Privacy Policy
Last updated: February 20, 2026
Brain 2 is a voice and text capture app that sends your ideas to Notion. We collect only what is necessary to deliver the service and never sell your data or use it for advertising.
1. What We Collect
| Data | Why we collect it | Retention |
|---|---|---|
| Apple ID identifier | Creates and authenticates your account. We never receive your Apple email or password. | While your account is active |
| Voice recordings | Sent to OpenAI Whisper for transcription, then immediately deleted from our servers. | Deleted after processing |
| Text input | Sent to OpenAI GPT-4o-mini for AI parsing, then forwarded to your connected app (e.g. Notion). | Stored in history; deletable on request |
| Capture history | Lets you review past captures and AI output in the History tab. | Stored while active; deletable on request |
| OAuth tokens | Stored encrypted to keep Brain 2 connected to your Notion workspace. | Until you disconnect the integration |
| Button configuration | Your capture button names, icons, field mappings, and settings. | Stored while active; deletable on request |
| Usage counts | Enforces free-tier limits and manages your subscription. | Rolling weekly window |
| Service logs | Records feature usage, processing times, and errors to maintain and improve Brain 2. No device identifiers are collected. | 90 days, then aggregated |
2. How We Use Your Data
- Voice recordings are transcribed in real time by OpenAI Whisper and deleted from our servers immediately after processing.
- Transcriptions are parsed by OpenAI GPT-4o-mini to extract structured properties (title, status, date, etc.) based on your button configuration.
- Parsed data is forwarded to your connected apps (e.g. Notion) via their official APIs, exactly as you configured.
- We do not use your content to train AI models, build advertising profiles, or share data with third parties for marketing.
3. Third-Party Services
Brain 2 works with the following services. Each governs its own data practices:
- OpenAI — Transcription (Whisper) and AI parsing (GPT-4o-mini). See OpenAI Privacy Policy.
- Notion — Receives your structured captures when you use a Notion-connected button. See Notion Privacy Policy.
- Apple — Sign in with Apple for authentication. We receive only a unique identifier. See Apple Privacy Policy.
4. Microphone Access
Brain 2 requests microphone access solely to record voice captures on the Voice tab. Recording only begins when you actively hold or tap a button — the microphone is never accessed passively or in the background.
You can revoke microphone permission at any time in iOS Settings → Brain 2 → Microphone. Without it, the Text tab remains fully functional.
5. Data Security
- All data is transmitted over HTTPS (TLS 1.2 or higher).
- OAuth tokens for third-party services are stored encrypted at rest.
- Our servers are hosted on AWS with industry-standard access controls.
- We do not store your Apple ID credentials or payment details (payments are handled by Apple).
6. Your Rights
You can at any time:
- Access the personal data we hold about you.
- Delete your account and all associated data — via Settings → Delete Account, or by emailing us. Deletion is completed within 30 days.
- Export your capture history on request.
- Disconnect any third-party integration in Settings.
If you are in the EU, UK, or California, you may have additional rights under GDPR or CCPA. Contact privacy@brain-2.app to exercise them.
7. Children's Privacy
Brain 2 is not directed at children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has submitted information to us, contact us and we will delete it promptly.
8. Changes to This Policy
We may update this policy periodically. When we do, the “Last updated” date at the top of this page will change. Continued use of Brain 2 after updates constitutes acceptance of the revised policy.
9. Contact
For privacy questions, data requests, or account deletion: