SignalWhisperBot - Privacy Policy
This privacy policy sets out how SignalWhisperBot (hereafter referred to as "we", "us", or "our") uses and protects any information that you give when you use our services.
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our services, then you can be assured that it will only be used in accordance with this privacy policy.
We may change this policy from time to time by updating this page. You should check this page periodically to ensure that you are happy with any changes.
Service Provider
The service is provided by:
GDBVL Consulting
88 allée du clos de l'hippodrome
59130 Lambersart, France
Email: [email protected]
What we collect
We may collect the following information when you use our services:
- Your phone number
- Your email address
Legal basis for processing
We process your personal data on the following legal bases:
- Contract performance: Processing your audio files is necessary to provide you with the transcription service you requested
- Consent: By using our service, you consent to the processing of your data as described in this policy
- Legitimate interest: Improving our services constitutes our legitimate interest, while respecting your rights and freedoms
What we do with the information we gather
We require this information to provide you with a better service, and in particular for the following reasons:
- To transcribe your audio files to text
- To improve our services
We will never sell your information to third parties.
Third-party processing
To provide our services, we use the following third-party providers:
Transcription provider: Lemonfox.ai
- Data shared: Audio files you send us
- Purpose: Audio-to-text transcription
- Location: European Union-based servers
- Retention period: Immediate deletion after transcription (< 2 seconds)
- GDPR compliance: Lemonfox.ai is GDPR compliant. We have signed a Data Processing Agreement (DPA) with this provider
Payment provider: Stripe
- Data shared: Email, payment information, billing address
- Purpose: Payment processing and subscription management
- Location: European Union-based servers for European customers
- GDPR compliance: Stripe is GDPR compliant with standard DPA
- Learn more: https://stripe.com/privacy
Email provider: Loops
- Data shared: Email, usage data (opens, clicks)
- Purpose: Sending transactional and marketing emails
- GDPR compliance: Loops is GDPR compliant via EU-U.S. Data Privacy Framework
- Learn more: https://loops.so/privacy
Email sending service (Email Routing): Amazon SES (AWS)
- Data shared: Sender and recipient email addresses, email content (in transit)
- Purpose: Sending emails via Email Routing feature
- Location: European Union-based servers
- Retention period: Transit only. Email content not stored. Technical logs retained according to AWS standards
- GDPR compliance: Amazon Web Services is GDPR compliant with standard DPA
- Learn more: https://aws.amazon.com/compliance/gdpr-center/
Hosting: Hetzner Online GmbH
- Data shared: Phone number, email address (stored in our database)
- Purpose: Hosting our server infrastructure and database
- Location: Servers based in Germany (European Union)
- Retention period: As long as your account is active
- GDPR compliance: Hetzner is GDPR compliant (German company, EU servers)
- Learn more: https://www.hetzner.com/legal/privacy-policy
No other data is shared with third parties.
Security
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect.
Data retention and deletion
Audio files: Automatically deleted immediately after transcription (< 2 seconds). No storage.
Transcriptions: We do not save the content of text messages received or sent.
Account data (phone number, email): Retained as long as your account is active. Deleted upon request or after account deletion.
Billing metadata: Retained in accordance with legal accounting obligations (under French law, typically 10 years for invoices).
Your GDPR rights
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Right of access: You can request access to the personal data we hold about you
- Right to rectification: You can request correction of inaccurate data
- Right to erasure: You can request deletion of your data
- Right to data portability: You can request a copy of your data in a structured format
- Right to object: You can object to the processing of your data
To exercise these rights, contact us at: [email protected]
Note: Since we automatically delete your audio files immediately after transcription and do not retain your messages, there is generally no data to delete beyond your account information (phone number and email).
GDPR compliance
SignalWhisperBot is compliant with the General Data Protection Regulation (GDPR):
- ✅ Data processing on European Union-based servers
- ✅ Immediate deletion of audio files after processing
- ✅ Data Processing Agreements (DPA) signed with our providers
- ✅ Your data is never used to train artificial intelligence models
- ✅ Full transparency about data usage
- ✅ Respect for your rights as a user
Data Controller:
GDBVL Consulting
88 allée du clos de l'hippodrome
59130 Lambersart, France
[email protected]
Cookies
We do not use cookies on our website.
Contacting us
If you have any questions about this privacy policy, please contact us at: [email protected]