Sayvi ("the app") runs on Even Realities G2 smart glasses through the Even Hub host app. It listens to live conversation, transcribes it, and shows topic suggestions on the glasses HUD. This document explains what data the app handles, where it goes, and what is retained.
TL;DR
- Sayvi has two transport modes: Managed ($5/month with 7-day trial, email-OTP sign-in) and BYOK (you supply your own OpenAI and ElevenLabs API keys; calls go direct from your phone and never touch the Sayvi backend).
- Microphone audio is streamed live for transcription and discarded after recognition — never written to disk on Sayvi's servers.
- Transcripts and presets are stored locally on your phone via the Even Hub host's
setLocalStorageAPI. - We send anonymized product analytics to Amplitude via the Sayvi backend. We never send raw transcripts, audio, preset prompt content, API keys, or your raw email.
Data the app collects
Microphone audio (permission: g2-microphone)
When you start a session, the app captures 16 kHz PCM audio from the G2 glasses microphone. Audio frames are streamed in real time to ElevenLabs Scribe v2 Realtime over a WebSocket connection for transcription:
- BYOK mode: the WebSocket connects directly from your phone to
wss://api.elevenlabs.iousing your ElevenLabs key. Audio bytes never touch the Sayvi backend. - Managed mode: your phone mints a short-lived ElevenLabs single-use token via the Sayvi backend, then the audio WebSocket goes phone → ElevenLabs directly. The Sayvi backend is in the auth path but not in the audio path.
Audio frames are not saved to disk anywhere and the mic stops the moment you open the menu, end the session, or the app is backgrounded.
Transcribed text + topic suggestions (permission: network)
Finalized transcript segments are sent to a Large Language Model for two tasks: (a) cleaning up the transcript per segment, and (b) generating up to three topic suggestions for the HUD. Only the running transcript and a small system prompt are sent; no microphone audio.
- BYOK mode: calls go phone →
https://api.openai.comdirectly, using your OpenAI key. - Managed mode: calls go phone →
https://sayvi.app/api/llm/...→ OpenAI. The backend forwards the request and returns the response; request/response bodies are not stored.
Account, billing, and email (Managed mode only)
If you choose Managed mode, you sign in with an email-OTP flow handled by the Sayvi backend. We store:
- Your lowercased email and a SHA-256 hash of it (the hash is what product-analytics events are keyed by).
- A Stripe customer ID and subscription status so we can gate access. Billing itself is handled by Stripe (
checkout.stripe.com,billing.stripe.com) under their privacy policy. - A JWT session token stored on your phone via
setLocalStorage. We do not store passwords — there are none.
We do not receive or store card numbers — Stripe handles those.
Product analytics
Sayvi sends anonymized product-usage events (event names, counts, durations, categorical settings like the selected mode/preset/transport) to the Sayvi backend, which forwards them to Amplitude. We use these to understand which features are used and where the app fails.
We never send raw transcripts, audio, microphone bytes, preset prompt content, your API keys, or your raw email address. Managed-mode users are identified by a SHA-256 hash of their lowercased email; BYOK users are identified by a random per-install device id stored in local app storage.
Local storage (no permission required)
The app stores the following on your phone via the Even Hub host's setLocalStorage API:
sayvi.settings— preset choice, mode, model, interval, language hints, transcript visibility. In BYOK mode this also contains your OpenAI and ElevenLabs API keys; in Managed mode it contains your JWT session token and email.sayvi.customPresets— any custom presets you create.sayvi.liveSession,sayvi.sessions.manifest,sayvi.session.<id>(chunked) — your conversation history and per-session snapshots.
These records stay on the phone and are scoped to this app. You can delete them by uninstalling the app.
Network destinations
Every domain the app can reach is whitelisted in app.json — the Even Hub host blocks all others. The full list:
https://api.openai.com— OpenAI Chat Completions (BYOK mode only)https://api.elevenlabs.io+wss://api.elevenlabs.io— ElevenLabs Scribe v2 Realtimehttps://sayvi.app— Sayvi backend (Managed mode: auth, STT-token mint, LLM proxy, analytics, billing)https://checkout.stripe.com,https://billing.stripe.com— Stripe checkout & customer portal
What third parties do with your data
When the app calls OpenAI or ElevenLabs (directly in BYOK or via Sayvi's backend in Managed mode), those services act as independent data controllers under their own privacy policies:
In BYOK mode, requests use your own keys and show up under your own provider accounts. In Managed mode, requests are made under Sayvi's account and the third-party-data-usage agreement Sayvi has with each provider applies.
What the app does NOT do
- No advertising or third-party SDKs other than the anonymized product analytics described above.
- No background recording — the mic only runs while a session is active and the app is in the foreground.
- No selling of any personal data.
Children
The app is not directed at children and is not designed for use by anyone under 13.
Data deletion
- BYOK users: uninstalling the app removes all local data. There is nothing for us to delete server-side because we never received any.
- Managed users: email dmitry@sergeyev.io from the address tied to your account and we will delete your account record, hashed email, Stripe customer link, and analytics identifiers within 30 days.
Changes to this policy
Material changes will be reflected in the date at the top of this document and called out in CHANGELOG.md in the repository.
Contact
Questions: dmitry@sergeyev.io