Myna

Privacy Policy

Last updated: March 2026

1. Introduction

Myna Limited ("Myna", "we", "us", or "our") operates Myna, a desktop call recording and transcription application. This Privacy Policy explains what data the application handles, where it is stored, and what network connections it makes.

Our core principle is simple: your data stays on your device. Myna is designed so that recordings, transcripts, summaries, and other user-created content are never uploaded to any server operated by us or any third party.

2. Data That Stays on Your Device

The following data is created and stored exclusively on your local machine. It is never transmitted to Myna Limited or any third-party service:

  • Audio recordings — All recorded audio (system audio and microphone tracks) is saved as M4A files in your chosen storage directory (default: Documents/Myna).
  • Transcripts — Transcription is performed entirely on your device using whisper.cpp, a local speech recognition engine. No audio is sent to any cloud transcription service. Transcripts are stored as JSON and plain text files alongside the recordings.
  • AI summaries and action items — Summaries are generated locally using Ollama, an open-source local AI runtime. No transcript or recording data is sent to any external AI service.
  • Meeting metadata — Information such as recording duration, date, detected application, and transcription model used is stored in local JSON files.

3. Data We Do Not Collect

Myna does not collect, transmit, or have access to:

  • Your recordings, transcripts, or summaries
  • Any personally identifiable information (PII)
  • Usage analytics, telemetry, or crash reports
  • Browsing activity or application usage data
  • Device identifiers or hardware fingerprints

No user accounts are required. No personal profiles are created. No cookies are used within the desktop application.

4. Network Connections

Myna makes a limited number of network connections for specific purposes. No user-created data (recordings, transcripts, audio, or PII) is ever included in these connections.

4.1 Calendar Sync (User-Initiated)

If you choose to connect your calendar, Myna accesses the following services using OAuth 2.0 with PKCE (Proof Key for Code Exchange):

  • Google Calendar API — Read-only access to retrieve event metadata (event title, start/end time, and attendee names). No data is written to your calendar. No recording or transcript data is sent to Google.
  • Microsoft Graph API — Read-only access to retrieve event metadata from Outlook/Office 365 calendars, under the same conditions as above.

Calendar data is cached locally in a SQLite database within the application data directory and is periodically re-synced. You can disconnect your calendar account at any time, which removes the cached data and revokes the stored OAuth tokens.

4.2 Licence Validation

When you activate a licence key, Myna makes a single HTTPS POST request to licence.meetmyna.com. Only the licence key itself is transmitted. No recordings, transcripts, personal data, or device identifiers are included. The validation response is cached locally and subsequent validation is performed offline. Re-validation occurs at most once every 30 days.

4.3 Application Updates

Myna can optionally check for application updates via the Tauri updater. This check transmits only the current application version to determine if an update is available. This feature can be disabled in Settings.

4.4 Transcription Model Downloads

Pro users may download an enhanced transcription model (Whisper large-v3) from HuggingFace. This is a one-time download. No user data is sent to HuggingFace.

5. Data Stored Locally

All application data is stored on your device in the following locations:

Data Location Format
Recordings User-chosen directory (default: Documents/Myna) M4A audio files
Transcripts Same directory as recordings JSON and plain text
Calendar cache Application data directory SQLite database
OAuth tokens Windows Credential Manager Encrypted by OS
Licence key Windows Credential Manager Encrypted by OS
Configuration Application data directory JSON file

6. Third-Party Services

Myna integrates with the following third-party services. In all cases, no recording, transcript, or summary data is shared with these services.

  • Google Calendar API — Used for read-only calendar sync when authorised by the user via OAuth 2.0. Subject to Google's Privacy Policy.
  • Microsoft Graph API — Used for read-only calendar sync when authorised by the user via OAuth 2.0. Subject to Microsoft's Privacy Statement.
  • Stripe — Handles payment processing for licence purchases. Payment information is collected and processed entirely by Stripe. Myna does not receive or store your payment card details. Subject to Stripe's Privacy Policy.
  • Cloudflare — Our licence validation server at licence.meetmyna.com is hosted behind Cloudflare. Subject to Cloudflare's Privacy Policy.
  • HuggingFace — Used for one-time transcription model downloads. Subject to HuggingFace's Privacy Policy.

7. Google API Services — Limited Use Disclosure

Myna's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • Myna only requests read-only access to Google Calendar data.
  • Calendar data retrieved from Google is stored locally on your device and is used solely to match calendar events with detected meetings.
  • No Google user data is transferred to any third party.
  • No Google user data is used for advertising, market research, or any purpose unrelated to the core functionality of matching calendar events with recordings.
  • Users can revoke access at any time from within Myna's settings or from their Google Account permissions page.

8. Your Rights and Control

Because all data is stored locally on your device, you have complete and direct control over it:

  • Access — All recordings, transcripts, and summaries are stored as plain files on your machine. You can open, copy, move, or delete them at any time using your file manager.
  • Deletion — Delete any recording or transcript directly from the file system or from within the Myna application.
  • Portability — All files are in open, standard formats (M4A, JSON, plain text). No data export feature is needed because the data is already in portable formats on your device.
  • Calendar disconnection — Disconnect your calendar accounts at any time from Settings. This removes cached calendar data and deletes stored OAuth tokens from the Windows Credential Manager.
  • Uninstallation — Uninstalling Myna removes the application. Your recordings and transcripts in Documents/Myna are preserved and remain accessible.

9. Children's Privacy

Myna is designed for professional use and is not directed at children under the age of 16. We do not knowingly collect any personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. Because Myna does not collect email addresses or user accounts, we cannot notify users directly of policy changes. We encourage you to review this page periodically.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Myna Limited
Email: privacy@meetmyna.com