Privacy Policy

Last updated: April 5, 2026

Privacy Policy Details

Plain-Language Summary

Soteria is a personal safety tool. Your safety data is sensitive and we treat it that way. Here is what you need to know:

  • Audio recordings are processed on your device by default. They never touch our servers unless you enable cloud backup.
  • Cloud backup is opt-in only and end-to-end encrypted before leaving your device.
  • We never sell your data. We never share it with third parties. We never use it for advertising.
  • You can delete your data at any time. Auto-delete enforces your chosen retention period.
  • We use OAuth only (Google or Microsoft). We never store passwords.

What Data We Collect

Account Data

When you sign in via Google or Microsoft OAuth, we receive your name, email address, and profile picture from the identity provider. This is used solely to identify your account. We do not store passwords.

Safety Session Data (On-Device)

When you activate a Soteria session, the following data is generated and stored on your device only:

  • Audio recordings
  • Real-time transcriptions
  • GPS location coordinates
  • Session timestamps
  • Cryptographic hashes for evidence integrity

This data does not leave your device unless you explicitly enable cloud backup.

Safety Session Data (Cloud Backup — Opt-In)

If you enable cloud backup (available on Personal tier and above), your session data is encrypted end-to-end on your device before transmission. We cannot read your recordings or transcripts. Cloud backups follow your chosen retention period and are automatically deleted when that period expires.

Emergency Contact Notifications

When Soteria sends alerts to your emergency contacts, we transmit your current GPS location, alert type, and (if enabled) live transcript excerpts. This data is transmitted securely and is not stored by Lonia AI after delivery.

Usage Analytics

We collect anonymized, aggregated usage analytics to improve Soteria. This includes feature usage frequency and app performance metrics. This data contains no personally identifiable information and cannot be linked to individual users or sessions.

What We Do Not Collect

  • Passwords (OAuth-only authentication)
  • Audio content on our servers (unless cloud backup enabled)
  • Contacts list beyond your designated emergency contacts
  • Browsing history
  • Data from other apps on your device

Recording Consent Laws

Soteria is aware of recording consent laws across jurisdictions. In one-party consent states, Full Recording mode is available. In two-party consent states, Soteria defaults to Silent Alert mode (GPS tracking and emergency alerts only — no audio recording). You maintain control over which mode is active at all times.

Data Retention

On-device data retention is controlled entirely by you. Cloud backup data follows your chosen retention period and is automatically purged when that period expires. Account data is retained while your account is active. Upon account deletion, all associated data is permanently removed within 30 days.

Your Rights

  • Right to access: View all data associated with your account at any time.
  • Right to deletion: Delete your data at any time. Request full account deletion and all data will be permanently removed.
  • Right to portability: Export your session data in standard formats.
  • Right to correction: Update your account information at any time.

Security

All data in transit is encrypted via TLS. Cloud backup data is end-to-end encrypted. Authentication uses OAuth SSO (Google and Microsoft) with no password storage. Row-level security is enforced on every database table. Audit trails log all significant actions.

Children's Privacy

Soteria is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

Changes to This Policy

We will notify you of material changes via email or in-app notification before they take effect. Continued use of Soteria after changes constitutes acceptance of the updated policy.

Contact

For privacy questions or data requests, contact us at admin@lonia.ai.