Privacy Policy

Last updated 28 June 2026 · Applies to the Hibr app and account

Hibr is built so that privacy is the default, not a setting. This notice explains, in plain language, what we collect, why, who else touches it, and the choices and rights you have.

The short version

No bot joins your call. Hibr listens from your own computer’s audio — there is nothing to invite into the meeting.
No recording is kept. Audio is transcribed live and discarded the moment it becomes text. We never store a recording, and audio never transits our own servers.
Your notes are private to your account. They’re encrypted in transit and access-locked to you. To be clear: they are stored in a form our systems can read so we can sync, search, and support them — they are not end-to-end encrypted.
We don’t sell your data and we don’t run advertising or third-party tracking.

1. Who we are

Hibr (“Hibr”, “we”, “us”) provides a meeting note-taking application for Arabic and English. Hibr is operated by its founder. You can reach us about privacy — or anything else — at [email protected]. Payments are handled by our Merchant of Record, Lemon Squeezy (see Section 7).

2. What we collect

Account information — your email address and the password you set. Passwords are handled by our authentication provider and stored only in hashed form; we never see your plaintext password.
Your notes and transcripts — the notes you type, the live transcript Hibr produces from a meeting, and the structured summary Hibr generates. These are saved to your account so they sync across your devices.
Meeting audio (transient only) — audio from your microphone and your computer’s output is processed in real time to produce the transcript. It is not recorded or stored — see Section 5.
Usage data — the number of meeting minutes transcribed and the volume of AI processing used, so we can apply plan limits and bill correctly.
Billing information — payments are handled by our Merchant of Record (see Section 7). They collect your payment details; we receive only limited billing information such as subscription status and the country needed for tax. We do not store full card numbers.
Limited technical data — basic diagnostic information such as app version and error reports needed to keep the service secure and working. We do not use third-party analytics or advertising trackers.

3. How we use your data

To provide the core service — transcribe your meetings, generate notes, and sync them to your account.
To create and secure your account and sign you in.
To measure usage, apply plan limits, and process your subscription.
To protect the service against abuse and to fix problems.
To respond to your requests and provide support.
To meet legal and regulatory obligations.

4. Our legal basis

We process your data to perform our contract with you (providing the app you signed up for), on the basis of your consent where required (for example, capturing meeting audio), and for our legitimate interests in operating and securing the service, balanced against your rights.

5. How meeting audio is handled

This is the heart of how Hibr protects you. When you record a meeting, audio is streamed from your device to our speech-to-text provider to be transcribed live. As soon as it becomes text, the audio is discarded. We do not keep a recording, the audio is never written to a disk by us, and it does not transit or get stored on our own servers.

To turn that raw transcript plus what you typed into a clean summary, the text is sent securely (encrypted in transit) through our service to our AI provider, which generates your notes. That text is processed to produce your notes and is not stored by our processing layer.

Meeting audio can include the voices of other participants. You are responsible for letting the people in your meetings know that Hibr is taking notes, and for obtaining their consent where the law requires it.

6. How your notes are stored and protected

Your notes and transcripts are stored in your Hibr account. They are encrypted in transit (TLS) and access-locked to you with row-level security, so only your authenticated account can read them.

To be transparent: your notes are stored in a form that our systems can read, which is what lets us sync them across your devices, support you, and operate the service. They are not end-to-end encrypted, and we do not claim to be unable to access them.

Separately, Hibr offers an optional local folder mirror. It is off by default. If you turn it on, Hibr writes a one-way copy of your notes as plain files into a folder you choose on your own computer; that copy lives only on your device.

7. Who else processes your data

We use a small number of trusted providers that process data on our behalf, under their own terms and security commitments. We do not sell your data, and we share it only as needed to run the service or to comply with the law.

Provider	What it does	What it processes
Speechmatics	Live speech-to-text	Meeting audio, transiently, to produce the transcript (not stored by us)
Anthropic	Generates your structured notes (Claude)	Your transcript and typed notes, in transit, to produce the summary
Supabase	Account, database, and hosting	Your account info and your stored notes
Lemon Squeezy	Merchant of Record (payments)	Your payment and billing details

8. International transfers

Some of the providers above process data on infrastructure located outside the Kingdom of Saudi Arabia. Where that happens, your data is transferred internationally to provide the service to you. We share only what is needed to deliver the service, and we rely on the security commitments of those providers to protect it.

9. How long we keep it

Meeting audio — not retained; discarded the moment it becomes text.
Notes and transcripts — kept in your account until you delete them or close your account. When you close your account, your notes are deleted within 30 days.
Account and billing records — kept for as long as your account is active and afterwards only as long as required for legal, tax, and accounting purposes.

10. Your rights

Under Saudi Arabia’s Personal Data Protection Law (PDPL), you have the right to:

be informed about how your data is processed;
access your data and obtain a copy;
request correction of inaccurate or incomplete data;
request deletion of your data;
withdraw consent you previously gave.

To exercise any of these, contact [email protected]. You also have the right to lodge a complaint with the competent Saudi authority (the Saudi Data & AI Authority, SDAIA).

11. Security

We protect your data with encryption in transit, account-scoped access controls (row-level security), and encrypted storage of sensitive credentials. No system is perfectly secure, but we work to protect your data and to respond promptly if something goes wrong.

12. Children

Hibr is intended for use by adults in a workplace setting and is not directed to children.

13. Changes to this notice

If we make material changes, we will update this page and revise the “last updated” date above, and where appropriate we will notify you.

14. Contact

Questions about this notice or your data? Email us at [email protected].