Skip to content
E

Privacy Policy

Last updated: 2026-01-25

This Privacy Policy explains how we process personal data when you use Expat Speak (the “Service”).

1) Controller and contact

Controller: Ashish Alexander
Contact: info@expatspeak.com

2) What we do (high-level)

  • The Service is voice-first: you speak German, and we provide feedback.
  • We use third-party service providers for hosting, authentication, payments, analytics (with your consent), and voice evaluation.

3) What we store (and do not store)

We store:

  • your voice recordings and transcripts for up to 1 year (for QA and quality improvement).

We do not store your full payment card details (handled by our payment processor).

4) Data we process

Depending on how you use the Service, we may process:

  • Account data (e.g., email address, sign-in identifiers) to authenticate you.
  • Consent records (timestamps) to document your consent.
  • Usage data (e.g., feature usage events) for analytics and product improvement (only after consent).
  • Session recordings (replay) to understand how users interact with the app and improve the experience (only after consent).
  • Purchase metadata (e.g., what you bought, timestamps) to grant access and handle support.

5) Voice processing (voice evaluation)

If you enable voice features, your audio input is sent to a third-party voice evaluation provider for transcription and feedback.

Important notes:

  • We store your voice recordings and transcripts for up to 1 year for QA and quality improvement.
  • Our voice evaluation provider may also retain API inputs/outputs for a limited period for abuse monitoring and service safety.
  • Automated evaluation: The AI determines whether your response achieved the communication goal and selects the next story branch. This automated decision affects your learning path but does not have legal or similarly significant effects. You can re-record to try again.

6) Analytics and session recordings

If you accept the Terms of Service and Privacy Policy, we may use an analytics provider and a session recording provider to understand how users interact with the Service and to improve it.

Analytics and session recordings are not initialized until you complete the consent flow (both checkboxes accepted), so no analytics data is captured pre-consent.

We aim to minimize what is captured and to avoid recording sensitive text.

7) Payments

Payments are processed by a third-party payment provider. We receive limited purchase metadata needed to grant access and handle support, but we do not receive or store your full card details.

8) Legal bases

We process personal data based on one or more of the following (as applicable):

  • Consent (e.g., voice processing; analytics and session recordings as described in this policy)
  • Performance of a contract (providing the Service you request)
  • Legitimate interests (security, fraud prevention, service reliability), where applicable and lawful

9) Retention

We retain personal data for the periods below, unless a longer period is required by law:

  • Account data: until you request deletion (or we delete inactive accounts according to our internal policies).
  • Consent records: for as long as your account exists and as needed to demonstrate consent (typically up to 3 years after account deletion).
  • Purchase and accounting records: as required by applicable tax/accounting laws (may be up to 10 years in Germany).
  • Analytics events: up to 24 months (or less if you request deletion earlier).
  • Session recordings: up to 30 days (or less if you request deletion earlier).
  • Voice recordings / transcripts: up to 1 year.

10) International transfers

Some providers may process data outside the EEA (for example, US-hosted services). Where required, transfers rely on appropriate safeguards (such as standard contractual clauses) and other measures as provided by the relevant vendors.

11) Your rights

Depending on your location and applicable law, you may have rights including access, rectification, deletion, restriction, portability, and objection, and the right to withdraw consent.

You also have the right to lodge a complaint with a data protection supervisory authority in your country of residence.

To exercise your rights, contact: info@expatspeak.com

12) Changes to this policy

We may update this Privacy Policy from time to time. Material changes may require re-consent before continued use.