech recognition uses Apple's built-in SFSpeechRecognizer framework — no additional download is required for transcription.

The LLaMA model is downloaded once over HTTPS from Hugging Face (huggingface.co), a trusted open-source AI model repository. After download, the model is stored locally and all AI processing happens entirely offline.

During the download, Hugging Face and its infrastructure providers may automatically collect connection metadata including IP address, device information, and download request metadata. Cocoon does not send any personal data, user accounts, app usage data, or meeting content to Hugging Face.

For full details, see Hugging Face's Privacy Policy at huggingface.co/privacy.

Cocoon makes network requests only in the following limited circumstances:

• ✓Model Downloads: One-time HTTPS downloads from Hugging Face to retrieve AI model files during initial setup
• ✓iCloud Sync (Optional): When enabled, Cocoon uses Apple CloudKit to sync meeting data between your devices. All data is end-to-end encrypted — Apple cannot read your meeting content

After models are downloaded and aside from optional iCloud sync, Cocoon requires no internet connection.

Hugging Face — Used exclusively for the one-time download of open-source AI model files.

Apple iCloud (Optional) — When iCloud sync is enabled, meeting data uses end-to-end encryption. Apple cannot read your meeting content.

Cocoon does not integrate any of the following:

• ✕Advertising networks or ad SDKs
• ✕Analytics or telemetry services (Google Analytics, Firebase, Mixpanel)
• ✕Crash reporting services (Crashlytics, Sentry)
• ✕Social media SDKs
• ✕Attribution or tracking frameworks

• ✓Microphone (Required): Used to record meeting audio for transcription. Audio is processed and stored locally.
• ✓Sign in with Apple (Optional): Used for cross-device sync identity. Only an anonymous identifier is stored in your Keychain. Your email, name, and Apple ID password are never accessed or stored by the App.
• ✓iCloud (Optional): When enabled, syncs meeting data across devices using end-to-end encryption.
• ✓Calendar (macOS only, Optional): Used to display upcoming meetings for context. Never stored or transmitted.

We do not share, sell, rent, trade, or transfer your personal data to any third party. Since all data remains on your device and we have no access to it, there is no data for us to share.

• ✓On-Device Data: Retained until you choose to delete it
• ✓iCloud Data: Synced if enabled; removed when you delete meetings in the App
• ✓Complete Removal: Uninstalling the App removes all locally stored data

• ✓Access: View all recordings, transcripts, and summaries directly in the App
• ✓Delete: Remove any individual meeting or all data at any time
• ✓Export: Export transcripts and summaries for personal use
• ✓Revoke Permissions: Disable microphone access at any time via system settings

If you are located in the EEA, UK, or Switzerland, you have rights under GDPR including data minimization, right to erasure, and no international data transfers. Your data never leaves your device.

California residents have rights including the right to know, right to delete, and right to opt-out of sale. We do not sell your personal information and have never done so.

Cocoon is not directed at children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children.

We may update this Privacy Policy to reflect changes in our practices or applicable laws. When we make changes, we will update the "Last updated" date. Continued use of the App after changes constitutes acceptance.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

Email: mohanprakash462@gmail.com