Privacy Policy

1. What Information Do We Collect?

Information You Provide

We collect information you voluntarily provide when you:

• Register for a Connect account
• Use our voice translation services
• Subscribe to paid plans
• Contact us for support

This includes:

• Name and email address
• Phone number and job title
• Voice data and audio recordings (processed in real-time, not stored)
• Voiceprint data for voice cloning and preservation
• Payment information (handled by Stripe)
• Account credentials and authentication data

Information Automatically Collected

We automatically collect certain technical information when you use Connect:

• IP address and device information
• Browser type and operating system
• Location data (optional, for better service)
• Usage analytics and call metadata
• Cookies and tracking pixels

2. How Do We Use Your Data?

We process your information to:

• Deliver Connect's services: Real-time voice translation, transcription, and voice preservation
• Improve our platform: Analyze usage patterns to enhance translation accuracy and user experience
• Billing and payments: Process subscriptions and manage your account
• Customer support: Respond to inquiries and troubleshoot issues
• Security and fraud prevention: Protect against unauthorized access
• Compliance: Meet legal obligations under GDPR, CCPA, and other regulations
• Marketing: Send you updates about features and plans (you can opt out anytime)

3. Legal Basis for Processing

GDPR & UK GDPR (EU/UK users)

We rely on the following legal bases:

• Consent: You agree to our services and data processing
• Contract: Processing is necessary to provide Connect to you
• Legitimate Interests: Improving our service and preventing fraud
• Legal Obligation: Complying with regulatory requirements

CCPA & CPRA (California users)

California residents have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt-out of "selling" or "sharing" of data
• Non-discrimination for exercising your rights

APPI Compliance (Japan)

For users in Japan, we comply with the Act on Protection of Personal Information (APPI). Your rights include:

• Right to access your personal information
• Right to correct inaccurate information
• Right to delete your information
• Right to suspend processing

We notify affected users of any data breaches as soon as practicable in accordance with APPI requirements.

4. Who Do We Share Your Data With?

We may share your data with the following third parties:

AI & Voice Processing

• Hume AI: Emotional intelligence and voice analysis
• Cartesia: Voice synthesis and generation
• ElevenLabs: Voice cloning and preservation
• Soniox: Real-time speech recognition
• OpenAI: Language translation and processing

Infrastructure & Hosting

• Hetzner: Cloud server and data storage (Europe-based)
• Vercel: Website hosting and CDN

Analytics & Services

• Google Analytics & Amplitude: User behavior analytics
• Google OAuth: Authentication and login
• Stripe: Payment processing

Communication

• Resend: Transactional emails
• Loops: Marketing campaigns and newsletters

All subprocessors are contractually bound to protect your data in accordance with GDPR and international standards. View our complete subprocessors list.

5. International Data Transfers

Connect operates with servers primarily in the United States and Europe (Hetzner). If you're in the EU/UK, your data may be transferred to:

• United States (OpenAI, Stripe, Google, Amplitude)
• Europe (Hetzner in Germany)
• Other countries where our service providers operate

Data Protection Measures

We implement Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data is protected under EU data protection standards, even when transferred internationally.

6. How Long Do We Keep Your Data?

• Conversation audio: Deleted immediately after real-time translation
• Voiceprint: Kept for as long as you have an active account
• Account data: Retained for 90 days after account deletion
• Analytics data: Stored for 12 months for service improvement
• Payment records: Kept for 7 years (legal requirement)

After the retention period, we securely delete or anonymize your data. You can request early deletion anytime.

7. How Do We Protect Your Data?

We implement industry-leading security measures:

• End-to-end encryption for voice data transmission
• AES-256 encryption for stored data
• HTTPS/TLS for all communications
• Regular security audits and penetration testing
• ISO 27001 compliance
• Secure access controls and authentication

8. Your Privacy Rights

Rights for Everyone

• Access your personal data
• Correct inaccurate information
• Delete your account and data
• Export your data in a readable format
• Withdraw consent at any time
• Opt-out of marketing emails

Additional Rights (GDPR/CCPA)

• Right to Restrict Processing: Limit how we use your data
• Right to Object: Refuse certain processing activities
• Right to Lodge a Complaint: Report violations to your data protection authority
• Right to Data Portability: Receive your data in machine-readable format

How to Exercise Your Rights

Contact us at privacy@belora-connect.com with your request. We'll respond within 30 days (GDPR requirement) or 45 days (CCPA requirement).

9. Contact Us