VoiceFeedback
Early Access

Privacy Policy

Last updated: October 22, 2025

1. Introduction

Somani Technologies Private Limited ("we," "us," "our") operates VoiceFeedback.io. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in compliance with the European General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act, 2023 (DPDP Act).

2. Data Controller & DPO

Data Controller: Somani Technologies Private Limited

Registered Office: [Address to be added]

Data Protection Officer: [email protected]

Contact: For all privacy-related inquiries, email [email protected]

3. What Data We Collect

3.1 Account Information

  • Name, email address, phone number (optional)
  • Company name, role, team size (for business accounts)
  • Billing address, GSTIN (for Indian customers)
  • Password (hashed and salted, never stored in plain text)

3.2 Voice Recordings & Transcriptions

When you or your customers submit voice feedback through our platform:

  • Voice audio files: Stored with your explicit consent, encrypted at rest
  • Transcriptions: Auto-generated text from speech
  • Language metadata: Detected language and dialect
  • Sentiment analysis: AI-derived sentiment scores (not personal data)
  • Associated metadata: Timestamp, form ID, user ID (if authenticated)

3.3 Usage Data

  • IP address, device type, browser type
  • Pages visited, features used, time spent
  • UTM parameters and referral sources
  • Cookies (see Section 7 for details on cookie usage and consent)

3.4 Payment Information

We use Stripe and Razorpay as payment processors. We do not store credit card details on our servers. Payment processors comply with PCI DSS standards.

4. Why We Collect Data (Legal Basis)

Contract Performance

To provide voice feedback services you've subscribed to

Legitimate Interest

To improve our service, prevent fraud, and analyze usage

Consent

For voice recording storage, marketing emails, and non-essential cookies

Legal Obligation

Tax compliance (GST invoices), data breach notification, court orders

5. How We Use Your Data

  • Provide voice feedback capture, transcription, and analysis
  • Generate insights, dashboards, and KPI reports
  • Send service updates, billing notifications, and support
  • Marketing emails (opt-in only, unsubscribe anytime via footer link)
  • Detect fraud, abuse, and security threats
  • Comply with legal obligations (tax, audits, law enforcement)

6. Data Retention

Data TypeRetention
Voice recordingsAs per your plan (7/14/30/90 days, or custom)
Transcriptions & insightsIndefinitely (until account deletion)
Account dataUntil account deletion + 30 days grace period
Billing records7 years (tax compliance)
Logs & audit trails90 days

7. Cookies & Tracking

We use cookies for:

  • Essential: Authentication, security, session management (no consent required)
  • Analytics: First-party usage tracking (consent required)
  • Marketing: UTM tracking, A/B experiments (consent required)

You can manage cookie preferences via our consent bar or browser settings. Blocking non-essential cookies won't affect core functionality.

8. Data Sharing & Third Parties

We do not sell your data. We share data only with:

  • Cloud infrastructure: AWS/GCP (data residency controls apply)
  • Payment processors: Stripe (global), Razorpay (India)
  • Email service: [Provider TBD] for transactional emails
  • Speech-to-text API: [Provider TBD] with data processing agreements

All subprocessors sign Data Processing Agreements (DPAs) and comply with GDPR/DPDP standards. Full list available on request.

9. Your Rights (GDPR & DPDP)

Right to Access:Download all your data in JSON/CSV format (Account Settings → Export Data)
Right to Rectification:Update incorrect information via Account Settings
Right to Erasure (Right to be Forgotten):Email [email protected] to delete all personal data (within 30 days)
Right to Portability:Export data to transfer to another service
Right to Object:Stop processing for marketing or legitimate interest purposes
Right to Restrict:Temporarily suspend processing while disputes are resolved

To exercise any right, email [email protected] with your request. We respond within 30 days (GDPR) or 30 days (DPDP).

10. Data Breaches

In the event of a data breach affecting your personal data, we will notify you within 72 hours (GDPR) or as soon as practicable (DPDP). Notification will include: nature of breach, data affected, mitigation steps, and contact for further information.

11. International Data Transfers

If you choose a data residency region outside your country (e.g., India customer selecting EU servers), we ensure Standard Contractual Clauses (SCCs) or equivalent safeguards are in place. You can request a copy of transfer mechanisms at [email protected]

12. Children's Privacy

VoiceFeedback.io is not intended for users under 18 (GDPR) or 18 (DPDP). We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, contact [email protected] for immediate deletion.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you via email or in-app banner for material changes. Continued use after notification constitutes acceptance.

14. Contact & Complaints

For privacy questions, data subject requests, or complaints:

Email: [email protected]

Response Time: Within 30 days

You have the right to lodge a complaint with your local data protection authority:

  • EU: Your national supervisory authority (list at edpb.europa.eu)
  • India: Data Protection Board of India (once operational)
Terms of ServiceSecurity