Privacy Policy
Last updated: February 12, 2026
Your privacy is fundamental to how we built Speaking Assist. This policy explains what data we collect, why we collect it, how we use it, and your rights.
Privacy by Design and by Default
- GDPR compliant from day one
- Conversations not stored unless you opt in
- You control your data
- Minimal data collection
Information We Collect
A. Account Information (Required)
When you create an account, we collect:
- Full name
- Email address
- Password (securely hashed—we never see your actual password)
- Account creation date
B. Organization Details (Required)
To provide you with the service, we collect:
- Organization name
- Organization size (number of employees/users)
- Industry/sector (Charity, Medical, Legal, Accounting)
- Primary contact information
- Business address
C. Session & Access Data (Automatic)
When you use the service, we automatically collect:
- Room codes and session timestamps
- Number of participants per session
- Room access logs (who joined, when)
- Language pairs selected (e.g., English to Spanish)
- Sector/specialty tags
D. Usage Analytics (Automatic)
To improve the service, we collect aggregated, anonymized data:
- Feature usage (which features you use most)
- Login frequency and session duration
- Language preferences
- Error logs and performance metrics
- Device type and browser information
E. Billing Information (Paid Accounts)
For paid subscriptions, we collect:
- Subscription tier and plan details
- Payment method (processed securely via third-party payment provider)
- Billing history and invoices
- Tax information (if required)
F. Opt-In Data (Only with Explicit Consent)
Important: The following data is ONLY collected if you explicitly enable these features
By default, none of this data is collected or stored.
If you choose to enable optional features, we may collect:
- Conversation transcriptions: Text transcripts of translated conversations
- Translation outputs: The actual translated text
- Session summaries: AI-generated summaries of conversations
- Audio recordings: Only if explicitly enabled
- Translation quality ratings: Your feedback on translation accuracy
- Custom terminology/glossaries: Sector-specific terms you add
- Participant names: Names of session participants (if provided)
- Referral information: How you heard about us
- Marketing preferences: Communication preferences
- Integration settings: API keys, webhooks, third-party connections
OpenAI Data Processing
Important: How OpenAI Processes Your Data
What data is sent: Your audio is converted to text and sent to OpenAI for real-time AI-powered translation.
Purpose: To provide accurate, real-time translation using advanced AI models.
OpenAI's retention: By default, OpenAI retains data for 30 days for abuse and misuse monitoring.
Zero Data Retention (ZDR): Enterprise customers can request Zero Data Retention, which excludes their data from OpenAI's logs entirely.
No training: Your data is NOT used to train OpenAI models.
How to request ZDR: Contact us at info@speakingassist.com to enable Zero Data Retention for your organization.
Learn more: OpenAI Privacy Policy
How We Use Your Data
We use your information for the following purposes:
- Account management: Creating and managing your account
- Service delivery: Providing real-time translation services
- Billing: Processing payments and managing subscriptions
- Analytics: Understanding how the service is used to improve it
- Support: Responding to your questions and technical issues
- Legal compliance: Meeting legal and regulatory requirements
- Optional features: Providing opt-in features like transcription (only with your consent)
Data Retention Periods
| Data Type | Retention Period | Reason |
|---|---|---|
| Account information | Duration of account + 30 days | Legal requirements |
| Session metadata | 90 days | Analytics, billing verification |
| Usage analytics | 24 months (aggregated) | Service improvement |
| Billing records | 7 years | UK legal requirements |
| Opt-in transcriptions | Until you delete them | User convenience |
| Conversation audio | Not stored | Privacy by design |
| OpenAI processing | 30 days (or 0 with ZDR) | OpenAI policy |
Your GDPR Rights
Under UK GDPR, you have the following rights:
- Right to access: Request a copy of all data we hold about you
- Right to rectification: Correct inaccurate or incomplete data
- Right to erasure ("right to be forgotten"): Request deletion of your data
- Right to restriction: Limit how we use your data
- Right to data portability: Receive your data in a machine-readable format
- Right to object: Object to certain types of processing
- Right to withdraw consent: Withdraw consent for opt-in features at any time
To exercise any of these rights, email us at info@speakingassist.com. We will respond within 30 days.
For data protection concerns, contact our Data Protection Officer at data-protection@speakingassist.com.
Medical & Legal Data
Special Category Data
- Medical data: Health information is "special category data" under GDPR. We do not store medical conversations unless you explicitly opt in to transcription features.
- Legal privilege: Attorney-client privileged conversations are not stored or logged by default. Lawyers remain responsible for protecting legal privilege.
- Safeguarding: Charity and social services information related to vulnerable individuals is not logged unless you opt in to recording features.
- Professional responsibility: Users remain responsible for complying with sector-specific regulations (e.g., HIPAA, solicitor-client privilege, safeguarding duties).
Cookies & Local Storage
We use minimal browser storage:
- Essential cookies: Session authentication, room access (required for service to work)
- Local storage: Language preferences, UI settings (stored on your device only)
- No tracking cookies: We do not use advertising or third-party tracking cookies
- Analytics: Aggregated, anonymized analytics to improve the service
Third-Party Services
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| OpenAI | AI translation | Audio transcriptions (text) | Link |
| LiveKit | Real-time audio/video | Audio streams (encrypted) | Link |
| Railway | Cloud hosting | All service data (encrypted) | Link |
Data Security
How We Protect Your Data
- End-to-end encryption for audio/video streams
- TLS/SSL encryption for all data in transit
- Encrypted databases for stored data
- Regular security audits and penetration testing
- Access controls and role-based permissions
- Automatic session timeout and logout
- Password requirements and secure hashing
- Optional two-factor authentication (2FA)
International Data Transfers
Our servers are primarily located in the UK and EU:
- Primary servers: UK/EU region (via Railway hosting)
- OpenAI processing: May involve processing in the United States (covered by Data Processing Agreement)
- Safeguards: All international transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission
Children's Privacy
Speaking Assist is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will delete it immediately.
Changes to This Policy
We may update this privacy policy from time to time. When we do:
- We will update the "Last updated" date at the top of this page
- For material changes, we will email you at your registered email address
- You will have the opportunity to review changes before continued use
Contact Us
For privacy-related questions or to exercise your data rights:
- Email: info@speakingassist.com
- Data Protection Officer: data-protection@speakingassist.com
- Address: Trifura Ltd, 71-75 Shelton Street, Covent Garden, London, UK, WC2H 9JQ
- Company No: 14424265