Privacy Policy

The short version. Voice never leaves your device for transcription — speech recognition runs locally. Voice between participants travels peer-to-peer, encrypted end-to-end. We do not store voice recordings or transcripts on our servers. We do not show ads. We do not sell or share your personal information. We do not train AI on your conversations.

Who we are

Cohra is operated by Sviat Minato (Toronto, Canada), who is the data controller of the personal information described in this policy. The full mailing address is in the Contact us section at the end of this page.

For privacy questions, requests, or to exercise your rights, contact us at [email protected].

Information we handle

This policy covers two separate surfaces operated by Cohra: the Cohra iOS app and our cohraapp.com website. They handle very different information, so we describe them separately below.

Cohra iOS app

The Cohra iOS app needs no account — no login, no profile, and no contact information from you to use it.

Information you provide

• A display name you enter for the session (a short label visible to other participants in the same room). It is not tied to your real identity.
• Subscription and purchase information when you start a free trial or buy a subscription. This is handled by Apple through the App Store; we receive a signed receipt from Apple (a “transaction identifier” issued by Apple) so that we can deliver and enforce the right entitlement.
• Abuse reports you choose to submit through the in-app Report action — the room you were in, the display names involved, the reason category, and any optional notes you write.
• Support messages if you email us.

Information collected automatically

• App version and app language. Sent with abuse reports and used for compatibility checks and routing.
• Device model identifier, sent only when Cohra detects that your device cannot run the app reliably. In that case the app sends a one-time signal containing the standard model identifier (for example, iPhone14,5) and the app version, so we know which devices to prioritize. We do not collect device model in the normal course of using the app.
• A device-bound security key generated by Apple’s App Attest. This key lives in your iPhone’s Secure Enclave; our server keeps the public half (a randomly generated identifier) so we can verify that requests come from a genuine device and not from a script abusing the service. The key is not linked to your Apple ID, your name, or any other personal information. It is used purely for fraud prevention and abuse limiting (see Device integrity & fraud prevention below).
• IP address. Your phone and other participants’ phones use IP addresses transiently to establish a peer-to-peer connection. On our servers, IP addresses are used only to apply per-device rate limits during the attestation handshake. Cohra’s own application logs do not record IP addresses tied to your activity, and we do not use IP addresses to derive your location. Some of our infrastructure providers may keep transient connection logs for their own operational and security purposes; that handling is governed by their own privacy practices.

Voice and conversation data

This is the most sensitive category, so we want to be very specific:

• Audio is never uploaded to Cohra servers. Voice streams travel peer-to-peer between participants, encrypted end-to-end.
• Speech recognition runs on your device. Transcripts are generated locally by an on-device model. The transcript text is shared only with the other participants in the same room, in real time, through our signaling server, which forwards messages but does not store transcripts.
• When you “Ask Cohra,” a short transcript snippet plus a fixed system prompt is sent to our AI provider (Anthropic) to generate a reply. The snippet is processed in transit and is not retained by Cohra after the response is delivered. See the AI Data Processing page for full detail.
• Audio is never sent to any AI provider. Only text is shared with Anthropic; only the AI’s reply text is sent from your device to ElevenLabs to be synthesized into voice. Your voice is not used by any AI.
• No recording. Cohra does not save audio files to disk on your device or anywhere else.
• What “mute” actually does. When you tap mute, your microphone is silenced for everyone else in the room and your speech is no longer transcribed. For technical reasons — keeping your session ready for instant unmute, recovering cleanly from interruptions like a phone call, and supporting the Lock Screen Live Activity — the operating-system audio session itself remains active for the duration of the session, which is why iOS may continue to show its standard “audio in use” indicator. No audio leaves your device while you are muted.

What your device exchanges with our signaling server

When you join a room, your device exchanges short messages with our signaling server so that participants can find each other and start a peer-to-peer call. These messages include the room code, your chosen display name, a temporary per-room identifier generated by your device, the conversation language, voice-activity indicators, and the real-time transcript text described above. The signaling server forwards these messages to other participants in the same room and stores room metadata (room code, language, participant names, capacity) only as long as needed to keep the room live — typically 30 seconds, refreshed automatically while at least one participant is connected, then automatically deleted.

cohraapp.com website

The website is mostly informational. The only personal information we handle through it is what you choose to submit to the launch-waitlist form in the footer:

• Email address. Used only so we can email you when the public beta or the Android version is available.
• Connection metadata that any HTTP request to the form includes — your IP address, country (derived by our CDN from the IP), and browser user-agent — used only to filter automated abuse of the form, and not associated with you afterward.

The submission is delivered to our team via Resend (an email-delivery provider) and kept in our team email inbox. You can ask us to remove your address at any time by emailing [email protected].

The website does not run analytics, advertising, or third-party trackers — see the Cookies and tracking technologies section below.

How we use your information

We use the information we handle to:

• Provide the Cohra service — match participants, route calls, generate AI replies, and synthesize Cohra’s voice.
• Maintain the security and integrity of the service — verify that requests come from genuine devices, throttle abusive traffic, and prevent fraudulent use of free trials.
• Process subscription payments and deliver entitlements (handled by Apple).
• Handle in-app abuse reports submitted by participants and allow our moderators to review them.
• Respond to support requests.
• Comply with legal obligations.

We do not use your information for behavioral advertising, profile-based targeting, or to train AI models.

Where Cohra is offered

The Cohra app is currently offered through the Apple App Store in the United States and Canada. Our website at cohraapp.com is publicly accessible worldwide; visitors in other regions may read it and contact us, but the in-app service itself is sold only in those App Store storefronts.

Legal basis for processing

Where local privacy laws (such as Quebec’s Law 25, the EU GDPR, or the UK GDPR) require us to identify a legal basis for processing your personal data, we rely on:

• Performance of a contract — to provide the service you asked for (joining rooms, asking Cohra, processing subscriptions).
• Legitimate interest — for security, fraud and abuse prevention, and integrity of the service.
• Consent — for any optional features that require it (we will ask explicitly if and when this applies).
• Legal obligation — for tax, accounting, and regulatory compliance.

You can withdraw any consent and object to processing based on legitimate interest by contacting [email protected].

How we share your information

We share information only in these specific situations:

• With other participants in your room — your display name, your real-time transcripts, and ephemeral connection metadata.
• With service providers acting on our behalf for the Cohra iOS app:
  • Apple — handles your App Store subscription, receipts, and payments; we receive a signed transaction identifier we use to deliver entitlements and prevent free-trial abuse.
  • Anthropic — receives the transcript snippet and prompt when you Ask Cohra (text only, never audio); details on the AI Data Processing page.
  • ElevenLabs — receives only the AI-generated response text from your device to synthesize Cohra’s voice; never receives your voice, your transcripts, or your prompts.
  • A managed STUN/TURN provider — supplies network credentials that help your phone establish peer-to-peer audio when a direct connection is not possible; sees no conversation content.
  • Our cloud hosting provider — runs the signaling server.
• With service providers acting on our behalf for the cohraapp.com website:
  • Cloudflare — hosts the website and runs the form-submission endpoint.
  • Resend — delivers the launch-waitlist email if you sign up through the form on our website. Resend processes only your email address and the limited connection metadata your browser sends with the request.
• For legal reasons — when required by law, court order, or to protect rights, safety, or property.
• In a business transfer — if Cohra is acquired or merged, we will notify you and honor this policy.

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.

Device integrity & fraud prevention

To protect Cohra against automated abuse, fake-account farms, and free-trial fraud, our server uses two device-scoped identifiers:

• A per-device security key generated by Apple’s App Attest, stored in the Secure Enclave on your iPhone. Our server keeps the public half so it can verify that a request came from a real, unmodified copy of Cohra. The key is not associated with your Apple ID, name, email, or location. We retain it for up to 30 days after your last use and refresh that window automatically while you keep using the app.

• The transaction identifier from your App Store purchase or free trial, supplied by Apple when you start a trial or subscribe. We use it for entitlement and fraud prevention only:

  • to recognize that you have an active free trial or paid subscription so that the corresponding features are unlocked,
  • to keep that entitlement consistent across reinstalls and across devices that share the same Apple ID,
  • to enforce the 30-Ask-Cohra free-trial allowance once per Apple ID,
  • to apply Apple’s standard renewal, lapse, and refund logic.

  We retain it for the duration of your entitlement plus a short grace period, after which it is deleted.

Neither identifier is used for advertising, analytics, behavioral profiling, or any purpose beyond fraud prevention and entitlement.

International data transfers

Our signaling server, our AI sub-processors, and most of our supporting service providers are based in the United States. If you use Cohra from Canada or visit our website from a country with stricter cross-border-transfer rules, your information will be transferred to and processed in the United States. We rely on Standard Contractual Clauses or equivalent contractual safeguards with our service providers where they are required by applicable law.

Data retention

We keep information only as long as needed to provide the service and meet legal obligations:

• Voice and full transcripts — never retained on our servers.
• Real-time room metadata (room code, participants, capacity) — kept only while the room is live and automatically deleted shortly after the last participant leaves.
• Device security key (App Attest public key + counter) — retained up to 30 days after last use, sliding automatically with each successful request.
• Subscription / entitlement records (App Store transaction identifier, product, expiry) — kept for the duration of the entitlement plus a short grace period, after which they are deleted.
• Free-trial usage counter — kept for the duration of the trial plus a short grace period.
• Abuse reports — forwarded to our moderation tools when you submit them; not retained on the signaling server itself. The moderation tool retains them only as long as needed to investigate the issue.
• Transactional and tax records — as required by applicable tax and accounting law (typically 7 years).
• Support correspondence — up to 2 years to provide context if you contact us again.

Locally on your device, Cohra stores your display name, language preference, theme, and the history of past sessions until you delete them or remove the app. Past-session history is stored on your device only — it is never uploaded.

How we protect your data

• Transport encryption (modern TLS) for all network traffic between the app and our servers.
• End-to-end encryption for peer-to-peer voice streams between participants.
• Hardware-backed key storage for the App Attest device key, using your iPhone’s Secure Enclave.
• Cryptographic request signing — every request from the app to our servers is signed with a hardware-bound key so that we can reject forged or replayed requests.
• Limited production access. Access to production systems is restricted to authorized maintainers and recorded by our hosting and version-control providers.
• Regular security reviews. We periodically review the codebase, our dependencies, and our infrastructure for security issues, and keep dependencies up to date.

No system is 100% secure. We strongly encourage you to keep your device passcode private and run a recent version of iOS.

Your privacy rights

Rights under CCPA / CPRA (California residents)

If you live in California, you have the right to:

• Know what personal information we collect, use, and share
• Delete the personal information we have about you
• Correct inaccurate personal information
• Opt out of sale or sharing of your personal information — we do not sell or share your personal information for cross-context behavioral advertising
• Limit the use of sensitive personal information
• Non-discrimination — we will not penalize you for exercising your rights

We respond to verifiable consumer requests within 45 days as required by CCPA.

Rights under other US state privacy laws

Residents of Virginia, Colorado, Connecticut, Texas, Utah, Oregon, and other states with comprehensive privacy laws have substantially similar rights to access, delete, correct, and opt out as those described above. Email us at [email protected] to exercise these rights.

Rights in Canada

If you live in Canada, you have the right under PIPEDA — and, if you live in Quebec, additional rights under the Act respecting the protection of personal information in the private sector (Law 25) — to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete personal information
• Withdraw consent to processing, subject to legal or contractual restrictions
• Receive your information in a structured, commonly used format (Quebec)
• Lodge a complaint with the Office of the Privacy Commissioner of Canada or, in Quebec, with the Commission d’accès à l’information

Rights of visitors from other regions

If you read or contact us through our website from the EU, EEA, UK, Switzerland, or another region with comprehensive privacy laws, you generally have rights of access, rectification, erasure, restriction, objection, portability, and to lodge a complaint with your local data protection authority. Email [email protected] and we will honor those rights with respect to any information we hold about you.

How to exercise your rights

Email [email protected] with your request. Because Cohra has no account system, please include enough detail for us to identify the data — for example, the rough timeframe and any room codes you remember. We may need to ask for additional information to verify your request before acting on it.

You can also delete locally stored data at any time without contacting us:

• Remove individual past sessions from the History tab.
• Reset the app or uninstall it to clear all locally stored data.

Children’s privacy

Cohra is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided personal information through Cohra, please contact [email protected] and we will delete it.

Cookies and tracking technologies

The Cohra website currently uses only strictly necessary cookies — no analytics, no advertising, no third-party trackers. The cookie consent banner is in place so we can ask for your permission if and when we add anonymous analytics in the future. The Cohra mobile app does not use cookies, advertising identifiers, third-party trackers, or App Tracking Transparency. See our Cookie Policy for the website-side details.

Automated decision-making and profiling

Cohra does not use your personal data to make automated decisions that produce legal or similarly significant effects. AI-generated responses to “Ask Cohra” are content suggestions, not automated decisions about you.

Changes to this policy

We may update this policy from time to time. The “Last updated” and “Effective” dates at the top of this page reflect the latest version. If the changes are material, we will display a notice in the app the next time you open it, so you can review the changes before continuing to use Cohra. Continued use of Cohra after the changes take effect means you accept the updated policy.

Contact us

For privacy questions or to exercise your rights:

• Email: [email protected]
• Postal: Sviat Minato, 55 Front Street West, Toronto, ON M5J 1E6, Canada
• Supervisory authorities: in Canada, the Office of the Privacy Commissioner of Canada and, in Quebec, the Commission d’accès à l’information. Visitors in the EU/UK may contact their local data protection authority.