Privacy Policy

Last Updated: January 12, 2026

1. Introduction

SoundSpace AI Limited ("SoundSpace," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our voice translation API and related services (the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

Account Information:

  • Name and email address
  • Company name and business information
  • Billing information (processed securely through our payment processors)
  • Communication preferences

Waitlist Information:

  • Email address submitted through our waitlist form
  • Date and time of submission
  • IP address and user agent (for security and analytics)

Support Communications:

  • Any information you provide when contacting customer support
  • Feedback and survey responses

2.2 Audio Data

Voice Input:

  • Audio files or streams you submit for translation
  • We process this data temporarily to provide the translation service
  • Audio data is not stored permanently unless you explicitly opt-in to data storage for service improvement

Voice Characteristics:

  • Metadata about voice characteristics necessary for voice preservation
  • This data is processed ephemerally and deleted after translation completion

2.3 Automatically Collected Information

Usage Data:

  • API calls, timestamps, and request/response metadata
  • Error logs and diagnostic information
  • Usage statistics and performance metrics

Device and Browser Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Referring URLs

Cookies and Tracking Technologies:

  • Essential cookies for authentication and session management
  • Analytics cookies to understand how the Service is used (with your consent)
  • See Section 8 for detailed cookie information

3. How We Use Your Information

We use collected information for the following purposes:

3.1 Service Provision

  • To provide, maintain, and improve the Service
  • To process voice translations and preserve voice characteristics
  • To authenticate users and manage accounts
  • To process payments and prevent fraud

3.2 Communication

  • To send transactional emails (account notifications, receipts, security alerts)
  • To respond to your inquiries and support requests
  • To send updates about the Service (with your consent)
  • To notify waitlist members when the Service launches

3.3 Analytics and Improvement

  • To analyze usage patterns and optimize performance
  • To develop new features and improve existing ones
  • To conduct research and testing
  • To detect, prevent, and address technical issues

3.4 Legal and Security

  • To comply with legal obligations
  • To protect our rights and property
  • To prevent fraud and abuse
  • To ensure security of the Service

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), our legal bases for processing your data are:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Consent: Where you have given explicit consent (e.g., marketing communications)
  • Legitimate Interests: For analytics, security, and service improvement, where not overridden by your rights
  • Legal Obligation: To comply with applicable laws and regulations

5. Data Retention

We retain your information only as long as necessary for the purposes outlined in this policy:

  • Account Data: Retained while your account is active and for up to 12 months after deletion (for legal compliance)
  • Audio Data: Deleted immediately after translation unless you opt-in to storage
  • Waitlist Emails: Retained until service launch or until you request deletion
  • Usage Logs: Retained for 12 months for security and debugging purposes
  • Billing Records: Retained for 7 years as required by tax law

6. Data Sharing and Disclosure

6.1 We DO NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6.2 Service Providers

We may share data with trusted third-party service providers who assist us in operating the Service:

  • Cloud Infrastructure: AWS, Google Cloud (for hosting and processing)
  • Payment Processing: Stripe (for payment processing)
  • Database Services: Supabase (for data storage)
  • Analytics: Google Analytics (with anonymization)
  • Email Services: Resend (for transactional emails)

These providers are contractually obligated to protect your data and use it only for specified purposes.

6.3 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or governmental requests
  • Enforce our Terms of Service
  • Protect our rights, property, or safety, or that of others
  • Prevent fraud or security threats

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

6.5 With Your Consent

We may share your information for other purposes with your explicit consent.

7. International Data Transfers

SoundSpace is based in the United Kingdom. If you access the Service from outside the UK, your information may be transferred to, stored, and processed in the UK and other countries.

For EEA users, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions where applicable
  • Your explicit consent where required

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Strictly Necessary Cookies:

  • Essential for authentication and security
  • Cannot be disabled

Analytics Cookies:

  • Help us understand usage patterns
  • Can be disabled through cookie preferences

Preference Cookies:

  • Remember your settings and preferences
  • Optional

8.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

9. Your Rights and Choices

9.1 GDPR Rights (EEA Users)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Lodge a Complaint: File a complaint with your local data protection authority

9.2 CCPA Rights (California Residents)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Opt-out of the sale of personal information (we do not sell data)
  • Request deletion of personal information
  • Non-discrimination for exercising privacy rights

9.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

  • Email: privacy@soundspace.dev
  • Subject: "Data Rights Request"

We will respond within 30 days (or as required by applicable law).

10. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access with multi-factor authentication
  • Regular Audits: Security assessments and penetration testing
  • Employee Training: Privacy and security training for all staff
  • Incident Response: Procedures for detecting and responding to breaches

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

10.1 Data Breach Notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected users within 72 hours (as required by GDPR)
  • Notify relevant authorities as required by law
  • Provide information about the breach and steps taken

11. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected data from a child, we will delete it promptly.

If you believe a child has provided us with personal information, contact us at privacy@soundspace.dev.

12. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

13. Do Not Track Signals

We currently do not respond to Do Not Track (DNT) signals. We will update this policy if we begin to honor DNT signals in the future.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending an email to your registered address
  • Displaying a notice in the Service

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, contact:

SoundSpace AI Limited Email: privacy@soundspace.dev Data Protection Officer: dpo@soundspace.dev Address: 86-90 Paul Street, London EC2A 4NE, United Kingdom

Supervisory Authority (UK): Information Commissioner's Office (ICO) Website: https://ico.org.uk

16. Additional Information for Specific Jurisdictions

16.1 European Economic Area (EEA)

Data Controller: SoundSpace AI Limited Legal Representative: Mark Aduol

16.2 California (CCPA/CPRA)

Categories of Personal Information Collected:

  • Identifiers (name, email, IP address)
  • Commercial information (purchase history, usage data)
  • Internet activity (browsing behavior, API usage)
  • Audio/electronic information (voice recordings)
  • Professional information (company name, role)

Business Purpose for Collection:

  • Providing and improving the Service
  • Customer support and communication
  • Security and fraud prevention
  • Legal compliance

Third Parties We Share With: Service providers for infrastructure, payment processing, and analytics (as detailed in Section 6.2)

By using the Service, you acknowledge that you have read and understood this Privacy Policy.