Privacy Policy

Botnet LLC (“Sudo,” “we,” “us”) builds the Sudo Ring and its companion software. We collect information in the following ways:

Information you provide

• Account information. When you create a Sudo account we collect your name, email address, and a password (stored as a salted hash). This lets us authenticate you and sync memos across devices.
• Device preferences. Appearance settings, onboarding choices, and the set of tool integrations you enable (for example Gmail, Slack, Notion, or Linear).
• Support requests. Any information you send us when contacting support, including the contents of your message and any attachments.

Information collected automatically

• Voice recordings. When you press the Sudo Ring action button, a short audio clip is captured by the ring and transmitted to your paired iPhone for speech-to-text processing. Where possible, transcription is performed on-device; when the request requires cloud inference, the audio is sent to our transcription provider, processed, and deleted shortly after.
• Memo content. The transcribed text of your memos (“memo content”) is stored so you can search, edit, and act on it. Memo content is encrypted at rest and in transit.
• Usage and diagnostics. Aggregate, non-identifying metrics such as app launch count, crash reports, and battery telemetry from the ring. These help us improve stability and battery life.
• Device and connection data. Device model, OS version, ring firmware version, and IP address (used only for security, rate-limiting, and rough geolocation for fraud prevention).

We use the information we collect to:

• Provide, operate, and improve the Sudo Ring, the Sudo mobile app, and the AI agent capabilities — including voice-to-text transcription, inverse text normalization, and tool actions you request.
• Sync your memos and preferences across your devices and to the cloud so your data is available when you sign in.
• Communicate with you about product updates, security alerts, support replies, and (with your consent) occasional product announcements.
• Analyze usage patterns in aggregate to enhance device performance, battery life, transcription accuracy, and feature prioritization.
• Detect, prevent, and address fraud, abuse, and security issues affecting Sudo services.
• Comply with our legal obligations and protect our rights and the rights of other users.

We do not use your voice recordings or memo content to train AI models without your explicit opt-in consent.

We do not sell your personal data — not to advertisers, not to data brokers, not to anyone. We share information only in these limited circumstances:

• Service providers. We work with vetted sub-processors that help us run Sudo — for example a cloud hosting provider, a speech-to-text inference provider, and an email delivery service. Each is bound by contract to use your data only on our behalf and to protect it at a standard no less strict than this policy.
• Tool integrations at your direction. When you ask Sudo to perform an action with a third-party service (for example “Send a Slack message” or “Write a Linear ticket”), we send the content you dictated to that service using the credentials you authorized. That service’s own privacy policy governs the data once it arrives.
• Legal compliance. We may disclose information when required by law, court order, or government request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers. In the event of a merger, acquisition, or sale of assets, information may be transferred as part of the transaction. We will notify you before your data is subject to a different privacy policy.

We retain your information for as long as your account is active or as long as needed to provide the services you requested. More specifically:

• Voice recordings. Audio is processed ephemerally. On-device transcriptions never leave your phone. Cloud-processed audio is deleted immediately after transcription completes, unless you have explicitly opted in to storing recordings for your own reference.
• Memo content. Stored until you delete the memo or close your account. Deleting a memo removes it from all synchronized devices within 24 hours.
• Account information. Retained while your account is open. You can request deletion at any time (see Your Rights & Choices).
• Diagnostics and logs. Aggregated, de-identified metrics may be retained indefinitely. Identifiable logs are kept for no longer than 90 days unless required for an active security or legal investigation.

Depending on where you live, you may have the following rights over your personal data:

• Access. Request a copy of the personal data we hold about you.
• Correction. Ask us to fix inaccurate or incomplete information.
• Deletion. Request that we delete your personal data, subject to legal retention obligations.
• Portability. Receive your data in a structured, machine-readable format and transmit it to another service.
• Objection & restriction. Object to or restrict certain processing of your data.
• Withdraw consent. Revoke any consent you previously gave (for example, opting out of recording storage or marketing emails) at any time without affecting the lawfulness of processing before withdrawal.

You can exercise most of these rights directly in the Sudo mobile app under Settings → Privacy, or by emailing privacy@sudo-ring.com. We will respond within 30 days. If you believe we have not resolved your request, you have the right to lodge a complaint with your local data protection authority.

The sudo-ring.com website uses a minimal set of cookies and equivalent technologies:

• Essential cookies. Required for the site to function (for example, remembering your theme preference). These cannot be disabled.
• Analytics cookies. Privacy-respecting, cookie-less analytics that help us understand aggregate traffic patterns. No cross-site tracking, no personal profiles.

You can control cookie preferences through your browser settings. Disabling non-essential cookies will not affect your ability to use the site.

We design Sudo with security as a first principle. The measures we take include:

• End-to-end encryption. Data in transit between the ring, your phone, and our servers is encrypted with TLS 1.2+ at all times.
• Encryption at rest. Memo content and account data are encrypted at rest in our databases using industry-standard AES-256.
• On-device processing. Wherever feasible, transcription and text normalization happen locally on your iPhone, so raw audio never leaves your device.
• Secure hardware. The Sudo Ring uses a secure enclave for key storage and firmware integrity verification.
• Regular audits. We engage third-party security researchers to test our infrastructure and disclose vulnerabilities responsibly.

No system is perfectly secure. If we become aware of a breach affecting your personal data, we will notify you and the relevant authorities without undue delay in accordance with applicable law.

Sudo is not intended for use by children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact privacy@sudo-ring.com and we will take steps to delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will post the revised policy on this page and update the “Last updated” date above. If we make material changes that affect your rights, we will notify you through the app or via email before the changes take effect.

If you have any questions about this Privacy Policy or our data practices, we want to hear from you.

• Email: privacy@sudo-ring.com
• Mail: Botnet LLC, Attn: Privacy, c/o Registered Agent

We aim to respond to all privacy inquiries within 30 days.