whatayarn (https://whatayarn.com) is a voicemail link for podcasters and creators. This policy explains what data we collect, how we use it, and the choices you have.
It covers three groups of people:
- Creators: you have a whatayarn account and a channel where you receive voice messages.
- Senders: you leave a voice message on a creatorâs page. You do not need an account.
- Visitors: you browse our site.
1. The Data We Collect
| Category | Examples | Why we collect it |
|---|---|---|
| Account data | Name, email, and profile photo from your sign-in provider | Account creation, sign-in, and support |
| Billing data | Payment details, processed and stored by Stripe | Subscriptions and invoicing. We never see your full card number |
| Voice messages | Audio recordings, plus any name, email, title, or details a sender chooses to include | The core service: delivering messages to the creatorâs inbox |
| Usage and device data | IP address, browser type, pages visited, and product events | Security, debugging, and understanding how the product is used |
| Cookies and local storage | Session cookies and saved preferences | Keeping you signed in and remembering your settings |
We do not intentionally collect sensitive categories of data (for example, health or political opinions) or data from children under 13 (see section 8).
2. Voice Messages You Send
When you leave a message on a creatorâs page:
- Your recording is stored by whatayarn and delivered to that creatorâs inbox.
- Adding your name and email is optional, unless the creator has chosen to require it. The page will tell you what is required before you send.
- The creator can listen to, download, and delete your message, and may use it in their own content, for example by playing it in a podcast episode. See our Terms of Service for details.
- If you want a message removed, contact the creator directly, or email us and we will help.
3. How We Use Your Data
- Provide the Service: store recordings, deliver them to inboxes, and keep you signed in.
- Process payments: through Stripe. We never see your full card details.
- Communicate with you: account notices, new-message notifications, and support replies.
- Improve and secure the Service: analytics, debugging, and fraud and abuse prevention.
- Meet legal obligations: including under the Australian Privacy Act 1988 (Cth).
We may add optional processing of recordings in the future, such as automatic transcription, to make messages easier to read and search. If we do, it will only be used to provide the Service, and this policy will be updated before it launches.
4. Service Providers
We do not sell or rent your personal data. We share it only with the providers that run the Service:
| Provider | What it does | Data involved |
|---|---|---|
| Stripe | Payment processing | Billing details and email |
| Supabase | Database and sign-in | Account data and message details |
| UploadThing | Audio file storage | Voice recordings |
| Vercel | Hosting | Usage and device data |
| Resend | Transactional email | Email address and notification content |
| PostHog | Product analytics | Usage events and device data |
| Sentry | Error monitoring | Device data and diagnostic logs |
| Upstash | Rate limiting | IP address |
Each provider processes data on our instructions and must keep it confidential.
5. Legal Bases (GDPR Visitors)
For EU/UK users, we rely on:
- Contractual necessity: to deliver the Service you signed up for.
- Legitimate interests: to improve safety, performance, and user experience.
- Consent: for optional cookies or marketing emails. You may withdraw it at any time.
- Legal obligation: to satisfy accounting or regulatory requirements.
6. Data Retention
- Account data: until you delete your account.
- Voice messages: until the creator deletes them, or when the account that holds them is deleted.
- Financial records: 7 years, as required by law.
7. Your Rights & Choices
| Region | Your rights include |
|---|---|
| Australia | Access, correction, and complaint lodging under the Privacy Act 1988 |
| EU/UK (GDPR) | Access, rectification, erasure, restriction, portability, objection, and complaint to a supervisory authority |
You can delete your account, and everything in it, at any time from your account settings. For anything else, such as a copy of your data, email hellowhatayarn@gmail.com and we will respond promptly.
8. Childrenâs Privacy
The Service is not directed to children under 13. If you believe a child has provided personal data, please contact us so we can delete it.
9. Cookies & Tracking Choices
We use cookies and local storage to keep you signed in, remember preferences, and gather usage statistics. Most browsers let you refuse or delete cookies, although disabling them may limit functionality, such as staying signed in.
10. Security
We employ industry-standard technical and organisational measures such as encryption in transit, role-based access controls, and regular security reviews. No system is 100% secure, so we encourage using a strong, unique password with your sign-in provider.
11. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be emailed to you and posted on this page with a new âLast updatedâ date. Continued use of the Service after changes means you accept the revised policy.
12. Contact
Questions or concerns? Email hellowhatayarn@gmail.com.
