← Back to Home
Last updated: January 8, 2026
Introduction
This Privacy Policy describes how YAPP ("we", "us", "our", or "the app") collects, uses, and protects your information when you use our podcast application. We are committed to protecting your privacy and being transparent about our data practices.
Key Point: YAPP can be used without an account. Sign-in is optional and only required if you want to sync your data across devices.
Information We Collect
Information Stored Locally on Your Device
The following data is stored only on your device and is not transmitted to our servers unless you create an account:
- Podcast subscriptions - The podcasts you subscribe to
- Playback history and progress - Your listening history and position in episodes
- Downloaded episodes - Audio files you download for offline listening
- Queue and bookmarks - Episodes you've added to your queue or bookmarked
- Transcriptions - Text transcriptions generated on your device
- App preferences - Your settings and preferences
Information Collected When You Create an Account
If you choose to sign in, we collect and store:
- Email address - Used as your account identifier and for account-related communications
- Display name - Optional, shown in your profile
- Profile photo URL - If provided by your sign-in provider (Apple or Google)
- Podcast subscriptions - Synced to enable cross-device access
- Listening progress - Synced to resume playback across devices
- Queue and bookmarks - Synced across your devices
- App settings - Your preferences for playback, downloads, etc.
Sign-In Methods
We offer three sign-in options:
- Sign in with Apple - We receive your Apple ID email (or relay email if you choose "Hide My Email") and optionally your name
- Sign in with Google - We receive your Google account email, name, and profile photo
- Email sign-in - We send a one-time code to verify your email address
We do not receive or store your Apple ID password, Google password, or any payment information.
Audio Recording Permission
The app requests microphone permission solely for processing audio for on-device transcription. Audio is processed entirely on your device and is never recorded, stored, or transmitted to external servers.
Network Requests
The app makes network requests to:
- Podcast RSS feeds - To fetch podcast information and episode lists
- Audio streaming servers - To stream or download episodes from their original hosts
- Podcast discovery APIs - To search for and discover podcasts
- Our sync servers - Only if signed in, to sync your data across devices
How We Use Your Information
We use your information to:
- Provide and maintain the app's features
- Sync your data across devices (if signed in)
- Send account-related emails (verification codes, security notices)
- Respond to your support requests
Information We Do NOT Collect
- We do not track your listening habits for advertising purposes
- We do not use third-party analytics or tracking services
- We do not display advertisements
- We do not sell your data to third parties
- We do not collect location data
Data Storage and Security
Your account data is stored on secure servers hosted on Microsoft Azure in the United States. We use industry-standard security measures including:
- Encrypted data transmission (HTTPS/TLS)
- Secure password hashing for tokens
- Regular security updates and monitoring
Authentication tokens are stored securely on your device using platform-provided secure storage (iOS Keychain, Android EncryptedSharedPreferences).
Your Rights and Choices
For All Users
- Use without an account - You can use the app without signing in
- Delete local data - Uninstalling the app removes all local data
For Users with Accounts (GDPR/CCPA Rights)
- Right to Access - You can request a copy of all your data
- Right to Rectification - You can update your profile information
- Right to Erasure - You can delete your account and all associated data
- Right to Data Portability - You can export your data in a machine-readable format
- Right to Withdraw Consent - You can sign out and delete your account at any time
To exercise these rights, use the options in the app's Account settings or contact us at privacy@yapp.at.
Data Retention
- Account data - Retained until you delete your account
- Refresh tokens - Automatically expire after 30 days of inactivity
- Email verification codes - Expire after 10 minutes
- Deleted accounts - Data is permanently deleted within 30 days
Third-Party Services
The app integrates with:
- Apple Sign-In - Subject to Apple's Privacy Policy
- Google Sign-In - Subject to Google's Privacy Policy
- Apple CarPlay / Android Auto - For in-vehicle playback control
- Azure Communication Services - For sending verification emails
International Data Transfers
Your data may be processed in the United States. By using the app with an account, you consent to this transfer. We ensure appropriate safeguards are in place for data protection.
Children's Privacy
The app is not intended for children under 13 (or 16 in the EU). We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice in the app and updating the "Last updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Email: privacy@yapp.at
General Support: support@yapp.at
