Privacy

Your conversation
is not our data.

TiQ processes your most sensitive professional conversations. We built the privacy model structurally — not as a policy statement, but as architecture that makes retention impossible.

"All audio, transcription, and AI responses are deleted the moment your session ends. Nothing is stored, anywhere."
This isn't a marketing claim backed by a policy. It's a description of the architecture. TiQ is built so that storing conversation content would require significant engineering effort to add — it doesn't happen by default, by accident, or by omission. The pipeline clears on session end. There is nothing to recover.
Data lifecycle

Where every piece of data
goes — and where it doesn't.

Each data type has a defined lifecycle. None of them end in a database, a log file, or a backup.

Audio
Captured by Chrome extension
Extension → WebSocket → Backend → Deepgram
100ms chunks, in-flight only, never written to disk
✗ Never stored
Transcripts
Final utterances only, in Node.js memory
Deepgram → conversationBuffer (RAM)
120s sliding window, cleared on session end
⟳ Memory only
LLM prompts
Assembled and sent in-flight
promptBuilder → LLM API → response
Transit only. Never logged. Never stored.
→ In transit only
Suggestions
WebSocket → browser memory → display
Confidence gate → WebSocket → React state
Shown on screen. Never written to disk.
⟳ Browser memory only
Session end
All in-memory state cleared
conversationBuffer.clear() → session deallocated
Browser state cleared on tab close
✓ Cleared completely
What IS stored
Only entitlements, session metadata, and account data
Postgres: user_id, session duration, timestamp, persona type
No transcript text. No suggestion content. No audio.
✓ Metadata only
API key handling

Your API key never
leaves your browser session.

BYOK track
When you bring your own OpenAI or Anthropic key, TiQ handles it with strict discipline. It exists in exactly one place — React component state — for exactly one duration: your session.
1
Key entered on setup screen. Stored in React component state only. Never written to localStorage or sessionStorage.
2
Passed to backend in the session handshake. Held in-memory for session duration only. Not written to any database or log.
3
Used exclusively to make LLM calls on your behalf. Never transmitted to any third party other than your chosen LLM provider.
4
Session ends. Key is cleared from memory. No trace remains anywhere in the TiQ system.
Track comparison

BYOK vs Managed —
same privacy, different path.

Both tracks deliver the same privacy guarantee. The difference is who supplies the LLM key and bears the inference cost.

// BYOK track
You supply the API key (OpenAI or Anthropic)
LLM inference billed to your own provider account
Key held in React state, cleared on session end
TiQ never has access to your key after session end
Privacy statement: "nothing stored, anywhere"
// Managed track
TiQ supplies the API key server-side
LLM inference cost absorbed in session price
Your conversation content is sent to the LLM provider on your behalf
Same privacy guarantee: no transcript stored by TiQ
Privacy statement: "nothing stored — including by our AI provider"
Important clarification for Managed track users: TiQ makes LLM calls on your behalf using its own provider key. This means your conversation content travels to OpenAI or Anthropic during the session as part of the LLM prompt. Neither TiQ nor its provider stores that content — but you should be aware it transits their infrastructure. If your organization has strict data residency requirements, the BYOK track gives you full control over which provider handles your data.
Server logs

Logs contain IDs.
Never content.

Our central logger is built to enforce this structurally. A log call containing transcript text or suggestion content throws an exception — it's not permitted to reach the log sink.

Backend log policy — enforced in code
✓ Permitted in logs
session_id
chunk_seq, utterance_seq, call_id
server_seq (event sequence)
Latency metrics (ms)
Status codes and error types
Event names and pipeline stage transitions
LLM provider name (not key)
✗ Never permitted in logs
× Transcript text (any utterance content)
× Suggestion content or explanation
× LLM prompt text
× LLM response body
× API keys (any credential field)
× Radar rationale text
× User-entered setup text fields
Common questions

Privacy questions,
answered directly.

Can TiQ employees read my meeting transcripts? +
No. Transcripts exist only in the backend's Node.js process memory for the duration of your session. They are never written to a database, a log, or any storage system TiQ employees have access to. By the time a session ends, there is nothing to read.
Is my conversation used to train AI models? +
No. TiQ does not store conversation content in any form that could be used for training. For BYOK track users, whether your data is used to train your LLM provider's models is governed by your agreement with that provider (OpenAI, Anthropic). For Managed track users, TiQ uses API access under agreements with providers that include data protection terms — your content is not used for training.
What happens to my data if TiQ is acquired or shuts down? +
Because conversation content is never stored, there is no conversation data to be acquired, transferred, or lost. The only data that would be subject to business continuity concerns is your account information (email, payment records) — which is standard for any paid service. Your meetings are not at risk.
Can I use TiQ for confidential client meetings? +
Yes, with appropriate context. TiQ's architecture is designed to minimize data exposure. For highly regulated industries (legal, healthcare, financial services), you should verify whether your organization's policies permit AI-assisted tools that process conversation content, regardless of storage guarantees. The BYOK track gives you direct control over which LLM provider handles your data.
Does TiQ comply with GDPR? +
TiQ's architecture is designed to minimize personal data processing. Conversation content — which could constitute personal data under GDPR — is processed transiently and never stored. The metadata we retain (session timestamps, persona types, duration) is minimal and necessary for entitlement management. We're in the process of completing a formal Data Protection Impact Assessment and will publish our full GDPR documentation for enterprise users.
How do I know the privacy claims are technically accurate? +
Healthy skepticism is appropriate. Our security page describes the architectural enforcement mechanisms — including how the central logger throws exceptions on forbidden fields, how BYOK keys are scoped to React state only, and how the conversation buffer is cleared on session teardown. We're planning to make key privacy-critical modules available for independent review as we approach enterprise readiness.
Nothing stored, anywhere

Start a session with
confidence.

The privacy architecture is built into the product. Not a policy you have to trust — an architecture you can verify.

Start your first session Security architecture →