Privacy & store compliance
Before you submit a mobile app that uses voice, you must declare the microphone and disclose that audio is sent to a third-party AI service for processing. This page is the copy-paste checklist for both app stores. It applies to the mobile app builds (App Store / Google Play) — the website widget ships no app and needs no store review.
Voice is processed server-side on Gemini Live — no AI model runs on the device, but the user's audio leaves the device and is sent to a third-party generative-AI service. Both Apple and Google require you to disclose this. The SDK only captures/plays audio; the disclosure obligation is on your app's store listing.
What data leaves the device
| Data | Where it goes | Notes |
|---|---|---|
| Microphone audio (voice sessions) | VoiceBot backend → Gemini Live | only while a voice session is active |
| Text turns | VoiceBot backend → Gemini Live | the typed message |
App context (updateContext / sendCartEvent) | VoiceBot backend → the model | zero-PII by contract — see Context enrichment |
| Session token | VoiceBot backend | short-lived JWT, stored in Keychain / EncryptedSharedPreferences, never logged |
The SDK does not ship its own analytics and does not collect end-user PII.
iOS
1. Microphone usage string (required)
NSMicrophoneUsageDescription — without it the app crashes on the first mic access, and review rejects it.
<key>NSMicrophoneUsageDescription</key>
<string>Talk to the in-app assistant. Your voice is sent to our AI service to answer you.</string>
- React Native
- Flutter
The Expo config plugin sets this for you; for a bare RN app add it to ios/<App>/Info.plist. You can override
the Expo string:
{
"expo": {
"plugins": [
["@monoverse/voicebot-react-native/app.plugin", { "microphonePermission": "Talk to the in-app assistant." }]
]
}
}
Add it to ios/Runner/Info.plist (the plugin does not edit your Info.plist):
<key>NSMicrophoneUsageDescription</key>
<string>Talk to the in-app assistant.</string>
2. Privacy manifest — PrivacyInfo.xcprivacy (required)
Apple requires a privacy manifest. Declare that audio data is collected and used for app functionality (and not for tracking). A minimal manifest:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSPrivacyTracking</key>
<false/>
<key>NSPrivacyCollectedDataTypes</key>
<array>
<dict>
<key>NSPrivacyCollectedDataType</key>
<string>NSPrivacyCollectedDataTypeAudioData</string>
<key>NSPrivacyCollectedDataTypeLinked</key>
<false/>
<key>NSPrivacyCollectedDataTypeTracking</key>
<false/>
<key>NSPrivacyCollectedDataTypePurposes</key>
<array>
<string>NSPrivacyCollectedDataTypePurposeAppFunctionality</string>
</array>
</dict>
</array>
</dict>
</plist>
The React Native package bundles a privacy manifest for its own audio API usage. You still need a manifest for your app declaring your data collection.
3. App Review Guideline 5.1.2 — disclose audio → AI
Under Apple's data-use rules (Guideline 5.1.2), disclose in your App Privacy answers and your privacy policy that the user's audio is transmitted to a third-party AI service (Google Gemini, via the VoiceBot backend) to provide the assistant. Do not imply on-device-only processing.
Android
1. RECORD_AUDIO permission (required)
- React Native
- Flutter
The Expo config plugin adds RECORD_AUDIO. For a bare RN app, add it to AndroidManifest.xml and request it
at runtime before starting voice:
<uses-permission android:name="android.permission.RECORD_AUDIO" />
The package declares RECORD_AUDIO; the SDK requests it at runtime for you before capture (denial is
non-fatal — text keeps working).
2. Data safety form
In the Play Console Data safety form, declare that the app collects audio and that it is sent to a third party (the VoiceBot backend / Gemini) for app functionality. Keep it consistent with your privacy policy.
3. Play Generative-AI policy
Because the assistant is powered by generative AI over the user's input, Google's Generative AI policy applies. At minimum:
- Disclose the AI-powered nature of the feature.
- Do not allow the feature to generate restricted/prohibited content; the VoiceBot backend applies prompt-safety, but your listing must still describe the feature accurately.
- Provide a way for users to report offensive output where applicable.
Scope note: foreground-only
v1 is foreground-only — there is no background audio, which deliberately avoids the iOS
UIBackgroundModes: audio review path. Do not add background audio modes for this SDK.
Pre-submission checklist
- iOS
NSMicrophoneUsageDescriptionset, and it mentions audio is sent to an AI service - iOS
PrivacyInfo.xcprivacydeclares audio-data collection for app functionality, tracking = false - iOS App Privacy answers disclose audio → third-party AI (Guideline 5.1.2)
- Android
RECORD_AUDIOdeclared and requested at runtime - Play Data safety form declares audio collection + sharing to a third party
- Play listing complies with the Generative AI policy (disclosure + content handling)
- No background audio modes added (foreground-only)
-
AppContext/CartEventpayloads verified PII-free - A reference build test-submitted to both stores before publishing the SDK to merchants