Privacy Policy
Last updated: 7 June 2026
Live Intercom is a team push-to-talk / live-event intercom used by production crews (live events, broadcast, theater, multi-room coordination). This policy explains what information the app handles, why, and the choices you have. It applies to the Live Intercom iOS app, the web admin console, and the desktop bridge, all operated by Tokio Studio ("we", "us").
The short version
- We collect the minimum needed to run the service: your account (email + name) and your channel preferences.
- Voice audio is transmitted live to the other people on your event and is not recorded or stored by the app.
- We do not track you, show ads, use third-party analytics SDKs, or use advertising identifiers (no IDFA).
- We never sell your data.
Who controls your data
Live Intercom is multi-tenant. Each customer organization (a "tenant") is set up by an administrator and may run on Tokio Studio's hosted servers or on the customer's own self-hosted server. The organization that invited you is the data controller for your account and event activity within that organization; Tokio Studio provides the software and, where applicable, the hosting. If your organization self-hosts, your data stays on their server.
Information we handle
| Data | Why |
|---|---|
| Email address | Sign-in and account identity. Required to log in. |
| Password | Stored only as a salted bcrypt hash — never in plain text, never visible to us. |
| Display name | So teammates can recognize who's speaking on a channel. |
| Organization & event membership, role | To show you the events you may join and the channels you're assigned to. |
| Device label & an app-generated device id | To distinguish your phone from your other devices in the same event (e.g. "Maria #phone"). |
| Channel preferences / settings | To remember your per-channel modes and audio preferences. |
Voice audio
When you talk on a channel, your microphone audio is streamed in real time to the other participants of that event over an encrypted WebRTC connection (using the LiveKit media service). Audio is relayed transiently to deliver the live conversation and is not recorded, transcribed, or stored by the app. When you stop transmitting or leave the event, the audio stream ends.
Permissions the app requests
Each prompt explains, in plain language, why access is needed. You can decline any of them; the app keeps working in a reduced mode.
| Permission | Used for |
|---|---|
| Microphone | Capturing your voice to transmit on intercom channels. No mic = you can listen but not talk. |
| Camera | Scanning the enrollment QR code your admin shares to sign you in. Used only while scanning. |
| Local Network | Reaching an intercom server hosted on your local network (private/self-hosted deployments). |
| Bluetooth | Routing call audio through a connected Bluetooth headset or AirPods. |
What we do not do
- No advertising and no ad networks.
- No third-party analytics or tracking SDKs.
- No advertising identifier (IDFA); the app does not request App Tracking Transparency because it does not track.
- No sale or sharing of personal data with data brokers.
Service providers
We use a small number of processors strictly to operate the service:
- LiveKit — real-time audio transport (the encrypted media relay). Audio passes through but is not retained.
- Hosting — Tokio Studio's servers, or your organization's own server if it self-hosts.
These providers process data only to deliver the service and are not permitted to use it for their own purposes.
Security
- All app ↔ server traffic uses HTTPS/TLS; live audio uses WebRTC's encrypted media transport (DTLS-SRTP).
- Passwords are hashed with bcrypt; sessions use signed tokens (JWT).
- We use only standard, industry-accepted encryption — no proprietary cryptography.
Data retention
Account and membership data is kept while your account is active. When your administrator removes you, or you delete your account, your personal data is deleted (a user with no remaining organization membership is removed entirely). Voice audio is not retained at any point.
Your rights
You may request access to, correction of, or deletion of your personal data. The fastest route is to contact your organization's administrator (the data controller). You can also contact us directly and we'll route the request appropriately: simone@tokiostudio.it. Depending on where you live, you may have additional rights under the GDPR or similar laws.
Children
Live Intercom is a professional tool for production teams and is not directed to children. We do not knowingly collect personal data from children under 13 (or the minimum age in your country).
Changes to this policy
We may update this policy as the product evolves. Material changes will be reflected by the "Last updated" date above and, where appropriate, communicated through the app.
Contact
Tokio Studio
Email: simone@tokiostudio.it