Which apps does Wisot work with?

All of them. Wisot captures the Android system audio stream — YouTube, Spotify, Audible, Coursera, podcast apps, local mp3 files. No integrations or plugins needed.

Do I need an internet connection?

Not for speech recognition. The Whisper model runs entirely on-device — your audio never leaves your phone. Internet is only needed for the AI tutor to generate questions.

Does Wisot work on iOS?

Android 8.0+ only for now. iOS doesn't allow system-level audio capture, so the format will be different. Follow updates on our social channels.

14 days of Pro with no limits and no card required. After the trial, 3 hours per month free forever. Pro starts at $5/month.

How is Wisot different from flashcards and Anki?

Wisot works in the flow of listening — no need to manually create cards. The testing effect is applied at the moment of learning, which is 1.3× more effective than delayed review.

PRIVACY POLICY OF THE WISOT.APP (LEARNTIME) MOBILE APPLICATION

Version 1.0 Effective date: {{ДАТА_ВСТУПЛЕНИЯ_В_СИЛУ}}

Note on language. The Russian version of this Policy prevails over this English version in the event of any discrepancy, to the extent permitted by the laws of the Russian Federation. This English version is provided for the convenience of English-speaking Users.

1. GENERAL PROVISIONS

1.1. This Privacy Policy (the "Policy") has been adopted in accordance with Russian Federal Law No. 152-FZ dated 27 July 2006 "On Personal Data" ("FZ-152"), Russian Federal Law No. 242-FZ dated 21 July 2014 (data localization), Russian Federal Law No. 149-FZ dated 27 July 2006 "On Information, Information Technologies and Information Protection", Government Decree No. 1119 dated 1 November 2012, orders of authorized agencies (including Roskomnadzor, FSTEK, FSB), and other regulatory acts of the Russian Federation in the field of personal data. The Policy does not constitute GDPR compliance; where certain rights resemble GDPR entitlements, this is provided voluntarily for User convenience and does not extend the Operator's obligations beyond FZ-152.

1.2. The Policy defines the procedures for the processing of personal data and the measures to ensure the security of personal data taken by the operator — Limited Liability Company "VIZOT" (the "Operator") — when the User uses the Wisot.app mobile application (also referred to as LearnTime, the "Application"), and the related software/hardware components and the Operator's server infrastructure.

1.3. The purpose of this Policy is to ensure the protection of human and civil rights and freedoms in the processing of personal data, including the protection of the rights to privacy and personal and family secrecy, in accordance with article 2 FZ-152.

1.4. The Policy applies to all personal data that the Operator obtains from the User, or that arises from the User's interaction with the Application and the Operator's server infrastructure, regardless of the means of processing or the storage media used.

1.5. Installing and launching the Application, completing registration (authorization), granting the Application the system permissions listed in section 6, as well as continuing to use the Application after the Policy enters into force, mean that the User has read the Policy and consents to its provisions. Special consents to the processing of certain categories of personal data and to cross-border transfer of personal data are obtained in the Application as separate User actions logged by the Operator's technical means.

1.6. The current version of the Policy is permanently available to the User in the Application interface (Settings → Privacy Policy) and on the Operator's official website at https://wisot.app/en/privacy/app.

1.7. This Policy does not apply to the actions of third parties — developers of other applications, sources of content captured by the User, telecommunications operators, manufacturers of the User's Device — except where such third parties act as processors of personal data on behalf of the Operator pursuant to part 3 of article 6 FZ-152.

2. OPERATOR DETAILS

2.1. The Operator, organizing and carrying out the processing of personal data, independently or jointly with other persons, is:

Name: Limited Liability Company "VIZOT" (LLC "VIZOT")
Taxpayer Identification Number (INN): 9707053050
State Registration Number (OGRN): {{ОПЕРАТОР_ОГРН}}
Registered (legal) address: {{ОПЕРАТОР_АДРЕС}}
Mailing address: {{ОПЕРАТОР_АДРЕС_ПОЧТОВЫЙ}}
Email for data subject requests: {{ОПЕРАТОР_EMAIL}}
Contact phone: {{ОПЕРАТОР_ТЕЛЕФОН}}
Registration number in the Roskomnadzor Register of Operators processing personal data: {{НОМЕР_В_РЕЕСТРЕ_РКН}}

2.2. The person responsible for the organization of personal data processing pursuant to article 22.1 FZ-152:

Position, full name: {{ОТВЕТСТВЕННЫЙ_ДОЛЖНОСТЬ_ФИО}}
Email: {{ОТВЕТСТВЕННЫЙ_EMAIL}}
Contact phone: {{ОТВЕТСТВЕННЫЙ_ТЕЛЕФОН}}

3. DEFINITIONS

3.1. The following terms are used in this Policy with the meanings set out in article 3 FZ-152:

"Personal Data" — any information relating directly or indirectly to an identified or identifiable individual (the data subject).
"Operator" — the entity referred to in section 2.
"Processing of Personal Data" — any action or set of actions performed with personal data, including collection, recording, systematization, accumulation, storage, adjustment, extraction, use, transfer, anonymization, blocking, deletion, and destruction.
"Automated Processing" — processing carried out using computer technology.
"Distribution" — actions aimed at disclosing personal data to an unspecified group of persons.
"Provision" — actions aimed at disclosing personal data to a specific person or group of persons.
"Blocking" — temporary cessation of processing of personal data.
"Destruction" — actions that make it impossible to restore the content of personal data.
"Anonymization" — actions that make it impossible to determine the affiliation of personal data to a specific data subject without additional information.
"Cross-Border Transfer" — transfer of personal data to a foreign state, authority, individual, or legal entity.
"Personal Data Information System" — the set of personal data contained in databases together with the information technologies and technical means that enable processing.

3.2. Special terms related to the functionality of the Application:

"User" — an individual who has reached the age established in clause 15.1 and has installed the Application on their mobile device.
"Device" — a mobile device running Android.
"Captured Content" — audio and/or video information played by the User on the Device through any third-party application (lectures on video-hosting platforms, online courses, podcasts, audiobooks, presentations, e-books) and arriving at the system audio capture and/or MediaProjection interfaces during an active Learning Session.
"On-device Processing" — performing automatic speech recognition (ASR), optical character recognition (OCR), and other text-extraction operations directly on the User's Device by means of neural network models hosted on the Device, without transmitting the original audio stream or imagery to the Operator's servers or to third parties.
"Transcript" — a textual record produced by on-device speech recognition; the original audio stream is not retained or transmitted to the Operator's servers.
"OCR Text" — a textual record produced by on-device optical character recognition; the original images are not retained or transmitted to the Operator's servers.
"Learning Session" — a continuous period of use of the Application identified by a unique identifier.
"Question" — a learning task generated by the Application and presented to the User at the moment of programmatic pause of Captured Content playback.
"Answer Evaluation" — the result of automatic evaluation of the User's answer (verdict and explanation).
"User Knowledge Model" — a set of numerical and structural parameters (assessments of mastery of knowledge components, parameters of an individual review schedule) accumulated by the Operator for the purposes of learning personalization.
"Third Parties in Captured Content" — persons whose personal data (voice, image, speech, identifying information in slides) may objectively be reflected in Captured Content.

4. CATEGORIES OF DATA SUBJECTS

4.1. Processing of personal data is carried out in respect of:

4.1.1. Users of the Application.
4.1.2. Representatives of Users and persons initiating requests to the Operator.
4.1.3. Third Parties in Captured Content (specifics — section 14).

4.2. Processing of personal data of minors is permitted subject to section 15. The Operator does not process personal data of children under 14.

4.3. Special categories of personal data (article 10 FZ-152) and biometric personal data (article 11 FZ-152) are not collected or processed. Incidental presence in Captured Content of information falling within special categories does not amount to deliberate collection by the Operator; such cases are governed by section 14.

5. PURPOSES OF PROCESSING

5.1. The Operator processes personal data of Users solely for predetermined and stated purposes:

5.1.1. Creation of the User's account and identification on each subsequent interaction.
5.1.2. Provision of core functionality: capture of system audio and screen projection, on-device ASR and OCR, generation of Questions, recording of answers, automatic evaluation of answers, and the formation and updating of the Knowledge Model.
5.1.3. Personalization of learning, including adaptation of difficulty and the construction of an individual review schedule.
5.1.4. Real-time messaging in the Learning Session chat.
5.1.5. Improvement of the quality of the Application based on anonymized or aggregated analytics.
5.1.6. Information security, prevention of abuse, maintenance of technical logs and logs of language model requests.
5.1.7. Performance of obligations imposed on the Operator by the laws of the Russian Federation.
5.1.8. Correspondence with the User, handling of requests, notification of material changes to the Policy.
5.1.9. Sending in-app notifications (review reminders, processing statuses, security notices).

5.2. Processing for any other purpose is not carried out. Where new purposes arise, the Operator notifies the User and obtains a separate consent.

6. PERSONAL DATA PROCESSED

6.1. The Operator processes personal data in the volume necessary and sufficient to achieve the purposes set out in section 5, in compliance with the principle of minimization (clause 5 article 5 FZ-152).

6.2. Account Identifiers of the User:

6.2.1. email obtained through Google OAuth 2.0 authorization;
6.2.2. display name of the Google account;
6.2.3. profile picture URL (avatar);
6.2.4. unique Google account identifier (Google ID);
6.2.5. internal account identifier issued by the Operator's authentication subsystem;
6.2.6. device identifier — a SHA-256 hash of a hardware identifier of the Device which does not allow the original hardware identifier to be reconstructed without additional information.

6.3. Learning Content derived from processing of Captured Content and User interactions:

6.3.1. Speech transcripts produced by on-device ASR; the original audio stream is not retained;
6.3.2. OCR text from screen captures produced by on-device OCR; the original images are not retained;
6.3.3. User answers to Questions in textual form (including those derived from voice recognition);
6.3.4. generated Questions and their metadata;
6.3.5. Answer Evaluations;
6.3.6. the User Knowledge Model.

6.4. Technical and Behavioral Data: Device OS version; Application version and build; interface language; time zone; screen resolution; session identifier; timestamps; product analytics logs (funnel and interaction events); logs of requests to language models containing session identifiers, request metadata, and usage metrics.

6.5. The Operator does NOT collect: geolocation, photo/video from the camera, contacts, calendar events, biometric personal data, financial/payment data, health information (other than incidental presence in Captured Content), personal data of persons under 14.

6.6. Android system permissions requested by the Application and the related purposes:

6.6.1. RECORD_AUDIO — used for two distinct purposes: (a) capture of the system audio of Captured Content played by the Device for on-device ASR; (b) capture of the User's voice via the microphone for (i) recognition of voice answers and (ii) the optional "Voice Activation" feature (section 6.8), if explicitly enabled by the User. In all cases the audio stream is processed in the Device's RAM and is not retained on the Device or on the Operator's server; only derived textual data per section 6.3 is transmitted to the server.
6.6.2. MediaProjection — screen captures for on-device OCR; the images are not retained.
6.6.3. FOREGROUND_SERVICE and subtypes (mediaProjection, microphone) — maintenance of the foreground service.
6.6.4. SYSTEM_ALERT_WINDOW — floating control over other applications.
6.6.5. POST_NOTIFICATIONS — Learning Session notifications.
6.6.6. INTERNET — network communication.
6.6.7. WAKE_LOCK — preventing sleep during a session.
6.6.8. VIBRATE — haptic feedback.
6.6.9. READ_PHONE_STATE — pausing the session on incoming calls; phone numbers, call content, and subscriber identifiers are NOT collected.

6.7. The User may revoke any permission through standard Android controls. Revoking technically necessary permissions may render the corresponding functionality unusable.

6.8. Optional "Voice Activation" feature (wake-word):

6.8.1. The Application includes an optional subsystem that recognizes activation commands — predefined key phrases spoken by the User ("pause", "repeat", "skip", and others, the list of which is fixed by each Application build). The feature lets the User control a Learning Session without tactile interaction with the screen.
6.8.2. The feature is strictly optional and is OFF by default. Enabling and disabling are performed by the User in the Application interface: Settings → Voice activation → toggle. The use of other Application functionality does not depend on the state of this toggle.
6.8.3. Operating principle: when the feature is enabled and while the Application is in the voice mode of a Learning Session, the Device microphone remains open; the incoming audio stream is continuously analysed on-device by a speech recognition model for the sole purpose of detecting key phrases. Processing takes place exclusively in the Device's RAM. The original audio stream is not written to the Device's internal storage, not transmitted to the Operator's server, and not disclosed to third parties.
6.8.4. Data transmitted to the Operator's server upon a key-phrase trigger: a session identifier, a device identifier, a classified command intent drawn from a closed enumeration, timestamps, aggregated quality metrics (latency, echo-suppression flag). The full transcript of the spoken phrase recognized at the moment of the trigger is not transmitted to the server and is held only in the Device's RAM until the dispatch decision is made, after which it is destroyed.
6.8.5. Safeguards against false triggers and unauthorized voice collection: (a) a state machine gate that disables recognition during periods of waiting for the User's answer and during technical processing of the answer; (b) suppression of false triggers from the Application's own synthesized speech and from speech in Captured Content; (c) the ability to instantly disable the feature via the toggle without restarting the Application.
6.8.6. The legal ground for processing microphone audio for the purposes of "Voice Activation" is clause 1 part 1 article 6 FZ-152 (the data subject's consent), expressed by enabling the corresponding toggle. Disabling the toggle is equivalent to withdrawal of consent for this functionality and terminates microphone-audio processing for command recognition purposes from the moment of disabling.

7. LEGAL GROUNDS FOR PROCESSING

7.1. The legal grounds under articles 6, 9, and 12 FZ-152:

7.1.1. clause 1 part 1 article 6 — the data subject's consent; applicable to Learning Content (clause 6.3) and to cross-border transfer (section 10).
7.1.2. clause 5 part 1 article 6 — performance of the agreement; applicable to Account Identifiers (clause 6.2), including the email used for authorization and internal identifiers.
7.1.3. clause 7 part 1 article 6 — legitimate interests of the Operator; applicable to Technical and Behavioral Data (clause 6.4) for security, error mitigation, and prevention of abuse.

7.2. Specifics of cross-border transfer — article 12 FZ-152, section 10. Transfer to states that do not ensure adequate protection is performed only with consent in writing or in the form of an electronic document.

7.3. Special categories of personal data and biometric personal data are not processed; articles 10 and 11 FZ-152 do not apply.

7.4. The Operator complies with the principles of article 5 FZ-152: lawfulness and fairness, content and scope correspondence with purposes, exclusion of processing incompatible with the purposes, accuracy and timeliness, retention in a form that permits identification of the subject only for as long as the purposes require.

8. MEANS OF PROCESSING

8.1. Processing is carried out by automated means — an information system comprising the client Application and the Operator's server infrastructure. Non-automated processing is not carried out, except for handling data subject requests.

8.2. Processing includes the following automated actions: collection, recording, systematization, accumulation, storage, adjustment, extraction, use, transfer (including cross-border), anonymization, blocking, deletion, destruction.

8.3. The architectural minimization principle:

8.3.1. The original audio stream is subject to on-device ASR; only the Transcript is transmitted to the servers and to third parties.
8.3.2. The original screen images are subject to on-device OCR; only the OCR Text is transmitted to the servers and to third parties.
8.3.3. Recognition of key phrases for "Voice Activation" (section 6.8), when enabled, is performed exclusively on-device; only the classified command intent and the service metrics under clause 6.8.4 are transmitted to the server, without the full transcript and without the original audio.
8.3.4. Transmission of textual data to a language model (OpenAI, L.L.C.) is limited to the volume necessary for the generation of Questions and the automatic evaluation of answers, and is performed in accordance with section 10.

8.4. Decisions producing legal consequences for the User on the basis of solely automated processing (article 16 FZ-152) are not made. Answer Evaluations are educational in nature and do not produce legal consequences.

9. STORAGE OF PERSONAL DATA

9.1. In accordance with part 5 of article 18 FZ-152 (as amended by FZ-242 effective from 1 September 2015), the recording, systematization, accumulation, storage, adjustment, and extraction of personal data of citizens of the Russian Federation are carried out using databases located on the territory of the Russian Federation.

9.2. The Operator's server infrastructure that ensures the primary accumulation and storage of personal data is located on the territory of the Russian Federation at a hosting provider with whom the Operator has a contract that establishes obligations regarding the location of technical means on the territory of the Russian Federation and the level of protection in accordance with Government Decree No. 1119.

9.3. The details of the hosting provider and the addresses of technical sites are provided to the authorized state agencies within their competence and are not publicly disclosed for information-security reasons.

9.4. Composition of the information system:

9.4.1. On the Device: secure storage by means of Android Keystore — internal identifiers and authorization tokens; local storage of interface settings; on-device ASR and OCR neural network models (containing no personal data).
9.4.2. On the server: a relational database of the Operator that records accounts, Learning Sessions, Learning Content (clause 6.3), the Knowledge Model, and technical logs (clause 6.4); object storage for the cache of profile pictures; in-memory caching means not intended for long-term storage of personal data.

9.5. Retention periods by category:

9.5.1. Account data — for the period of the account's lifetime; destruction — no later than 30 calendar days after deletion of the account or withdrawal of consent.
9.5.2. Learning Content (clause 6.3) — for the period necessary for personalization and the operation of the spaced-repetition algorithm, but no longer than 36 months from the date of creation; earlier deletion — upon User request.
9.5.3. Analytics events — no longer than 24 months; anonymization after 12 months.
9.5.4. Logs of language model requests — no longer than 12 months; used for security audit.
9.5.5. Backup copies — no longer than 90 calendar days; deletion from active databases does not result in immediate deletion from backups, and personal data is blocked in backups until the backup retention period expires.

9.6. Upon achievement of the purposes of processing, expiration of retention periods, withdrawal of consent, or detection of unlawful processing, the Operator ceases processing and destroys the personal data within no more than 30 calendar days.

9.7. Destruction of personal data is performed in a manner that excludes the possibility of restoration; the fact of destruction is recorded in service logs.

10. DISCLOSURE TO THIRD PARTIES. CROSS-BORDER TRANSFER

10.1. The Operator does not sell, barter, or otherwise commercially distribute personal data. Disclosure to third parties is performed only in the cases described in this section.

10.2. Disclosure within the Russian Federation:

10.2.1. To the hosting provider — as a person carrying out processing on behalf of the Operator (part 3 article 6 FZ-152), under a contract that lists the actions, purposes, confidentiality obligations, and protection requirements (article 19 FZ-152).
10.2.2. To authorized state agencies of the Russian Federation — upon duly motivated requests within their competence.

10.3. Cross-border transfer. General provisions:

10.3.1. A portion of the personal data is subject to cross-border transfer to the foreign states identified in clauses 10.4 and 10.5. The User should make an informed decision about granting consent.
10.3.2. The United States of America is NOT included in the list of foreign states ensuring adequate protection of data subjects' rights approved by Roskomnadzor Order No. 274 dated 5 August 2022. Cross-border transfer to the United States is therefore performed only with the data subject's written consent or consent in the form of an electronic document compliant with part 4 article 9 FZ-152 (part 4 article 12 FZ-152).
10.3.3. In accordance with article 12.1 FZ-152 (introduced by FZ-266 dated 14 July 2022, effective from 1 March 2023), prior to the commencement of cross-border transfer, the Operator submits a separate notification of intent to Roskomnadzor. The Operator updates the information when the recipients, scope of transferred data, or other material conditions change.
10.3.4. Should circumstances under part 11 article 12 FZ-152 arise, the Operator suspends or terminates the transfer in the manner and within the timeframe of the authorized agency's decision.
10.3.5. Prior to commencing the transfer, the Operator takes the measures under part 5 article 12 FZ-152, in particular requesting from foreign recipients information on protection measures and the conditions for cessation of processing.

10.4. Cross-border transfer to OpenAI, L.L.C.:

10.4.1. Recipient: OpenAI, L.L.C. (Delaware, principal place of business — California, USA). Transfer over secure channels using TLS.
10.4.2. Scope of transferred personal data: fragments of Transcripts and OCR Text for Question generation context; User answers for automatic evaluation; service metadata (session identifier, anonymized request identifier, token count). Account Identifiers from clause 6.2 (other than the service session identifier and the anonymized request identifier) are NOT transmitted to OpenAI.
10.4.3. Purposes: generation of Questions and automatic evaluation of answers (clause 5.1.2).
10.4.4. Language models of the GPT family provided by OpenAI, L.L.C. via the OpenAI API are used. The Operator may change the specific model within this family provided that the level of protection is preserved.
10.4.5. Legal ground: the User's consent in the form of an electronic document (clause 1 part 1 article 6 and clause 1 part 4 article 12 FZ-152).
10.4.6. According to OpenAI's publicly disclosed API data usage terms, data submitted via the API is not used to train models. The Operator does not enter into separate agreements that would alter this condition unfavorably. If the recipient changes its terms, the Operator informs Users (section 16).

10.5. Cross-border transfer to Google LLC:

10.5.1. Recipient: Google LLC (Delaware, principal place of business — California, USA). Transfer via Google OAuth 2.0 over TLS.
10.5.2. Scope of transferred personal data: the fact of authorization initiation, request parameters (the Operator's client identifier, requested scopes, redirect URI). In return the Operator receives: Google ID, email, name, profile picture URL.
10.5.3. Purposes: User authorization (clause 5.1.1).
10.5.4. Legal ground: the User's consent expressed by initiating authorization through Google OAuth, and the necessity of performance of the agreement (clause 5 part 1 article 6 — for subsequent use; clause 1 part 1 article 6 and clause 1 part 4 article 12 FZ-152 — for cross-border transfer).
10.5.5. Google's processing terms — https://policies.google.com.

10.6. Refusal of cross-border transfer:

10.6.1. The User may decline to consent to cross-border transfer. In this case, the functionality available is limited to that which does not involve interaction with foreign recipients.
10.6.2. Withdrawal of previously given consent — under the procedure of section 11 or via the consent management controls in the Application interface. From the moment of withdrawal, the Operator ceases the corresponding operations.

11. DATA SUBJECT RIGHTS AND THE PROCEDURE FOR THEIR EXERCISE

11.1. The data subject has the rights set out in chapter 3 FZ-152, including:

11.1.1. obtaining the information referred to in part 7 article 14 FZ-152 (confirmation of processing, legal grounds, purposes, means, the Operator, access, transferred personal data, source, retention periods, procedure for exercising rights, cross-border transfer, processors);
11.1.2. requiring clarification, blocking, or destruction of personal data that is incomplete, outdated, inaccurate, unlawfully obtained, or unnecessary for the purpose (part 1 article 14);
11.1.3. withdrawing consent to processing (part 2 article 9);
11.1.4. opting out of receiving informational notifications, except those required by law or necessary for the operation of the Application;
11.1.5. lodging a complaint against the Operator's actions or inaction with Roskomnadzor or in court.

11.2. Procedure for exercising rights:

11.2.1. Request to {{ОПЕРАТОР_EMAIL}} or to the postal address (section 2). It is recommended to indicate the email used for authorization for identification purposes. In the cases set out in part 4 article 14 FZ-152, the request must include the number of the principal identity document, information on the date of issue and the issuing authority, information confirming participation in the relations with the Operator, and a signature. An electronic form must include an electronic signature in accordance with the applicable rules.
11.2.2. The Operator responds within the timeframes of article 20 FZ-152: 30 calendar days for the provision of information or a motivated refusal; 7 business days for amendment, destruction, or blocking after confirmation of incompleteness, inaccuracy, or unlawfulness.
11.2.3. Upon withdrawal of consent, the Operator may continue processing without consent in the cases provided for in part 2 article 9 and clauses 2–11 part 1 article 6, part 2 article 10, and part 2 article 11 FZ-152. In other cases, processing ceases and personal data is destroyed within no more than 30 calendar days.
11.2.4. The Application provides software means: a function to delete the account (equivalent to a request; results in the deletion of Account Identifiers and associated Learning Content within the timeframes of section 9) and a function to export Learning Content in a machine-readable format.

11.3. The Operator may refuse to provide information in the cases set out in part 8 article 14 FZ-152 (defense, security, public order, verification of compliance with article 5, participation in judicial proceedings) — with a motivated response.

11.4. Roskomnadzor contact information: 109074, Moscow, Kitaygorodsky Proezd, building 7, structure 2; https://rkn.gov.ru; complaints portal — https://pd.rkn.gov.ru.

12. PERSONAL DATA SECURITY MEASURES

12.1. The Operator implements legal, organizational, and technical measures to protect personal data from unauthorized or accidental access, destruction, modification, blocking, copying, provision, distribution, and other unlawful actions (article 19 FZ-152, Government Decree No. 1119).

12.2. Following the classification of the personal data information system and the identification of relevant threats, the corresponding protection level has been established and a complex of measures, including those provided for in FSTEK Order No. 21 dated 18 February 2013, has been implemented.

12.3. Organizational measures:

12.3.1. adoption of this Policy and internal regulations;
12.3.2. appointment of a person responsible for the organization of processing (article 22.1 FZ-152);
12.3.3. a list of persons granted access to processing, with access rights segregation;
12.3.4. familiarization of employees and engaged specialists;
12.3.5. confidentiality agreements;
12.3.6. an incident response procedure (notifications within the timeframes of parts 3.1 and 3.2 article 21);
12.3.7. internal compliance audits.

12.4. Technical measures:

12.4.1. TLS for all connections with automatic renewal of certificates;
12.4.2. service isolation by means of containerization and an internal software network;
12.4.3. row-level access control in the database based on the authenticated user identifier;
12.4.4. secure storage by means of Android Keystore for authorization tokens;
12.4.5. on-device ASR and OCR without transmission of original audio or images;
12.4.6. technical logs with segregated access and the retention periods of clause 9.5;
12.4.7. backup copies with destruction in accordance with clause 9.5.5;
12.4.8. regular updates of infrastructure components.

12.5. Transparent disclosure of the current status of certain technical measures:

12.5.1. As of the effective date of this Policy, end-to-end at-rest encryption at the file system or block device level is not activated; access is restricted by access controls of the hosting provider and the Operator, and protection is ensured by other measures of clause 12.4 (row-level access control, isolation, TLS, restriction of administrative accounts). Activation of at-rest encryption is planned.
12.5.2. As of the effective date of this Policy, certificate pinning in the Application is not implemented; the security of the transport connection relies on the standard TLS chain-of-trust verification provided by Android. Implementation is planned.

12.6. The Operator does not guarantee absolute security but takes measures appropriate to the level of threats, the requirements of the laws of the Russian Federation, and applicable industry practices.

12.7. Upon detection of an incident relating to unlawful (or accidental) transfer of personal data, the Operator notifies Roskomnadzor within 24 hours, and reports the results of the internal investigation within 72 hours (parts 3.1 and 3.2 article 21 FZ-152).

13. COOKIES AND LOCAL STORAGE

13.1. The Application does not use cookie technology in the sense applicable to web browsers. For the purposes of this section, the equivalents of cookies are local storage facilities on the Device.

13.2. Local storage facilities:

13.2.1. Secure storage by means of Android Keystore — internal identifiers and authorization tokens; retention — until account deletion or data clearance.
13.2.2. Local settings storage — interface parameters (language, display, consent flags); identifying personal data is not stored; retention — until settings are deleted or data cleared.
13.2.3. Local file storage — ASR/OCR neural network models (no personal data), temporary service files that are not transferred to the servers.

13.3. The User may clear local storage through standard Android controls (Settings → Apps → Wisot.app → Storage → Clear data). Clearing does not result in automatic deletion of data on the servers — for that, section 11 applies.

13.4. The Operator does not use, in the Application, the Google Advertising ID, third-party web analytics that could identify the User outside the Application, or cross-application tracking.

14. PROCESSING OF THIRD-PARTY DATA WITHIN CAPTURED CONTENT

14.1. The functionality of the Application based on system audio capture and screen projection objectively involves the possibility that personal data of third parties (voices of lecturers, speech of videoconference participants, images of faces and identifying information on slides) may appear in Captured Content.

14.2. Guarantees and User responsibility:

14.2.1. By initiating capture, the User confirms and warrants to the Operator that:
- (a) they have lawful access to the Captured Content, including in accordance with the terms of license agreements, the rules of use of third-party services, and applicable law;
- (b) they use the Application for personal, family, or other non-commercial educational purposes;
- (c) where the Captured Content contains the speech or image of third parties (including videoconference participants), they act in accordance with the requirements of the legislation on personal data, intellectual property, and information, as well as with corporate policies and local rules of the relevant organizations.
14.2.2. Responsibility for the lawfulness of capture, including respect for third-party rights (article 152.1 of the Civil Code of the Russian Federation, part 4 of the Civil Code), lies with the User. The Operator does not perform prior verification of lawfulness.

14.3. The Operator's architectural guarantees:

14.3.1. The Operator does not retain the original audio stream or original screen images either on the Device or on its servers. Processing is performed in the Device's RAM by neural network models hosted on the Device.
14.3.2. Only textual derivatives (Transcripts, OCR Text) and service metadata are transmitted to the Operator's servers. Original audio streams and images are not transmitted to third parties (section 10).

14.4. Legal regime of derived textual records:

14.4.1. Textual derivatives are processed as part of the User's learning material and are not used by the Operator to identify third parties. Where derivatives incidentally contain information that may identify a third party (for example, the names of lecturers), such information is processed in a confidential manner.
14.4.2. Upon a request from a third party, the Operator considers the request under section 11. Where there is no technical capability to reliably correlate the request with specific derivatives, the response is limited to general information about the architecture and the legal regime of textual derivatives.

14.5. Intellectual property rights in the Captured Content are not transferred, granted, or licensed to the Operator. The Operator does not store or distribute the Captured Content; processing is limited to the extraction of textual derivatives for the User's learning purposes.

14.6. Restrictions on use:

14.6.1. The User undertakes not to use the Application to capture content containing special categories of personal data of third parties (article 10 FZ-152), information constituting state, banking, commercial, attorney-client, medical, or notarial secrets, personal data resulting from covert audio/video surveillance, or other information whose capture without the consent of authorized persons is unlawful.
14.6.2. The User undertakes not to use the Application in the course of operative-investigative activities, journalistic activity involving covert recording of private life, or other purposes unrelated to personal (non-commercial) learning.
14.6.3. The Operator may suspend or terminate access where there are sufficient grounds to believe that the User is violating the requirements of this section, with notice within a reasonable timeframe and preserving the ability to exercise data subject rights.

15. PROCESSING OF PERSONAL DATA OF MINORS

15.1. The Application is intended for use by individuals who have reached the age of 14. Use by individuals under 14 is not permitted.

15.2. Upon registration, the User confirms that they are at least 14. For individuals aged 14–18, use is permitted subject to the laws of the Russian Federation regulating the legal capacity of minors in the information sphere and, where applicable, with the consent of legal representatives.

15.3. The Operator does not request or collect age information beyond the said confirmation. Upon receipt of credible information that a User has become a person under 14, the Operator:

15.3.1. immediately suspends processing;
15.3.2. destroys the collected personal data within no more than 30 calendar days;
15.3.3. deletes the corresponding account.

15.4. A legal representative of a minor may submit a request to the Operator under the procedure of section 11 demanding deletion of the account and destruction of the personal data.

16. CHANGES TO THE POLICY

16.1. The Operator may unilaterally amend the Policy in connection with changes in legislation, functionality, the composition of recipients, or for other justified reasons.

16.2. The current version is available in the Application and at https://wisot.app/en/privacy/app. The effective date and version number — section 18.

16.3. Of material changes (composition of processed personal data, purposes, recipients, conditions of cross-border transfer, data subject rights), the Operator notifies Users no later than 10 calendar days prior, by means of:

16.3.1. an in-Application notice on first launch after publication;
16.3.2. an email notice to the address provided at authorization.

16.4. Non-material changes (clarifications, corrections, link updates) take effect on publication; the fact is recorded in the version history.

16.5. Continued use of the Application after the changes take effect constitutes the User's consent to the updated version. Where the User disagrees, use must cease and the account be deleted under section 11.

17. CONTACT FOR REQUESTS

17.1. Requests by data subjects relating to the exercise of rights under chapter 3 FZ-152, requests for information under part 7 article 14, statements of withdrawal of consent, and requests by third parties under section 14 are to be sent:

17.1.1. by email: {{ОПЕРАТОР_EMAIL}};
17.1.2. by post: {{ОПЕРАТОР_АДРЕС_ПОЧТОВЫЙ}};
17.1.3. by phone (for reference only, not for the receipt of legally significant requests): {{ОПЕРАТОР_ТЕЛЕФОН}}.

17.2. Person responsible: {{ОТВЕТСТВЕННЫЙ_ДОЛЖНОСТЬ_ФИО}}, email {{ОТВЕТСТВЕННЫЙ_EMAIL}}, phone {{ОТВЕТСТВЕННЫЙ_ТЕЛЕФОН}}.

17.3. Requests are handled in the manner and within the timeframes set out in clause 11.2.

18. EFFECTIVE DATE AND VERSION

18.1. The Policy was approved by the Operator on {{ДАТА_УТВЕРЖДЕНИЯ}} and enters into force on {{ДАТА_ВСТУПЛЕНИЯ_В_СИЛУ}}.

18.2. Current version number: 1.0.

18.3. Previous versions (if any) are provided to data subjects upon request under section 11.