ApisVoiceprivacy

1. General information

The controller responsible for processing data derived from the use of the ApisVoice extension is ApisDom, the parent company that develops and publishes the extension.

• Product: ApisVoice, voice dictation for Chromium-based browsers.
• Publisher / Controller: ApisDom (apisdom.com).
• Official product site: app.apisdom.com/en/apisvoice/.
• Contact: app-apisvoice@apisdom.com.
• Distribution: Chrome Web Store (compatible with Chrome, Edge, Brave and Opera).

2. Data the extension does NOT collect

ApisVoice has been designed under the GDPR data minimization principle. The extension does NOT collect, store or transmit to ApisDom any of the following data:

• Personal identifiers (name, surname, address, phone).
• User account, login or email address.
• Audio captured by the microphone.
• Text dictated or recognized by the Web Speech API.
• Browsing history or list of visited pages.
• Content of the text fields where dictation is inserted.
• Tracking cookies or device identifiers.
• Usage metrics, telemetry or behavioral analytics.
• Operating system information, device model or IP address.
• Geolocation data.

3. How the extension works

ApisVoice converts the user's voice into text and inserts it in the focused field of the browser. Its operation consists of three clearly differentiated blocks:

3.1 Dictation activation

ApisVoice has two clearly differentiated layers:

• Interface layer (floating icon): the dictation icon is automatically injected into every loaded page, at document_idle state (after the page has finished loading). This is what allows you to dictate on any site where you write. This injection only adds a visual element: it does not read page content, send anything, or consume significant resources.
• Microphone layer (Web Speech API): the microphone remains disabled at all times, except when the user explicitly requests it by clicking the floating icon or using the Alt+Shift+V shortcut. It never activates on its own, in the background, or during page load.

3.2 Text insertion strategies

• Classic fields (input, textarea): the recognized text is inserted at the exact cursor position.
• Rich editors (Gmail, ChatGPT, LinkedIn, Notion, Slack): the text is inserted into the editor preserving the original formatting.
• Canvas-based editors (Google Docs, Figma, Miro): since these editors do not expose a standard editable text field, the text is automatically copied to the user's clipboard so they can paste it with Ctrl+V.

3.3 Visual states of the icon

• Green: armed, ready to record on click.
• Red with halo and waves: recording.
• Dimmed: disabled on the current domain by user preference.
• Bright red with toast: permission, network or microphone error.

4. Requested permissions

ApisVoice declares the following permissions in its manifest.json, each justified individually under the principle of minimum intrusion:

• activeTab: temporary access to the active tab when the user interacts with the extension, to insert the recognized text in the focused field.
• storage: save user preferences (language, icon position, hidden domains, pause settings) in chrome.storage.local, inside the user's own browser.
• scripting: inject the floating icon and the text insertion logic in the browser pages.
• host_permissions: <all_urls>: required so the floating icon can appear on any site where the user writes (Gmail, ChatGPT, LinkedIn, web forms, admin panels, etc.). Without this broad permission, ApisVoice would only work on a closed list of sites and would be useless in most real use cases. ApisVoice does NOT READ, does NOT STORE and does NOT TRANSMIT the content of the pages you visit: this permission only authorizes the browser to inject the icon and the insertion logic described in section 3.

Permissions ApisVoice does NOT request:

• history (browsing history).
• bookmarks (bookmarks).
• downloads (downloads).
• cookies (browser cookies).
• geolocation (geolocation).
• identity (the user's Google account).
• webRequest (network request interception).
• tabs (access to the browser's tab list).

5. Security and transparency

• All processing of preferences and insertion logic happens locally in the user's browser. The extension does not open connections to ApisDom-owned servers.
• The only implicit network communication occurs when the user activates dictation: the browser transmits the audio to its own speech recognition engine (Web Speech API). That communication is performed by the browser, not by ApisVoice.
• The extension declares a strict Content Security Policy (CSP) in its manifest, in compliance with Manifest V3, to prevent remote code execution.
• ApisVoice is published exclusively from the official Chrome Web Store, where Google reviews the code before each release.
• Requires a Chromium-based browser version 100 or higher (Chrome, Edge, Brave, Opera) as declared in the manifest.

6. Third-party services

ApisVoice does not integrate any external service of the following types:

• No Google Analytics, Mixpanel, Amplitude or any other analytics tool.
• No Sentry, LogRocket, Datadog or error monitoring services.
• No advertising pixels, no affiliate networks, no remarketing.
• No proprietary CDNs for third-party libraries.
• No external APIs for payments, authentication or storage.

Documented exception: the browser Web Speech API. This API belongs to the browser, not to ApisVoice. On Chrome, Edge and Brave, the engine uses Google servers to perform speech recognition. That communication is initiated by the browser when the user activates dictation, and is governed by the browser's own privacy policy. ApisDom does not intermediate, does not receive the audio and does not receive the recognized text.

7. User rights

In accordance with the GDPR (EU Regulation 2016/679) and the LOPDGDD (Spanish Organic Law 3/2018), the user has the right to:

• Access: know which data is processed. In this case, none on ApisDom servers.
• Rectification: correct data. Done from the extension popup by changing the preferences.
• Erasure: delete data. Done with the Clear my preferences option in the popup, or by uninstalling the extension.
• Restriction and objection: the user can stop using the extension at any time or disable it per domain.
• Portability: preferences are stored in chrome.storage.local and can be inspected and exported manually.
• Complaint to a supervisory authority: in Spain, before the Spanish Data Protection Agency (AEPD).

8. Privacy configuration

The user controls their own experience from the extension popup:

• Dictation language: selector with the 10 verified languages.
• Per-domain visibility: hide the microphone on specific sites, or show it again on all of them.
• Punctuation pauses: adjust the pause thresholds for comma (500-1500 ms) and period (1000-3000 ms).
• Test my microphone: 3 seconds of measurement without transcribing or sending audio.
• Clear my preferences: complete cleanup of local data with confirmation.
• Revoke microphone permission: from chrome://settings/content/microphone or the equivalent browser settings.

9. Limitation of liability

ApisVoice is offered "AS-IS", without explicit or implicit warranty of uninterrupted or error-free operation. The user accepts that:

• The quality of transcription depends on the browser's speech recognition engine, not on ApisVoice's code.
• The availability of dictation depends on the user's internet connection and on the availability of the browser's Web Speech API.
• ApisDom is not responsible for damages derived from transcription errors, false positives in pause detection or any incorrect interpretation of the audio.
• The user is responsible for reviewing the inserted text before sending, especially in sensitive contexts (professional emails, legal forms, critical communications).

10. Legal compliance

ApisVoice has been developed in accordance with:

• GDPR (EU Regulation 2016/679, General Data Protection Regulation).
• LOPDGDD (Spanish Organic Law 3/2018, Data Protection and Guarantee of Digital Rights).
• LSSI (Spanish Law 34/2002 on Information Society Services and Electronic Commerce).
• Chrome Web Store Developer Program Policies, including the limited use of data policy.
• Manifest V3 for browser extensions, with its security restrictions.

11. Policy updates

Any change to this policy will be published on this same page by updating the "Last updated" date and the version. Substantive changes will be notified visibly during a reasonable period, both on this site and in the release notes of the new version published in Chrome Web Store.

12. Contact and support

For any inquiry about this policy, to exercise your GDPR rights or to report a security vulnerability, write to: app-apisvoice@apisdom.com.

For general suggestions or questions about how to use the extension, please first check the frequently asked questions page.