1. Introduction and Scope

LinguaTrace Inc. ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our multilingual transcription and diarization platform, including our website, mobile applications, and related services (collectively, the "Services").

This policy applies to all users of our Services, including individual users, team members, and enterprise customers. By using our Services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide directly to us, including:

• Account Information: Name, email address, password, company name, job title, and billing information
• Profile Data: Profile pictures, preferences, language settings, and communication preferences
• Audio Content: Audio files, recordings, and related metadata you upload for transcription
• Transcription Data: Generated transcripts, speaker labels, timestamps, and annotations
• Communication Records: Messages, support tickets, feedback, and correspondence with our team
• Payment Information: Credit card details, billing addresses, and transaction history (processed securely through third-party providers)
• Team and Workspace Data: Team member information, roles, permissions, and collaborative content
• Custom Glossaries: Industry-specific terms, proper nouns, and custom vocabulary you create
• Usage Preferences: Export format preferences, notification settings, and interface customizations

2.2 Information We Collect Automatically

When you use our Services, we automatically collect certain information:

• Usage Data: Features used, time spent, transcription jobs processed, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers, and hardware specifications
• Log Data: Server logs, error reports, performance metrics, and security events
• Location Data: General geographic location based on IP address for service optimization
• Cookies and Tracking: Session data, preferences, and analytics information through cookies and similar technologies

2.3 Information from Third Parties

We may receive information from third-party sources, including:

• Single sign-on providers (Google, Microsoft, etc.)
• Payment processors and billing services
• Analytics and marketing platforms
• Integration partners and API connections

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: Process audio files, generate transcripts, provide speaker identification, and deliver core platform functionality
• Account Management: Create and maintain user accounts, authenticate users, and manage subscriptions
• Communication: Send service updates, security alerts, billing notifications, and respond to inquiries
• Improvement and Development: Analyze usage patterns, improve transcription accuracy, develop new features, and enhance user experience
• Security and Compliance: Detect fraud, prevent abuse, ensure platform security, and comply with legal obligations
• Business Operations: Process payments, manage billing, provide customer support, and conduct business analytics
• Legal Compliance: Respond to legal requests, enforce our terms of service, and protect our rights and interests
• Marketing and Outreach: Send promotional materials, product updates, and educational content (with your consent)
• Research and Analytics: Conduct research to improve our AI models and transcription algorithms (using anonymized data)
• Integration Support: Enable third-party integrations and API functionality as requested by users

4. Data Security and Protection Measures

We implement comprehensive security measures to protect your information:

• Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
• Access Controls: Role-based access controls, multi-factor authentication, and principle of least privilege
• Infrastructure Security: Secure cloud hosting with SOC 2 Type II certified providers and regular security audits
• Data Isolation: Customer data is logically separated and isolated using secure multi-tenancy architecture
• Monitoring and Detection: 24/7 security monitoring, intrusion detection systems, and automated threat response
• Employee Training: Regular security training for all employees and contractors with access to customer data
• Incident Response: Comprehensive incident response plan with notification procedures for data breaches
• Vulnerability Management: Regular security assessments, penetration testing, and vulnerability remediation
• Backup and Recovery: Secure, encrypted backups with tested disaster recovery procedures
• Compliance Certifications: Adherence to industry standards including SOC 2, ISO 27001, and GDPR requirements

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information with third parties
• Service Providers: With trusted third-party vendors who assist in providing our services (cloud hosting, payment processing, customer support)
• Team Members: Within your organization or team workspace as configured by your account administrators
• Legal Compliance: When required by law, court order, or government request
• Safety and Security: To protect our rights, property, safety, or that of our users or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets (with appropriate safeguards)
• Anonymized Data: Aggregated, anonymized data for research, analytics, or industry reporting
• Integration Partners: With third-party services you choose to integrate with our platform
• Professional Advisors: With lawyers, accountants, and other professional advisors under confidentiality agreements

6. Data Retention and Deletion

We retain your information for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active and for up to 3 years after account closure
• Audio Files: Automatically deleted after 90 days unless you choose longer retention periods
• Transcripts: Retained according to your account settings, with options for immediate or scheduled deletion
• Usage Logs: Retained for up to 2 years for security and service improvement purposes
• Billing Records: Retained for 7 years to comply with financial regulations
• Support Communications: Retained for 3 years to maintain service quality and resolve issues
• Legal Hold Data: Retained as required by law or legal proceedings
• Backup Data: Securely deleted from backups within 90 days of primary deletion

You can request deletion of your data at any time, subject to legal and operational requirements. We provide self-service deletion tools in your account settings.

7. Your Privacy Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete personal information
• Deletion: Request deletion of your personal information (subject to certain exceptions)
• Portability: Request a copy of your data in a structured, machine-readable format
• Restriction: Request restriction of processing in certain circumstances
• Objection: Object to processing based on legitimate interests or for direct marketing
• Consent Withdrawal: Withdraw consent where processing is based on consent
• Automated Decision-Making: Request human review of automated decisions that significantly affect you
• Non-Discrimination: Not be discriminated against for exercising your privacy rights
• Complaint: Lodge a complaint with your local data protection authority

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries with adequate data protection laws as determined by relevant authorities
• Standard Contractual Clauses: Use of approved contractual clauses for transfers to countries without adequacy decisions
• Certification Programs: Participation in recognized certification programs like Privacy Shield successors
• Binding Corporate Rules: Implementation of binding corporate rules for intra-group transfers
• Consent: Obtaining explicit consent for transfers where required by law

9. Children's Privacy

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly. If you believe we have collected information from a child under 16, please contact us immediately.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications to registered users
• Displaying prominent notices in our application interface
• Providing additional notice as required by applicable law

Your continued use of our Services after the effective date of the updated policy constitutes acceptance of the changes.

11. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to your inquiries within 30 days or as required by applicable law.