Privacy Policy

Last updated: January 2, 2026

1. Introduction

Welcome to SoundSource. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered voice recording and transcription application, website, and related services (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with our data practices, please do not use the Service. If you have questions, contact us at hello@soundsource.app.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, phone number, password, profile picture, and other registration details
  • User Content: Voice recordings, audio files, transcriptions, notes, and any other data you create, upload, or submit
  • Communication Data: Messages, feedback, support requests, and any correspondence with our team
  • Payment Information: Billing address, payment method, subscription details (processed securely via third-party payment processors)

2.2 Information We Collect Automatically

  • Device Information: Device type, operating system, device identifiers, mobile network information
  • Usage Data: Features accessed, time spent, interactions with the Service, search queries, export actions
  • Technical Data: IP address, browser type, referring URLs, pages visited, crash reports, error logs
  • Location Data: General location information (country/region level) based on IP address, if permitted

2.3 Information From Third Parties

  • Analytics Providers: Usage patterns and engagement metrics from analytics tools (Umami)
  • Payment Processors: Transaction confirmation and fraud prevention information
  • Service Providers: Data from cloud storage, backup services, and other infrastructure providers

3. How We Use Your Information

3.1 Service Delivery

We use your information to:

  • Provide, maintain, and improve the Service
  • Process and transcribe your voice recordings using our AI Models
  • Store, organize, and retrieve your User Content
  • Enable cloud synchronization across your devices
  • Provide customer support and respond to inquiries
  • Personalize your experience and save your preferences

3.2 AI Model Improvement

We use anonymized and aggregated data to:

  • Train and improve the accuracy of our AI transcription models
  • Optimize performance for Nigerian English and African languages
  • Enhance speaker identification and diarization capabilities
  • Analyze usage patterns to identify feature improvements

3.3 Communications

We may use your information to:

  • Send transactional emails (confirmations, receipts, updates)
  • Notify you of important changes to the Service or these policies
  • Send security alerts and breach notifications
  • Provide technical support and troubleshooting assistance

3.4 Marketing (Optional)

With your consent, we may:

  • Send promotional emails about new features or products
  • Share updates about company news and announcements
  • Invite you to participate in surveys or user research
  • You can opt out of marketing communications at any time

3.5 Legal and Safety

We may use your information to:

  • Comply with legal obligations and law enforcement requests
  • Protect against fraud, security threats, and abuse
  • Enforce our Terms of Service and other agreements
  • Protect the rights, privacy, and safety of users and the public

4. Legal Basis for Processing (GDPR/CCPA)

For Users in the EU (GDPR):

We process your data based on:

  • Contractual Necessity: To perform our Services and fulfill your subscription
  • Legitimate Interests: To improve the Service, prevent fraud, and ensure security
  • Your Consent: For marketing communications and optional analytics
  • Legal Obligation: To comply with applicable laws and regulations

For Users in California (CCPA):

You have rights to:

  • Know what personal information we collect
  • Delete personal information (with exceptions)
  • Opt-out of the sale or sharing of your data
  • Request portability of your information

We do not sell your personal information to third parties for monetary consideration.

5. Data Sharing and Disclosure

5.1 Service Providers

We share data with trusted third parties who assist in providing the Service:

  • Cloud Providers: For data storage, backup, and processing (with encryption)
  • Payment Processors: For processing subscription payments
  • Analytics Tools: For aggregated usage metrics (Umami - privacy-focused)
  • Email Services: For transactional communications
  • AI Infrastructure: For transcription processing (with data minimization)

All service providers are bound by confidentiality agreements and data processing terms.

5.2 Legal Requirements

We may disclose your information if required by law or if we believe in good faith that disclosure is necessary to:

  • Comply with legal obligations (court orders, subpoenas, government requests)
  • Protect and defend our rights and property
  • Prevent fraud or security threats
  • Protect the safety of our users or the public

5.3 Business Transfers

If SoundSource is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your data.

5.4 What We DON'T Do

  • We do NOT sell your personal information to advertisers or data brokers
  • We do NOT share your voice recordings or transcriptions without your consent
  • We do NOT use your data for behavioral advertising
  • We do NOT share data with unaffiliated third parties for their marketing purposes

6. Data Security

6.1 Security Measures

We implement industry-standard security measures including:

  • Encryption in Transit: TLS/SSL protocols for all data transmission
  • Encryption at Rest: AES-256 encryption for stored data
  • Access Controls: Role-based access and multi-factor authentication
  • Secure Infrastructure: Regularly updated servers and security patches
  • Data Minimization: We collect only necessary information
  • Regular Audits: Security assessments and penetration testing
  • Employee Training: Staff training on data protection and security

6.2 Security Limitations

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute protection against:

  • Sophisticated cyberattacks or zero-day exploits
  • Unauthorized access due to user credential compromise
  • Data breaches involving our service providers
  • Physical theft or disasters

6.3 Data Breach Notification

In the event of a confirmed data breach affecting your personal information, we will:

  • Notify affected users without undue delay (within 72 hours where legally required)
  • Provide details of the breach and its potential impact
  • Explain what steps we're taking to address the breach
  • Offer resources and support for affected individuals

7. Data Retention

7.1 Retention Periods

  • User Content: Retained as long as your account is active. Deleted content is removed within 30 days (backups may persist for up to 90 days)
  • Account Information: Retained for the duration of your account; deleted within 30 days of account termination
  • Transaction Records: Retained for 7 years for accounting and tax compliance
  • Support Communications: Retained for 2 years for reference and dispute resolution
  • Usage Data/Analytics: Retained for up to 12 months in aggregated form
  • Backup Data: Retained for up to 90 days after deletion for disaster recovery

7.2 Your Responsibilities

You are responsible for:

  • Maintaining your own backups of important User Content
  • Downloading your data before account deletion
  • Understanding that deleted data cannot be recovered

8. Your Rights and Choices

8.1 Access and Portability

You have the right to:

  • Access your personal information at any time through your account settings
  • Receive a copy of your data in a portable format (CSV, JSON)
  • Understand how your data is being used
  • Request an explanation of automated decision-making

8.2 Correction and Deletion

You have the right to:

  • Update or correct your account information
  • Delete specific User Content through your account
  • Request deletion of your entire account and associated data
  • Retrieve your User Content before deletion (available for 30 days)

8.3 Opt-Out Rights

You may:

  • Opt out of marketing communications by clicking "unsubscribe" in emails
  • Disable analytics and tracking in your account settings
  • Disable cookies through your browser settings
  • Request not to be contacted for promotional purposes

8.4 Data Subject Rights (GDPR/CCPA)

If you're in the EU or California, you have specific rights:

  • Right to Know: What personal data is collected and how it's used
  • Right to Delete: Request deletion (right to be forgotten)
  • Right to Correct: Accurate and complete information
  • Right to Restrict: Processing of your data
  • Right to Portability: Receive data in a usable format
  • Right to Object: Automated decision-making and profiling
  • Right to Appeal: Decisions affecting you

To exercise these rights, contact: hello@soundsource.app

9. Children's Privacy

The Service is not intended for use by children under 13 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.

If we become aware that we have collected data from a child under 13:

  • We will take steps to delete such information promptly
  • We will not use the data for any purpose
  • We will notify the parent/guardian

If you believe we have collected information from a child, please contact us immediately at hello@soundsource.app.

10. Cookies and Tracking Technologies

10.1 What We Use

  • Analytics: Umami (privacy-focused, no personal data tracking)
  • Essential Cookies: For authentication and Service functionality
  • Performance Cookies: To improve Service speed and reliability
  • No Advertising Cookies: We do not use third-party advertising trackers

10.2 Your Cookie Preferences

You can:

  • Disable analytics in your account settings
  • Clear cookies in your browser settings
  • Use "Do Not Track" browser feature (we honor this)
  • Manage cookie preferences through your device settings

11. International Data Transfers

If you access the Service from outside Nigeria, your data may be transferred to, stored in, and processed in Nigeria and other countries. These countries may have different data protection laws.

By using the Service, you consent to:

  • Transfer of your data to countries that may not have equivalent privacy protection
  • Processing of your data as described in this Privacy Policy
  • Applicable laws of Nigeria regarding data protection

We implement Standard Contractual Clauses and other mechanisms to protect data in transfers.

12. Third-Party Links and Services

The Service may contain links to third-party websites and services. This Privacy Policy does not apply to:

  • Third-party websites and their privacy practices
  • External services and their data handling
  • Links to social media platforms

We are not responsible for third-party privacy practices. Please review their privacy policies before providing your information.

13. California Privacy Rights (CCPA)

If you're a California resident, you have additional rights:

Right to Know: You can request what personal information we've collected, the purposes, and categories of sources.

Right to Delete: You can request deletion of personal information, with limited exceptions.

Right to Opt-Out: You can opt out of sales or sharing of your personal information (we don't sell your data).

Right to Correct: You can request correction of inaccurate personal information.

Right to Limit Use: You can limit use of sensitive personal information.

Authorized Agent: You may submit requests through an authorized agent.

To submit a CCPA request, contact: hello@soundsource.app

14. EU Privacy Rights (GDPR)

If you're in the EU, you have rights including:

Right to Access: Obtain a copy of your personal data.

Right to Rectification: Correct inaccurate or incomplete data.

Right to Erasure: Request deletion of your data (right to be forgotten).

Right to Restrict Processing: Limit how your data is used.

Right to Data Portability: Receive your data in a structured, portable format.

Right to Object: Object to processing based on legitimate interests.

Right to Lodge a Complaint: File a complaint with your local data protection authority.

To exercise GDPR rights, contact: hello@soundsource.app or our Data Protection Officer.

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our data practices
  • Legal or regulatory updates
  • Technical improvements
  • User feedback

How We'll Notify You:

  • Email notification for material changes
  • Prominent notice on the Service homepage
  • Updated "Last Updated" date

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy regularly.

16. Contact Us

For privacy inquiries, data requests, or concerns:

Email: hello@soundsource.app
Address: SoundSource, Port Harcourt, Nigeria

Response Time: We aim to respond to all requests within 30 days. Complex requests may require up to 60 days.

Data Protection Officer: Available for GDPR-related inquiries.

If you're not satisfied with our response, you may file a complaint with your local data protection authority.

17. Dispute Resolution

Before pursuing legal action:

  • Contact us with your privacy concern
  • Allow us 30 days to investigate and respond
  • Work with us on a resolution

For unresolved disputes, you may pursue remedies through:

  • Regulatory authorities (ICO, DPA, FTC, NDPR)
  • Legal action in applicable courts
  • Arbitration (if applicable)