SummaTalk LogoSummaTalk

Privacy Policy

Last updated: February 18, 2025

This Privacy Policy explains how we collect, use, and share your personal data when you use our mobile application ("App"). We are committed to protecting your privacy and ensuring the security of your personal data in accordance with applicable data protection regulations, including the UK GDPR, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA), where applicable.

1. Data Controller

The data controller is Małgorzata Rykowska, a sole proprietor operating under the business name "Uwolnij swój czas", registered in Poland. You can contact us at: contact@libertycode.eu.

2. Data We Collect

We collect the following personal data:

  • Registration data (email address and password or Google/Apple account details)
  • Audio recordings made via the device microphone
  • Transcriptions of audio recordings
  • Summaries and AI-generated analyses based on transcriptions
  • Activity data (e.g. usage logs, timestamps, features used)
  • Device information (e.g. model, OS version, device ID)
  • Speaker labels if provided by the user (e.g. names of participants)

    • 3. Purpose and Legal Basis for Processing

    We process your personal data for the following purposes:

  • To provide our services (recording, transcription, summarization, and AI analysis) – legal basis: contract performance (Art. 6(1)(b) GDPR / UK GDPR)
  • To improve the functionality and security of the App – legal basis: legitimate interest (Art. 6(1)(f))
  • To communicate with you (e.g., support, updates) – legal basis: legitimate interest

    • 4. Data Minimization and User Control

    We only collect data necessary to provide our services. The App provides privacy settings allowing users to control what data is collected and how it is used.

    5. Data Sharing and Recipients

    We share data with the following processors:

  • AssemblyAI (transcription services)
  • OpenAI (text summarization and AI-based analysis)
  • Firebase (data hosting and authentication)

    • These services are contractually bound to process data in compliance with GDPR and UK GDPR. Data may be processed within the EEA, UK, or USA with appropriate safeguards in place.

    6. International Data Transfers

    Some of your data may be transferred outside of the EEA or UK, including to the United States. When this occurs, we ensure adequate protection through Standard Contractual Clauses (SCCs) and other legal mechanisms as required by applicable data protection laws.

    7. Data Retention

  • Registration data is stored during the lifetime of your account and up to 5 years after its deletion (for accounting/legal compliance).
  • Audio, transcription, and summaries are stored for 1 year from creation.
  • Activity and device data is retained for 12 months.

    • 8. Your Rights

    You have the right to:

  • Access your data
  • Correct or delete your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent (if processing is based on consent)

    • - File a complaint with the relevant supervisory authority:

    - UK: Information Commissioner’s Office (ICO)

    - EU: Data Protection Authority of your country

    - US (California residents): Contact us to exercise your rights under CCPA/CPRA

    9. Data Security

    We use appropriate technical and organizational measures to protect your personal data, including encryption, access controls, and regular security assessments.

    10. Consent and Policy Updates

    You must accept this Privacy Policy before using the App. Changes will be communicated through the App.