Privacy Policy

Last updated: June 16, 2026

MCode Apps ("we", "our", or "us") operates the Speechly mobile application (the "Service"). Your privacy is critically important to us. This Privacy Policy clarifies our practices concerning the collection, processing, and disclosure of your information when you use our Service, specifically in compliance with the General Data Protection Regulation (GDPR) and other global privacy frameworks.

By accessing or using our Service, you agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not use our Service.

1. Information Collection and Processing

Saved Audio, Files, and Storage Processing

Speechly provides tools to convert text into speech and manage your audio creations locally. Our application is built to prioritize user privacy and data minimization:

• Local Text Extraction: When you import a document (PDF, DOCX, or TXT), the text is processed locally on your device. We do not upload your documents or their text content to our servers.

• Audio Synthesis via System TTS: Audio generation is handled directly by your device's native operating system Text-to-Speech (TTS) engine.

• Internet Required Natural Voice Notice: Please note that if you select an internet-required natural voice within your device's system settings, your operating system may transmit the text securely over the internet to its own cloud infrastructure to execute the audio synthesis. Our application does not manage, collect, or store this text data, nor do we control the server architecture used by your system's TTS provider.

• Local Storage and Media Access: The application automatically saves your generated audio files directly to your device's public storage without requiring any permissions. To display your history list inside the "Saved Audios" screen, the app requests standard read-only media permissions (such as READ_EXTERNAL_STORAGE or READ_MEDIA_AUDIO, depending on your Android version). These permissions are used exclusively to find and play your files locally within the app. We do not copy, upload, or transmit your audio files or their details to any external servers.

Third-Party Services & Personal Data (Network-Based)

To monetize, track errors, and improve app stability, we integrate third-party SDKs provided by Google LLC. These services collect identifiers that are legally classified as Personal Data (Pseudonymized Data) under the GDPR:

• AdMob: We use AdMob to display inline banner and native advertisements within our application layouts (including contextually injected native ad placements inside the "Saved Audios" list view). AdMob collects device identifiers, advertising IDs (such as Android's AAID), and IP addresses to serve advertisements, prevent fraud, and track ad performance.

• Firebase Analytics: We utilize Firebase Analytics to understand user demographics and behavioral patterns within the app (e.g., screens visited, buttons tapped). This helps us determine which features to improve.

• Firebase Crashlytics: We use Firebase Crashlytics to collect stack traces and system logs when the app crashes, allowing us to identify and fix bugs. This data includes device model, operating system version, and technical state at the time of the crash.

2. Legal Basis for Processing (EEA Users)

If you reside within the European Economic Area (EEA), our legal basis for collecting and processing the personal data described above depends on the context:

• Consent: We rely strictly on your explicit, affirmative consent to process personal data for targeted advertising and personalized analytics. This consent is collected via our integrated Google User Messaging Platform (UMP) form upon your first launch of the app. If you refuse consent, personalized tracking features are deactivated, personal identifiers are withheld, and advertisements are served in a non-personalized format.

• Legitimate Interests: When consent is withheld, basic non-personalized ad delivery, anonymous analytical event pings (via Google Consent Mode v2), and operational crash logging (via Firebase Crashlytics) are processed under our legitimate interest to maintain app stability, security, and basic monetization, provided these interests do not override your fundamental data privacy rights.

3. Managing Your Privacy & Withdrawing Consent

You have full control over your data. If you are in the EEA, you can view, change, or completely withdraw your consent preferences at any time:

1. Open the App Drawer (side menu) within Speechly.

2. Scroll to the bottom and select Consent Settings.

3. Adjust your preferences using the Google UMP form.

Withdrawing consent will immediately restrict third-party SDKs from processing your data for personalized or analytical tracking purposes.

4. International Data Transfers

The pseudonymous data collected by Google AdMob and Firebase may be transferred to, and processed in, countries outside of the EEA—primarily the United States. Google utilizes approved legal transfer mechanisms, such as Standard Contractual Clauses (SCCs) or reliance on adequacy decisions (such as the EU-U.S. Data Privacy Framework), to ensure your personal data receives an equivalent level of protection globally.

5. Your GDPR Data Subject Rights

If you are a resident of the European Union or the EEA, you hold the following rights under the GDPR regarding your personal data:

• Right of Access: The right to request copies of the pseudonymous data collected about your device.

• Right to Erasure ("Right to be Forgotten"): The right to request that we or our partners delete data linked to your advertising ID or instance ID.

• Right to Restrict or Object to Processing: The right to limit how your data is processed, or object to processing justified by legitimate interests.

• Right to Data Portability: The right to request the transfer of your data to another organization.

Because we do not use account registrations (usernames, passwords, or emails) and do not store user identities on central servers, most data we hold is completely pseudonymized. To exercise any of these rights, you may need to reset your device's Advertising ID or contact us with your specific technical instance IDs.

6. Children’s Privacy

Our Service is not directed to individuals under the age of 13 (or under 16 in certain EEA member states). We do not knowingly collect personal data from children. If we discover that a child under the legal age has provided us with personal data, we will take immediate steps to delete it from our third-party partner systems.

7. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. Any revisions will be reflected on this page with an updated "Last Updated" date at the top. We encourage you to review this policy periodically to stay informed about how we safeguard your data.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your data rights, or our data handling practices, please contact us at:

Email: mcodeapps.dev@gmail.com