BackTalkling

Talkling – Privacy Policy

Quick summary

  • Controller: Talkling (contact: support@talkling.app)
  • What we collect: Account details (email, name), messages/audio you send, learning progress, limited technical and security logs.
  • Why: To run Talkling, improve quality and safety, support you, and meet legal obligations.
  • Analytics: We use Plausible (cookieless, EU-based) for aggregate stats and conversion tracking—no personal profiles or cross-site tracking.
  • AI processing: Transcription and AI replies use OpenAI. API data is not used to train OpenAI models by default. We don't sell personal data.
  • Payments: Handled by Paddle; they process your billing data and taxes/VAT.
  • Reasonable-use safeguards: Paid plans include “unlimited” messaging/AI help, but we keep soft limits (~3k messages & ~10k AI calls/day) to stop abuse—normal learners never hit them.
  • Your rights: Access, rectify, delete, export, restrict/ object. EU/UK users can complain to a data authority.

1) What data we process

You provide:

  • Account info: email, display name, languages, settings
  • Content: messages, audio, attachments

We generate:

  • Transcriptions, translations, learning progress
  • Usage metrics (features used, timestamps)
  • Security/abuse signals (e.g., rate limits, IP in logs)
  • Daily usage counters to enforce reasonable-use safeguards (message count, translation/AI call count)

Technical:

  • Device/browser type, IP‑derived region, crash logs
  • Essential cookies or tokens for authentication only
  • Diagnostic signals from rate-limit systems (e.g., whether you hit the soft cap that day)

We do not intentionally collect special‑category data. Please avoid sharing sensitive information.

2) Why we use your data (legal bases)

  • Provide the service and support (contract)
  • Keep Talkling safe & reliable (legitimate interests)
  • Improve features using aggregated/de‑identified data (legitimate interests)
  • Communications like important service updates (legitimate interests / legal obligation)
  • Consent‑based features (e.g., notifications) when required
  • Prevent abuse & enforce reasonable-use limits so “unlimited” perks remain sustainable for everyone (legitimate interests)

3) AI features (OpenAI)

We send text/audio you choose to process to OpenAI to generate transcripts and AI replies. According to OpenAI, API data is not used to train their models by default. We keep only what we need to provide Talkling and to prevent abuse. See Your Controls below for export and deletion.

4) Payments (Paddle)

We use Paddle as our Merchant of Record. Paddle processes payment methods, invoices, and taxes/VAT and shares with us only what we need (e.g., plan status, country/tax info). Your payment data is handled under Paddle's terms and privacy policy.

5) Analytics

We use Plausible Analytics, a privacy-friendly, cookieless tool hosted in the EU, to understand how people discover Talkling and whether onboarding steps succeed. Plausible gives us aggregated stats (e.g., page views, signup completions, trial-to-subscription conversions); it does not create personal profiles or track you across sites.

6) Data sharing

We share data with service providers under contracts that limit their use to our instructions—e.g., hosting, authentication, analytics (Plausible), billing (Paddle), AI processing (OpenAI), and customer support. We don't sell personal data.

Rate-limit counters are stored with the same providers that host our databases (Supabase/Prisma Postgres) and automatically reset daily. Plausible receives only anonymized event data (e.g., "trial_signup", "trial_converted", "trial_expired") tied to browser/session metadata, never your account contents.

7) International transfers

If data leaves your region (for example, to our providers), we rely on approved safeguards such as Standard Contractual Clauses and vendor certifications.

8) Retention

  • Account data: kept while your account is active
  • Content (messages/audio): kept so the app works; deleted on account deletion
  • After deletion: remove active data within 30 days; backups may persist up to 90 days
  • Legal/transaction records may be kept longer where required
  • Rate-limit counters reset every 24 hours and are kept only in aggregate logs for abuse investigations (typically under 30 days unless part of an active security review)

9) Your controls & rights

In Settings or via support@talkling.app, you can:

  • access/export your data,
  • correct or delete information,
  • delete your account,
  • object to or restrict certain processing,
  • withdraw consent (where applicable).

EU/UK/Swiss users can also complain to their local data authority.

10) Children

Talkling is not for children under 13 (or the higher minimum age in your country).

11) Security

We use HTTPS, access controls, and industry‑standard safeguards. No method is 100% secure.

12) Changes

We'll post updates here and, for material changes, notify you in‑app or by email.

13) Contact

Email: support@talkling.app
Website: https://talkling.app

For GDPR-related inquiries, please include "GDPR Request" in your subject line.

Last Revised: November 14, 2025