Published beta document
Privacy Policy
Last updated: April 2026
This Privacy Policy was drafted by the author without attorney review. GDPR, CCPA, and other jurisdiction-specific requirements may not be fully addressed. This document describes actual data-handling practices in good faith but is not a substitute for a lawyer-reviewed policy. Consult a qualified attorney before relying on these terms for regulatory compliance.
Summary
Talk-to-Tux has two user-facing modes. Hosted mode uses Supabase Edge Functions, GitHub OAuth, quotas, audit rows, and Groq-backed STT and rewrite services today. BYO-key mode sends STT and rewrite data to the providers you configure and does not use Talk-to-Tux hosted STT/rewrite for those requests. We do not sell personal data, and we do not use your content for model training by default.
Data flow
| Data | Hosted mode | BYO-key or local provider mode |
|---|---|---|
| Audio | Sent to Supabase Edge Functions and proxied to Groq Whisper. | Sent to your configured STT provider chain, including local endpoints when configured. |
| Transcript | Returned from Groq to the backend and desktop, then sent to hosted rewrite as text. | Returned from your configured provider and used locally for rewrite. |
| Active-app context | Window title, app name, hints, directives, AT-SPI/internal context, and related text can be sent to Supabase and forwarded into Groq messages. | Passed to configured rewrite providers through the local BAML path. |
| Screenshot | Supabase can receive preprocessed screenshot bytes when enabled; hosted rewrite forwards image bytes to Groq only when a visual rewrite model is configured, otherwise it uses text mode with degraded metadata. | Configured image-capable rewrite providers may receive screenshots. |
| Local debug cache | Stored only on your machine when enabled. | Stored only on your machine when enabled. |
Account, quota, and audit data
Hosted mode stores GitHub login, GitHub numeric ID, email, beta application data, quota usage by monthly period, and audit events such as token issuance or quota cap hits in Supabase. Retention automation is not fully repo-owned yet, so this policy does not promise a fixed transcript, quota, or audit retention period beyond manual account deletion/export handling during beta.
Local storage
Non-secret preferences live in
~/.config/talk-to-tux/config.toml. BYOK provider keys live
separately in ~/.config/talk-to-tux/secrets.env.
The local debug run cache under ~/.cache/talk-to-tux/runs/
is off by default. If enabled, it can store audio, transcripts,
screenshots, rewrites, telemetry, errors, and feedback artifacts.
Correction-learning and feedback files can also live under
~/.config/talk-to-tux/ and are separate from the run cache
toggle. Scoped local learning artifacts are minimized and redacted; they
do not intentionally persist raw screenshots, provider keys, hosted
tokens, or full transcripts.
Processors
Active beta processors include Supabase, Groq, Cloudflare, Sentry, Resend, and GitHub. User-configured BYO-key providers may include local GPU servers, ElevenLabs, Groq, OpenAI, Google, Gemini, Ollama, or other endpoints you configure. Stripe and GCP are not active hosted beta processors for the current service.
Error reporting
Backend Sentry may receive error reports when configured for Supabase Edge Functions. Desktop error reporting must be disclosed before it is enabled in a shipped client. Talk-to-Tux does not publish a blanket no-telemetry claim because hosted mode uses account, quota, audit, and error-reporting systems.
Your choices
Use BYO-key mode if you do not want Talk-to-Tux hosted STT/rewrite. Disable screenshots or the local debug cache in configuration if those features do not match your risk tolerance. Email [email protected] for access, deletion, or export requests. Beta deletion and export requests are handled manually while automation is deferred.
Implementation status (beta)
Talk-to-Tux is in a private, application-gated beta. Some controls and workflows described in this policy are currently operated manually while automation is being completed. If shipped behavior and policy text diverge, we will update this policy and communicate material changes.