Important: This notice specifically covers the collection of biometric voice data and other personal information through our voice generation services.
1. What data do we collect?
Personal Data:
- Audio files and voice samples (biometric data under GDPR)
- Voice clone input files and generated audio outputs
- Model/configuration files (.zip archives)
- Account information: email address, username, profile settings
- Payment information: processed securely through Stripe (card details, billing address)
Technical Data:
- Device information: browser type, operating system, device identifiers
- Usage data: IP address, access times, pages visited, interaction patterns
- Cookies and tracking technologies (see our Cookie Policy)
2. Why do we collect this data?
Service Provision:
- Provide voice generation services (TTS, voice cloning, speech-to-speech)
- Process voice models using RunPod cloud infrastructure
- Manage user accounts and authentication
- Process payments through Stripe
Service Improvement:
- Enhance platform performance and user experience
- Develop new features and improve existing ones
- Analyze usage patterns for service optimization
Legal and Security:
- Prevent misuse, fraud, and unauthorized access
- Comply with legal obligations
- Protect intellectual property rights
Marketing (with consent):
- Display personalized ads through Google AdSense
- Send promotional communications (opt-in only)
3. Third-party services and data sharing
Essential Service Providers:
- RunPod: Voice processing and model training (servers may be located outside EU)
- Stripe: Payment processing (EU-compliant, with global infrastructure)
- Google APIs: User authentication via Google OAuth (authlib)
Advertising Partners:
- Google AdSense: Personalized advertising (requires consent)
4. International data transfers
Your data may be transferred to and processed in countries outside the European Economic Area, including the United States. We ensure appropriate safeguards through:
- Standard Contractual Clauses (SCCs) with service providers
- Adequacy decisions where available
- Additional security measures for biometric data
5. Data retention
- Voice samples and models: Retained for the duration of your account + 30 days after deletion
- Account data: Retained until account deletion
- Payment data: Retained by Stripe according to their retention policy (typically 7 years)
- Authentication data: Google OAuth tokens stored until logout or revocation
- Legal compliance data: Retained as required by applicable law
6. Legal basis for processing
- Contract performance: Processing necessary to provide our services
- Explicit consent: Required for biometric voice data and advertising cookies
- Legitimate interest: Service improvement, fraud prevention, analytics
- Legal obligation: Compliance with applicable laws
7. Special category data (biometric)
Voice samples constitute biometric data under GDPR. We process this data based on your explicit consent, which you can withdraw at any time. Withdrawal will result in deletion of your voice models but may affect service functionality.
8. Your rights
Under GDPR, you have the right to:
- Access: Request copies of your personal data
- Rectification: Correct inaccurate data
- Erasure: Delete your data ("right to be forgotten")
- Portability: Receive your data in a structured format
- Restriction: Limit processing in certain circumstances
- Objection: Object to processing based on legitimate interests
- Withdraw consent: For biometric data and marketing communications
9. Contact and complaints
To exercise your rights or for privacy-related inquiries:
- Email: [Your privacy contact email]
- Response time: Within 30 days
You also have the right to lodge a complaint with your local data protection authority.
10. Updates to this notice
We may update this notice to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or prominent website notice.
11. More information
For complete details, please refer to: