Privacy Policy

1. Controller & Contact

The data controller is Adam Kalinowski, owner of VoiceLab, Aleja Solidarności 13, 15-751 Białystok. Contact: [email protected]

2. What Data We Collect

Account identifiers: When you sign in with Apple or Google, we receive a user identifier and, if you choose to share it (Apple) or as provided (Google), your email address.

Voice recordings: When you record your voice in the app, audio files are uploaded to our servers for analysis. We store recordings associated with your account when you are signed in.

Analysis results: We store the results of voice analysis, including metrics (e.g., clarity, tempo, structure, energy, confidence), transcription where applicable, feedback, and archetype classification.

Subscription status: We use RevenueCat and Apple to manage subscriptions. We receive subscription and entitlement status (active, expired, trial) but not payment card details.

Device and app info: Device model, OS version, app version, language, and timezone to provide and improve the service.

Optional: If you contact support, we may retain your messages and any information you provide.

3. Purposes and Legal Bases (GDPR)

We process your data for the following purposes and rely on the stated legal bases:

• Core functionality (account creation, recording storage, voice analysis, syncing your recording history and results) — Contract necessity to perform our agreement to provide the app.
• Subscription validation and payment management — Contract necessity. Where we retain subscription-related data for accounting, legal obligation.
• Security and fraud prevention — Legitimate interest to protect the service and users.
• Basic analytics (e.g., understanding usage to improve the app) — Legitimate interest in improving the app and user experience, balanced against minimal processing.
• Support and communication — Contract necessity when you contact us about the service.

4. Sharing & Processors

We share data only with processors acting on our behalf under data processing agreements. Recipients fall into the categories of: subscription and payment processors, authentication providers, and cloud infrastructure.

• Apple — In-App Purchase, subscription processing, Sign in with Apple
• Google — Sign in with Google
• RevenueCat — subscription validation and entitlement management
• Amazon Web Services (AWS) — backend hosting, database, and voice processing

5. International Transfers

Some processors (e.g., AWS, RevenueCat) may store data outside the EEA. We use EU Standard Contractual Clauses (SCCs) with these providers where applicable. You can request a copy of the safeguards at [email protected].

6. Retention

Account, recordings, and analysis data: until you delete your account or request deletion. Logs and diagnostics: 60 days. Backups: up to 30 days. We retain data where required by law (e.g., accounting).

7. Automated Processing and Data Requirement

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

Account and recording data are required to provide core features (syncing recordings, analysis results, subscriptions). Without them, you can use only limited functionality. Providing this data is necessary to enter into and perform our agreement with you.

8. Your Rights

Under GDPR, you have the right to: access, rectify, delete, restrict processing, data portability, object, and withdraw consent where applicable. We respond to requests within 30 days. We may verify your identity before processing requests to protect your data and prevent abuse.

You may lodge a complaint with your supervisory authority (e.g., in Poland: Prezes Urzędu Ochrony Danych Osobowych).

9. Data Deletion

You can request deletion in-app via Settings → Delete Account, or by emailing [email protected]. We delete or anonymize your personal data unless retention is required by law.

10. Children

The App is intended for users who want to improve their speaking and voice presentation. Subscription and paid features require users to meet the minimum age for digital consent in their jurisdiction (e.g. 13 in many countries, 16 in some EU member states). We do not knowingly collect personal data from children below that age without parental or guardian consent. If you believe we have, please contact us and we will delete it.

11. Security

We use reasonable technical and organizational measures to protect your data, including encryption in transit (HTTPS) and access controls.

12. Tracking & Advertising

We do not sell your data. We do not use your data for cross-app advertising or share it with data brokers. We do not collect data used to track you across apps and websites owned by other companies (as defined by Apple's App Tracking Transparency framework). We do not collect crash data, performance data, or other diagnostic data. We do not use analytics or crash-reporting SDKs.

13. Changes

We may update this Privacy Policy. We will notify you of material changes in-app or by email where appropriate. We encourage you to review this policy periodically.

14. Contact

For questions, data requests, or complaints: [email protected]