OUTRUN ||| FIELD MANUALSVOL. 01 · P. 08PUBLIC
§ 08 — TERMS OF SERVICE

Terms of Service & Privacy Disclosure

Last updated: June 2026 · Version 1.2

1. Acceptance of Terms

By clicking “I Accept”, installing, or using Outrun AI Copilot (“the Application”, “Software”), you (“User”) agree to be bound by these Terms of Service (“Terms”) in their entirety. If you do not accept these Terms, click “Decline” — the Application will not launch and no data will be collected.

These Terms constitute a legally binding agreement between you and getoutrun.app/Outrun (“Company”, “we”, “us”). Use of the Application constitutes acceptance of all terms herein, including all limitations of liability and disclaimers.

1.1 Eligibility

You must be at least 18 years old (or the age of majority in your jurisdiction, whichever is greater) to use the Application. By accepting these Terms, you represent and warrant that you meet this requirement.

2. Description of the Application

Outrun is a desktop AI copilot application that provides real-time AI-generated assistance during user-defined scenarios including, but not limited to, job interviews, online meetings, and examinations. The Application captures audio from your microphone and system output, transcribes speech in real time, and displays AI-generated responses in a transparent overlay window that is designed to be invisible to screen-capture software.

3. User Responsibilities and Acknowledgements

3.1 Sole Responsibility for Use

You acknowledge and agree that:

  • You are solely and exclusively responsible for all decisions, consequences, and outcomes resulting from your use of the Application.
  • The Company bears no responsibility whatsoever for how you use the Application, including in any professional, academic, contractual, or legal context.

3.2 Academic and Professional Integrity

You explicitly acknowledge that:

  • Using AI assistance during assessments, examinations, interviews, certifications, or any other evaluation may violate the rules, policies, codes of conduct, or contractual terms of the institution, employer, or organization conducting such evaluation.
  • It is your sole responsibility to determine whether your use of the Application is permitted under any applicable rules, agreements, or laws.
  • The Company makes no representation that use of the Application is permissible in any specific context, and expressly disclaims any responsibility for violations of third-party policies or agreements arising from your use of the Application.
  • You agree to indemnify, defend, and hold harmless the Company from any and all claims, damages, penalties, or liabilities arising from your use of the Application in contexts where such use is prohibited.

3.3 Legal Compliance — Recording and Wiretapping Laws

You explicitly acknowledge that:

  • The Application captures audio from your microphone and system audio output (loopback), which may include audio of other parties in calls, meetings, or conversations.
  • Recording conversations without the consent of all parties may be illegal under applicable laws in your jurisdiction (including but not limited to wiretapping statutes, two-party consent laws, GDPR, and similar regulations).
  • It is your sole responsibility to obtain all necessary consents and to comply with all applicable local, national, and international laws regarding audio recording and interception before using the Application.
  • The Company will not be liable for any legal consequences, claims, or penalties arising from your failure to comply with applicable recording laws.

4. Data Collection and Privacy Disclosure

We are committed to transparency. The following is a full disclosure of all data the Application accesses, processes, or transmits.

4.1 Audio Data

The Application captures:

  • Microphone audio — your voice from any connected input device you select.
  • System loopback audio — all audio playing through your system speakers or headphones, which may include the voices of other people in calls or meetings.

Both audio streams are captured as raw audio data and transmitted in real time over encrypted WebSocket connections to your selected Speech-to-Text (STT) provider (see Section 4.6). We do not store audio on our servers. Audio is processed transiently and discarded after transcription by the STT provider.

4.2 Screen Data

When you use the screenshot context feature, the Application:

  • Captures a full screenshot of your primary monitor.
  • Temporarily hides Application overlays before capture.
  • Transmits the screenshot image directly to your configured AI language model provider (see Section 4.6).

We do not store screenshots on our servers.

4.3 Device Identification Data

The Application collects the following device identifiers solely for license enforcement (seat-limiting):

  • Computer hostname.
  • Machine ID (the MachineGuid from the Windows Registry on Windows; /etc/machine-id on Linux/macOS).

These two values are combined and cryptographically hashed (HMAC-SHA256) to produce a device fingerprint, which is stored in our backend (Supabase) associated with your account. This fingerprint cannot be reversed to recover the original values. It is used exclusively to enforce per-seat licensing limits. We do not collect your MAC address.

Session verification. While you are signed in, the Application periodically verifies (approximately once per minute) that your device session is still valid for your account. If your account exceeds its allowed number of concurrent device seats, or your session is invalidated (for example, because you signed in on another device), you may be signed out automatically and prompted to re-authenticate. Transient network errors do not trigger sign-out.

4.4 User-Supplied Content

The Application stores locally on your device:

  • CV/resume text and parsed PDF content.
  • Job descriptions.
  • Knowledge base documents (text and PDF files) you upload.
  • User context and meeting notes you type.
  • Complete session transcripts (spoken words and AI responses).
  • AI-generated question-and-answer pairs.

This content is stored in a local SQLite database (outrun.db) and a local vector database (LanceDB) on your device. Selected portions of this content (e.g., relevant knowledge base excerpts, CV text, user context) are transmitted to your configured AI provider as part of prompts.

Free onboarding CV diagnostic. During onboarding, the Application offers a one-time free career-funnel diagnosis. For this single diagnosis only, your CV text and your onboarding self-report are transmitted once to Outrun’s backend (a Supabase Edge Function), which runs the analysis using an AI key provided by Outrun. Your CV is processed transiently for this request and is not stored on our backend. All subsequent analyses run through your own configured AI provider key under the BYOK model (see Section 4.6) and remain local to your device.

4.5 Authentication and Account Data

  • Your authentication is handled via Supabase Auth with optional Google OAuth.
  • Your session and its refresh token are stored locally on your device, in the Application’s local storage. They are not transmitted to any party other than Supabase Auth for the purpose of maintaining your session.
  • Your user_id and subscription tier are cached in the Application’s local storage.
  • Account data, subscription status, and device registrations are stored in our Supabase database.
  • Payment processing is handled by third-party payment processors. We do not store payment card details; all billing data is managed by the respective payment processor. The specific processors currently in use are listed in our in-app help / FAQ and may change over time.
  • Refunds and cancellation. Subscription fees are non-refundable except where required by applicable law. You may cancel your subscription at any time; cancellation takes effect at the end of the current billing period, and you retain access until that period ends.

4.6 Third-Party AI and STT Providers (Bring Your Own Key)

The Application is designed as a Bring Your Own Key (BYOK) system. You configure and supply your own API keys for AI language model (LLM) and Speech-to-Text (STT) providers. Your API keys are stored only in the Application’s local storage on your device.

When you use the Application, the following data is transmitted to the providers you configure:

Data TypeTransmitted To
Real-time audio (raw PCM)Your selected STT provider (Soniox, AssemblyAI, or ElevenLabs)
Transcripts, prompts, context, CV, knowledge base excerpts, screenshotsYour selected LLM provider (OpenAI, Anthropic, Google, xAI, Mistral, Cohere, Groq, Perplexity, OpenRouter, or a local model)

The following providers may be used depending on your configuration:

LLM Providers: OpenAI, Anthropic, Google Gemini, xAI Grok, Mistral, Cohere, Groq, Perplexity, OpenRouter, Ollama (local), LM Studio (local).

STT Providers: Soniox, AssemblyAI, ElevenLabs.

When the translation feature is enabled, detected speech segments (which may include the speech of other parties) are sent to your configured LLM provider for translation.

You are solely responsible for reviewing and complying with the terms of service and privacy policies of all third-party providers you configure. The Company is not responsible for how third-party providers handle data transmitted to them.

4.7 Embedding Model Download

If you use the Knowledge Base (RAG) feature, the Application downloads the IBM Granite Embedding 311M model (~1.56 GB) from HuggingFace. This model runs entirely on your device; your documents are never sent to HuggingFace.

4.8 Automatic Updates

The Application checks for updates at launch from our update server at https://updates.getoutrun.app. No personal data is transmitted during update checks. Update packages are cryptographically signed (minisign / Ed25519) and the signature is verified against a public key embedded in the Application before any update is installed.

4.9 Our Backend Services

We use Supabase for:

  • User authentication and account management.
  • Subscription and licensing management.
  • Device session registration (device fingerprints only).
  • Delivery of encrypted application configuration.
  • A real-time connection (WebSocket) used to receive live updates to your subscription and license status.

We do not log, store, or have access to: your audio, your transcripts, your AI conversations, your CV, your knowledge base documents, or your AI provider API keys.

4.10 Optional Anonymous Usage Analytics

The Application can send anonymous, aggregated feature-usage events (e.g. which feature was started/completed, its duration, success/failure outcome, app version, and operating system) to Aptabase, a privacy-first analytics service, to help us improve the product.

  • This is enabled by default but fully optional (opt-out). You can turn it off at any time in Settings → Appearance → Anonymous usage analytics; once off, nothing is transmitted.
  • For full transparency, only the following fixed allowlist is ever sent:
    • Event names: app_started, feature_started, feature_completed, feature_failed, diagnosis_run, application_created, session_started, session_ended.
    • Event fields (primitive values only): version, os, feature, duration_ms, outcome, error_code, tier.
  • Any event name or field outside this allowlist is dropped before transmission, so unreviewed data can never be sent.
  • We never include personal or content data in these events. Specifically excluded: audio, transcripts, AI conversations, CV text, knowledge base content, company or vacancy names, and API keys.
  • No cookies or cross-site identifiers are used.

5. Data Retention and Deletion

  • Local data (transcripts, sessions, knowledge base, CV profiles): stored on your device indefinitely until you delete it within the Application or uninstall.
  • Account data (Supabase): retained while your account is active. You may request deletion by contacting support.
  • Device fingerprints: retained for the duration of active device registrations under your account.
  • Audio: not retained by the Company. Retention by STT providers is governed by their respective privacy policies.
  • Screenshots: not retained by the Company. Retention by LLM providers is governed by their respective privacy policies.

5.1 Your Data Rights

Depending on your jurisdiction (including the EU/EEA under the GDPR), you may have the following rights regarding personal data we hold:

  • Access — to know what account data we store about you (described in Section 4) and where it is held.
  • Portability / Export — you can export your local data (sessions, career profiles, and knowledge base) at any time via Settings → Data, in machine-readable JSON format. The same screen also lets you re-import this data.
  • Erasure — you may request deletion of your account data by contacting support. After we verify your identity, we will delete your associated account data within a reasonable period as required by applicable law. Local data on your device is deleted by you at any time within the Application or by uninstalling.

5.2 Legal Bases for Processing

Where the GDPR or similar laws apply, we process data on the following bases: performance of a contract (account, subscription, and license management), consent (optional anonymous usage analytics, which you may withdraw at any time), and legitimate interests (security, fraud prevention, and per-seat license enforcement).

6. No Warranties

THE APPLICATION IS PROVIDED “AS IS” AND “AS AVAILABLE”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, RELIABILITY, OR NON-INFRINGEMENT.

The Company does not warrant that:

  • AI-generated responses are accurate, complete, or appropriate.
  • The Application will be uninterrupted, error-free, or secure.
  • The Application’s overlay will be undetectable in all screen-capture or proctoring environments now or in the future.
  • Use of the Application will produce any particular outcome in any interview, examination, or other context.

YOU ASSUME ALL RISK FROM USE OF THE APPLICATION AND ANY AI-GENERATED CONTENT.

7. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW:

THE COMPANY, ITS OFFICERS, DIRECTORS, EMPLOYEES, AND AFFILIATES SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO:

  • Loss of employment, income, or professional opportunities.
  • Academic penalties, disciplinary action, or expulsion.
  • Legal claims, fines, or penalties arising from recording laws or breach of third-party agreements.
  • Damages arising from reliance on AI-generated content.
  • Any other damages, even if the Company has been advised of the possibility of such damages.

IN NO EVENT SHALL THE COMPANY’S TOTAL CUMULATIVE LIABILITY TO YOU EXCEED THE GREATER OF (A) THE AMOUNT YOU PAID FOR THE APPLICATION IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR (B) USD $10.00.

8. Indemnification

You agree to indemnify, defend, and hold harmless the Company and its affiliates, officers, agents, and employees from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to:

  • Your use or misuse of the Application.
  • Your violation of these Terms.
  • Your violation of any applicable law, including recording and wiretapping laws.
  • Your violation of any third-party rights, policies, or agreements (including those of employers, academic institutions, or AI providers).
  • Any content you transmit through the Application to third-party providers.

9. Prohibited Uses

You agree not to use the Application:

  • In any jurisdiction where real-time AI assistance or audio recording in the intended context is illegal.
  • To infringe on any third party’s intellectual property, privacy, or contractual rights.
  • To engage in fraud or misrepresentation to any third party.

10. Changes to Terms

The Company reserves the right to modify these Terms at any time. Material changes will be communicated via an in-app notification. Continued use of the Application after changes constitutes acceptance of the revised Terms.

11. Governing Law

These Terms are governed by and construed in accordance with applicable law. Any disputes shall be resolved in accordance with the jurisdiction applicable to the Company’s place of incorporation.

12. Contact

For privacy inquiries or account deletion requests, contact:

support@getoutrun.app

BY CLICKING “I ACCEPT”, YOU CONFIRM THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS IN THEIR ENTIRETY, INCLUDING ALL LIMITATIONS OF LIABILITY, THE DATA DISCLOSURE IN SECTION 4, AND YOUR SOLE RESPONSIBILITY FOR LEGAL COMPLIANCE UNDER SECTION 3.

LEGAL DEPARTMENT— 00008 —FOR PUBLIC DISTRIBUTION
OUTRUN
© 2026 OUTRUN LABS, INC.PrivacyTermsBUILT FOR ROADRUNNERS · NOT COYOTES
— END OF MANUAL —