EchoFour Privacy Policy

Last updated: 27 June 2026

EchoFour is an internal tool built by TwoFour for its own employees. It records work meetings, transcribes them, and produces written summaries. It is not a consumer product and is not offered to the general public. This policy explains what data EchoFour handles and how we protect it.

Key point: meeting transcripts and summaries are end-to-end encrypted. They are encrypted so that they can only be read on your own device. Our servers cannot read the content of your meetings — we only ever store unreadable ciphertext.

1. Who this applies to

EchoFour accounts are restricted to TwoFour employees, authenticated with a company Google account on an allow-listed domain. There is no public sign-up. If you are not a TwoFour employee, this app is not intended for you.

2. What data we process

Account identity (from Google Sign-In): your name, email address, and Google account identifier. Used only to authenticate you and associate your meetings with your account.
Meeting audio: the audio you choose to record is uploaded so the server can transcribe it. Audio is processed and then deleted according to our retention schedule once the transcript and summary have been produced.
Transcripts & summaries: the text of your meeting and its summary. These are end-to-end encrypted (see §4) and are stored only as ciphertext the server cannot decrypt.
Meeting metadata (server-readable by design): title, date, duration, attendee names you enter, chosen summary preset, language, and processing status. This lets the app show your history list, sort meetings, and send notifications without decrypting any content.
Calendar data (optional): if you connect Google Calendar, we read upcoming event details to pre-fill meeting information. We do not store your calendar beyond what you attach to a meeting.
Device push token: a Firebase Cloud Messaging token so we can notify you when a summary is ready.

3. How we use the data

To authenticate you and keep your account secure.
To transcribe and summarize the meetings you record.
To show your meeting history and send "summary ready" notifications.
To operate, maintain, and debug the service.

We do not sell your data, use it for advertising, or use the content of your meetings to train machine-learning models.

4. End-to-end encryption

EchoFour is designed so the server cannot read the content of your meetings:

A master key is generated on your device and never sent to the server in a usable form. It is unlocked with a passphrase you choose (and a one-time recovery code for a new phone).
After transcription, the server encrypts each meeting's transcript and summary to your public key, stores only the ciphertext, and immediately discards the plaintext and the encryption key.
Only your device — using your passphrase or recovery code — can decrypt and read the content.
This is zero-knowledge: if you lose both your passphrase and your recovery code, your encrypted meetings cannot be recovered by anyone, including us. There is no administrator override.

Limitation, stated plainly: transcription and summarization happen on the server, so the plaintext necessarily exists in server memory for the brief moment it is being processed, before it is encrypted and discarded. It is never written to disk in readable form.

5. Third-party processors

To run the service we share the minimum necessary data with:

Google — sign-in (identity) and, if you connect it, Calendar.
Speech-to-text provider — transcribes your uploaded audio.
Large-language-model provider — generates the summary from the transcript.
Cloud hosting & object storage — runs the server and stores encrypted data.
Firebase Cloud Messaging (Google) — delivers push notifications.
Email provider — only when you choose to email a summary; the summary is decrypted on your device and relayed without being stored.

6. Data retention

Audio recordings are deleted after processing, per our retention schedule.
Encrypted transcripts & summaries and meeting metadata are retained while your account is active so you can access your history.
When your account is removed, your associated data is deleted.

7. Permissions the app requests

Microphone — to record meeting audio when you start a recording.
Notifications — to tell you when a summary is ready.
Network — to upload audio and sync your encrypted meetings.

8. Your choices & rights

As this is an internal company tool, data requests (access, correction, or deletion) are handled through TwoFour's internal IT/security process. Contact the address below and we will action your request.

9. Children

EchoFour is a workplace tool for TwoFour employees and is not directed to children.

10. Changes to this policy

We may update this policy as the product evolves. Material changes will be communicated internally and reflected by the "last updated" date above.

11. Contact

Questions about this policy or your data: privacy@twofour.com.