Back to home

Privacy Policy

Last updated : 26/02/2026

1. Introduction

At Spectalya, we place the utmost importance on protecting your personal data. This privacy policy explains how we collect, use and protect your information when you use our service.

By using Spectalya, you accept the practices described in this policy.

2. Data Controller

The data controller is:

Spectalya
Email: [email protected]

3. Data Collected

We collect the following types of data:

Data Type Examples Purpose
Identification data Name, surname, email Account creation and management
Connection data Logs, IP address, device Security and service improvement
Professional data Files, photos, transcriptions Service delivery
Payment data Banking information (via Stripe) Billing

4. Use of Data

Your data is used to:

  • Provide and improve our services
  • Manage your account and subscription
  • Ensure platform security
  • Send you important communications (invoices, service updates)
  • Respond to your support requests
  • Comply with our legal obligations

5. Legal Basis for Processing

We process your data on the following legal bases:

  • Contract performance: to provide the service you subscribed to
  • Legitimate interest: to improve our services and ensure security
  • Legal obligation: to comply with our accounting and tax obligations
  • Consent: for sending marketing communications (which you can withdraw at any time)

6. Data Sharing

Your data may be shared with:

  • Stripe: for secure payment processing
  • OpenAI: for audio transcription (anonymised data)
  • Hosting providers: for secure data storage
  • Authorities: when required by law

7. Data Retention

We retain your data for the following periods:

  • Account data: for the duration of your subscription + 3 years
  • Files and documents: for the duration of your subscription + 1 year after cancellation
  • Billing data: 10 years (legal requirement)
  • Connection logs: 1 year

8. Data Security

We implement appropriate security measures to protect your data:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of data at rest
  • Strict access control
  • Continuous system monitoring
  • Regular backups
  • Periodic security testing

9. Your Rights

Under the GDPR, you have the following rights:

  • Right of access: obtain a copy of your data
  • Right to rectification: correct inaccurate data
  • Right to erasure: request deletion of your data
  • Right to portability: receive your data in a standard format
  • Right to object: object to certain processing
  • Right to restriction: restrict the processing of your data

10. Cookies

We use cookies essential to the operation of the service (authentication, preferences). We do not use advertising cookies or third-party tracking.

11. Changes

We may update this privacy policy. Significant changes will be notified to you by email or in-app notification.

12. Contact

For any questions regarding this policy or your personal data:

Email: [email protected]

You also have the right to lodge a complaint with your country's data protection authority.