Skip to content

Trust

Privacy and Security

Audio stays on the device

Inference runs entirely on the end-user's device, in every binding and in every plan. The audio your application captures or processes never travels to Rapidly servers, and we have no technical ability to see, hear, or store it. This is structural: the SDK has no upload path for audio.

Secure by default

Rapidly processes audio on your device. Whatever the deployment, from always-offline hardware to always-online apps and cloud services, the audio itself never leaves the device. What changes from one deployment to the next is only how licensing and usage are verified, and we offer two models built for different needs.

  • Offline licensing: verified entirely on the device, with no connection to us at all. Built for hardware and for industries where security is critical, including air-gapped systems.
  • Connected licensing: built for applications, voice agents, and cloud services where latency is critical and audio must stay secure. It authenticates the end user and meters usage, while the audio itself is still processed on the device. This is the model our own browser extension uses.

Rapidly SDK

The Rapidly SDK is our primary product: an audio inference library built from scratch by Rapidly. Customers embed it in their own applications and devices.

  • Source-available bindings: the Swift, Kotlin, and Python wrappers are published on GitHub.
  • Code-signed Apple distribution: the xcframework is code-signed, and the macOS slice is additionally notarized.
  • App Store compliance: a PrivacyInfo.xcprivacy manifest is bundled with every Apple slice.

Rapidly browser extension

The Rapidly browser extension is our own end-user product, built on the SDK. It separates and enhances the audio of a browser tab in real time. Audio is processed on your device and is never recorded, stored, or uploaded. It uses the connected model: you sign in with an email address or with Google, and we record real-time processing time to manage usage allowances and protect the service from abuse.

Who we are

Rapidly Labs AS is a Norwegian company that builds audio technology for shaping any audio. We operate the website at rapidly.io, ship the Rapidly SDK, and offer the Rapidly browser extension.

  • Company name: Rapidly Labs AS
  • Organization number: 937 250 274
  • Registered address: Sagveien 23F, 0459 Oslo, Norway
  • Privacy contact: privacy@rapidly.io

For the purposes of the EU General Data Protection Regulation (GDPR), Rapidly Labs AS is the data controller for the personal data described below.

Personal data we collect

Through rapidly.io:

  • Newsletter signup: email address, plus your opt-in confirmation for the newsletter and privacy terms.
  • Contact form: your full name, work email, company name, and the content of your message.
  • Cookies and traffic data: set only after you accept analytics in our cookie banner. Used in pseudonymous form to understand traffic patterns.

Through your Rapidly ID:

If you have an account with any Rapidly product, you have a single identity we call your Rapidly ID. One Rapidly ID is used across Rapidly products, so your data lives under one identity wherever you use us.

  • Account details: the email address you use to sign in, whether you register with an email and password or sign in with Google. Google sign-in also returns basic profile information for that account.
  • Usage data: the amount of time spent in real-time processing, recorded only for connected, telemetry-based usage and our end-user products such as the browser extension. Offline licensing reports no usage back to us, and we never collect or store the audio that is processed.

We do not process any special categories of personal data (sometimes called "sensitive personal data").

If you contact us by email, social media, or other channels outside the website, we will also receive whatever you choose to share in that conversation.

How we use your data

  • Answer questions submitted through our contact form, including licensing, support, and partnership inquiries.
  • Send newsletter updates when you have opted in. You can unsubscribe from every email we send.
  • Sign you in to products that require a Rapidly ID.
  • Understand which pages and features are used on rapidly.io, in aggregate and pseudonymous form, to improve the site.
  • Comply with legal obligations that apply to us (accounting, tax, responding to lawful requests).

We do not sell, rent, or trade your personal data.

Who we share it with

We use the following processors to operate rapidly.io. Each is bound by appropriate data-processing terms and either operates inside the EU or relies on an EU-approved transfer mechanism.

ProcessorPurpose
VercelHosting, edge functions, and CDN for rapidly.io
CloudflareDNS and traffic protection
SupabaseOperational data storage, including Rapidly IDs (sign-in) and usage records
AttioCustomer-relationship management. Newsletter signups and contact-form submissions are stored here.
ResendTransactional email (replies to inquiries, newsletter delivery)
Google WorkspaceBusiness email used by the Rapidly team
PostHogProduct analytics. Captures pseudonymous interaction events to understand how visitors use the site. Hosted in the EU. Loads only after you accept analytics cookies.
Google AnalyticsPseudonymous traffic analytics. Loads only after you accept analytics cookies.

We share information with these processors strictly on the basis described in this policy and never for their own independent purposes.

Where your data is stored

The website (Vercel) and our application backend (Supabase) are hosted within the European Economic Area. Some of the processors above (notably Google Workspace, Google Analytics, and Cloudflare) operate globally, including in the United States. Where personal data is transferred outside the EEA, we rely on Standard Contractual Clauses or the EU-US Data Privacy Framework as appropriate.

How long we keep your data

  • Newsletter subscribers: until you unsubscribe or ask us to delete your record.
  • Contact-form messages: retained in our CRM for as long as it is reasonable to maintain the business relationship, then deleted. You can ask for earlier deletion at any time.
  • Account and usage data: kept for the life of your Rapidly ID. When you delete your Rapidly ID, we delete the associated personal data, subject to any legal retention obligations.
  • Cookies: session cookies expire when you close your browser. Persistent cookies have lifetimes from a few days to one year, depending on purpose.
  • Backups: when we delete data on request, please allow up to 30 days for it to clear from backups.

Cookies

We use a small number of cookies, grouped as follows:

  • Strictly necessary cookies that keep the site working. These cannot be turned off, and they do not track you across other sites.
  • Analytics cookies that help us understand which pages and features are useful. These run only after you accept analytics in our cookie banner.

You can change your cookie preferences at any time using the banner.

Your rights under the GDPR

If you live in the EEA, the UK, or another jurisdiction that recognizes equivalent rights, you have the right to:

  • Access the personal data we hold about you and how we use it.
  • Rectify any inaccurate or incomplete data.
  • Erase your personal data, subject to any legal retention obligations.
  • Restrict how we process your data while a dispute is being resolved.
  • Object to processing that we base on legitimate interests.
  • Portability: receive your personal data in a structured, machine-readable format.
  • Withdraw consent for any processing we base on consent (for example, newsletter signups or analytics cookies). Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, write to privacy@rapidly.io. We will respond within the time limits set by the GDPR (normally one month).

You also have the right to complain to your national data protection authority. For Norwegian residents, that is Datatilsynet (datatilsynet.no).

Children

Our website and services are not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please email privacy@rapidly.io and we will delete it without unnecessary delay.

Changes to this policy

We may update this policy as the business evolves: new products, new processors, new legal requirements. Material changes will be posted on this page along with a new effective date. The latest version is always live at rapidly.io/privacy.

Contact us

For any privacy question, including to exercise the rights above:

  • Email: privacy@rapidly.io
  • Postal: Rapidly Labs AS, Sagveien 23F, 0459 Oslo, Norway
  • Organization number: 937 250 274

Last updated: 2026-06-29.