Speak- Global Privacy Notice with Country-Specific
Addendum
SPEAK PRIVACY NOTICE
Last updated: 12/7/2023
The previous versions of the Privacy Policy may be accessed
at link
This Privacy Notice explains how Speak (“Speak”, “we”,
“us” or “our”) collects, uses, shares, and otherwise processes
personal data in connection with our websites, including http://www.speak.com and other websites we own
and operate that link to this Privacy Notice (the “Sites”), the Speak
mobile application (the “App”) and the related content, platforms,
services, products, and other functionality offered on or through our services
(collectively, the “Services”). Speakeasy Labs, Inc. is the data
controller, but this may differ depending on your region of residence. Please
review the region-specific disclosure for your region of residence (below) to
see if the data controller is different for your region. “Speak”, “we”, “us” or
“our” generally refers to Speakeasy Labs, Inc., but this means the specific
data controller for your region if the data controller is not Speakeasy Labs,
Inc. for your region. This Privacy Notice does not address our privacy
practices relating to Speak job applicants, employees, and other personnel.
Please note this Privacy Notice is not a contract and does not create any legal
rights or obligations.
REGION-SPECIFIC DISCLOSURES
This Privacy Notice is designed to apply to our Site
visitors and users of our Services. We may choose or be required by law to
provide additional disclosures relating to the processing of personal
information in certain countries, regions or states. Please refer below for
disclosures that may be applicable to you:
·
If you are a resident of the U.S., please click here
for additional U.S. state-specific privacy disclosures.
·
If you are located in China, please click here
for additional China-specific privacy disclosures.
·
If you are located in European Economic Area (Member States of
the European Union together with Iceland, Norway, and Liechtenstein), United
Kingdom, or Switzerland, please click here
for the Additional European Economic Area, United Kingdom, and Switzerland
Privacy Disclosures section for additional European-specific privacy
disclosures.
·
If you are located in Japan, please click here
for additional Japan-specific privacy disclosures.
·
If you are located in Korea, please click here
for additional Korea-specific privacy disclosures.
·
If you are located in Mexico, please click here
for additional Mexico-specific privacy disclosures.
TABLE OF CONTENTS
·
What is Personal Data?
·
How We Collect and Use Personal Data
·
Our Disclosure of Personal Data
·
Third Party Data Collection and Online Advertising
·
Data Retention
·
Control Over Your Information
·
Links to Third-Party Websites and Services
·
Children’s Privacy
·
Changes to this Privacy Notice
·
Contact Us
·
Additional U.S. Privacy Disclosures
·
Additional EU, UK, and Switzerland Privacy Disclosures
·
Additional Korea Disclosures
·
Additional Japan Disclosures
·
Additional Mexico Disclosures
·
Additional China Disclosures
·
Annex I
1. WHAT IS PERSONAL DATA?
When we use the term “personal data” in this Privacy Notice,
we mean information that identifies, relates to, describes, is reasonably
capable of being associated with, or could reasonably be linked, directly or
indirectly, to a person or household. It does not include aggregated,
de-identified, or anonymized information that is maintained in a form that is
not reasonably capable of being associated with or linked to a person.
2. HOW WE COLLECT AND USE
PERSONAL DATA
Personal Data Collected
from Individuals
The categories of personal data we collect submitted to us
by individuals through the Services may include:
·
Account Information, including full name, email address,
mailing address, country or region, social media handle(s), phone number,
profile picture, username and password, language selection(s), and payment
information. We use this information to administer your account, provide you
with the relevant Services-related information, communicate with you regarding
your account and your use of the Services, and for customer support purposes.
Please note we utilize a third-party provider to process payments on our behalf
and do not accept payment directly through our Services.
·
Payment Information, including information collected in
connection with signing up for one of our Services that requires payment (i.e.,
a Speak subscription). Please note that we use third party payment processors,
including through the Apple App Store, Google Play Store, Paddle, and Stripe,
to process credit card payments made to us. As such, we do not retain any
personally identifiable financial information in connection with credit card
payments, such as credit card numbers. Rather, all such information is provided
directly by you to our third-party processor. The payment processor’s use of
your personal data is governed by their privacy notice. Please see Stripe’s
Privacy Notice here.
·
Audio information. Upon installation of the app, we
may request access to your microphone or audio recordings in order to
provide you with the Services. For example, we may use this information to evaluate
how well you pronounce a sentence or translate the audio to text. We also
use this information to improve Speak’s voice input function, and to develop,
create, improve, optimize, maintain, and otherwise enhance its automatic speech
recognition and voice transcription technology, and natural language
understanding software products, services or platforms.
·
Inquiry and Communications Information, including
information provided in custom messages sent through the forms on our Services,
in chat messages, to one of our email addresses, or via phone, Whatsapp, or
other messaging platforms. This also includes contact information provided on
our Services. We use this information to investigate and respond to your inquiries,
and to communicate with you, to enhance the services we offer to our users and
to manage and grow our organization.
·
Newsletter, Marketing Emails, and Blog Information,
including email address and applicable interests and communication preferences.
We use this information to manage our communications with you and send you
information about products and services we think may be of interest to you. If
you wish to stop receiving email messages from us, simply click the
“unsubscribe link” provided at the bottom of the email communication. Note that
you cannot unsubscribe from certain services-related email communications
(e.g., account verification, confirmations of transactions, technical or legal
notices).
·
Feedback Information. We may also collect feedback and
ratings you provide relating to our services or products. We use this
information to communicate with you, to conduct market research, inform our
marketing and advertising activities and improve and grow our business.
·
Business Representative Contact Information. If you are a
business representative, we collect your information in connection with the
performance of the agreement or potential agreement with us. This information
may include your first name, last name, company contact information (e.g.,
email, phone, address), job title, and any other information related to the
performance of the agreement with us.
·
Other Information that you provide to us online, by phone
or in person, and use this information to respond to your request, provide you
the requested services, and to inform our marketing and advertising campaigns.
Personal Data Collected
Automatically
We may participate in interest-based advertising and use
third party advertising companies to serve you targeted advertisements based on
your browsing history. We permit third-party online advertising networks,
social media companies and other third-party services, to collect information
about your use of our Services over time so that they may play or display ads
on our Services, on other websites or services you may use, and on other
devices you may use. Typically, though not always, the information used for
interest-based advertising is collected through tracking technologies, such as
cookies, web beacons, embedded scripts, location-identifying technologies, and
similar technology, which recognize the device you are using and collect
information, including click stream information, browser type, time and date
you visited the Sites, AdID, and other similar information. We may share a
common account identifier (such as a hashed email address or user ID) with our
third-party advertising partners to help identify you across devices. We and
our third-party partners use this information to make the advertisements you
see online more relevant to your interests, as well as to provide
advertising-related services such as reporting, attribution, analytics and
market research. We may also use services provided by third parties (such as
social media platforms) to serve targeted ads to you and others on such
platforms. We may do this by providing a hashed version of your email address
or other information to the platform provider.
We may engage in the following:
·
Information about the computer, tablet, smartphone or other
device you use, such as your IP address, browser type, Internet service
provider, device type/model/manufacturer, operating system, date and time
stamp, and a unique ID that allows us to uniquely identify your browser, mobile
device, or your account (including, for example, a persistent device identifier
or an Ad ID), and other such information. We may also work with third-party
partners to employ technologies, including the application of statistical
modeling tools, which permit us to recognize and contact you across multiple
devices.
·
Information about the way you access and use our Services,
for example, the site from which you came and the site to which you are going
when you leave our Services, how frequently you access the Services, whether
you open emails or click the links contained in emails, whether you access the
services from multiple devices, and other browsing behavior and actions you
take on the Sites.
·
Information about how you use the Services, such as the
pages you visit, the links you click, the ads you view and click on, videos you
watch, and other similar actions. We may also use third-party tools to collect
information you provide to us or information about how you use the Services and
may record your mouse movements, scrolling, clicks and keystroke activity on
the Services and other browsing, search or purchasing behavior. These tools may
also record information you enter when you interact with our Services or engage
in chat features through our Services.
·
Information about your location, such as general
geographic location that we or our third-party providers may derive from your
IP address.
·
Analytics information. We may collect analytics data or
use third-party analytics tools such as Google Analytics to help us measure
traffic and usage trends for the services and to understand more about the
demographics of our users (including through the use of automated tools
leveraging artificial intelligence (“AI”)). You can learn more about
Google’s practices at http://www.google.com/policies/privacy/partners and
view its opt-out options at https://tools.google.com/dlpage/gaoptout.
All of the information collected automatically through
these tools allows us to improve your customer experience. For example, we may
use this information to enhance and personalize your user experience, to
monitor and improve our Services, and to improve the effectiveness of our
Services, offers, advertising, communications and customer service. We may also
use this information the data collected through tracking technologies to: (a)
remember information so that you will not have to re-enter it during your visit
or the next time you visit the site; (b) provide custom, personalized
content and information, including targeted content and advertising; (c)
identify you across multiple devices; (d) provide and monitor the effectiveness
of our services; (e) monitor aggregate metrics such as total number of
visitors, traffic, usage, and demographic patterns on our website; (f) diagnose
or fix technology problems; (g) train and refine automated tools leveraging AI;
and (h) otherwise to plan for and enhance our services.
If you would prefer not to accept cookies, most browsers will
allow you to: (i) change your browser settings to notify you when you receive a
cookie, which lets you choose whether or not to accept it; (ii) disable
existing cookies; or (iii) set your browser to automatically reject cookies;
however, doing so may negatively impact your experience using the services, as
some features and services may not work properly. You may also set your email
options to prevent the automatic downloading of images that may contain
technologies that would allow us to know whether you have accessed our email
and performed certain functions with it.
We and our third-party partners may also use cookies and
tracking technologies for advertising purposes. For more information about
tracking technologies, please see Third-Party Data Collection and Online
Advertising below.
For more information about your choices regarding cookies,
please see the Control Over Your Information section below.
Personal Data from Third
Parties
We also obtain personal data from third parties, which we
often combine with personal data we collect either automatically or directly
from an individual.
PERSONAL DATA WE COLLECT ABOUT YOU AND HOW WE USE IT
We collect the categories of personal data set forth in the
How We Collect and Use Personal Data section of our Privacy Notice
directly when you use the Services. The table in this section 3 sets out in
further detail the categories of personal data we collect about you and how we
use that information when you use the Speak Site and/or Application, as well as
the legal basis which we rely on to process the personal data and recipients of
that personal data.
We will indicate to you if the provision of certain
personal data is mandatory, for instance in connection with the provision of
the Services, or optional. If you choose not to provide any personal data
marked as mandatory, we may not be able to respond to your queries or provide
other services to you or respond to your other requests.
|
Category of personal data
|
How we may use it
|
Legal basis for the
processing
|
Recipients of personal data
|
|
Contact and account
Information, including full name, email
address, mailing address, country or region, social media handle(s), phone
number, profile picture, username and password, and language selection(s).
|
We use this information to
administer your account and provide you with the Services.
|
The processing is necessary for
the performance of a contract with you.
|
Google Cloud Platform,
PostgresSQL, Frontapp, customer.io, Twillo,
(these are all listed in the original English version we shared)
|
|
We use this information to
provide updates, news alerts and promotional materials (when you sign up to
receive or request such updates).
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
customer.io,
Retool Inc, Kakao, line
|
|
Payment Information, including shipping address, billing address, credit
card number and debit card number.
|
We use this information to
facilitate your transactions if you purchase a paid subscription.
|
The processing is necessary for
the performance of a contract with you.
|
Paddle, Stripe, Apple, Google,
payco
|
|
Audio information, including live voice recordings through the microphone
or pre-recorded audio files.
|
We use this information to
provide you with the Services.
|
The processing is necessary for
the performance of a contract with you.
|
OpenAI, Microsoft
|
|
We use this information to
improve the Services
|
The processing is necessary for
our legitimate interests, namely maintaining and improving the Services.
|
OpenAI
|
|
Inquiry and Communications
Information, including information
provided in custom messages sent through the forms on our Services, in chat
messages, to one of our email addresses, or via phone. This also includes
contact information provided on our Services.
|
We use this information to
investigate and respond to your inquiries, and to communicate with you
|
The processing is necessary for
our legitimate interests, namely to respond to and appropriately investigate
your request.
|
customer.io
|
|
We use this information to
improve and monitor the Services as well as our customer support responses.
|
The processing is necessary for
our legitimate interests, namely maintaining our IT systems and their
security and maintaining and improving of the Services.
|
Customer.io
|
|
Newsletter, Marketing
Emails, and Blog Information, including
email address and applicable interests and communication preferences.
|
We use this information to
provide updates, news alerts and promotional materials (when you sign up to
receive or request such updates).
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so. The processing of your communication preferences is necessary to
comply with a legal obligation that we are subject to (ePrivacy Directive
2002/58/EC (as amended) in the EU and the Privacy and Electronic
Communications (EC Directive) Regulations 2003 in the UK).
|
Customer.io
|
|
Feedback Information. We may also collect feedback and ratings you provide
relating to our services or products.
|
We use this information to
communicate with you, to conduct market research, inform our marketing and
advertising activities and improve and grow our business.
|
The processing is necessary for
our legitimate interests, namely maintaining and improving the Services.
|
Survey Monkey, Apple, Google,
|
|
|
|
|
|
Business Representative
Contact Information. If you are a
business representative, we collect your information in connection with the
performance of the agreement or potential agreement with us. This information
may include your first name, last name, company contact information (e.g.
email, phone, address), job title, and any other information related to the
performance of the agreement with us.
|
We use this information in
order to facilitate the relationship with your company.
|
The processing is necessary for
our legitimate interests, namely maintaining and growing our organization. \The
processing is necessary for the performance of a contract with you.
|
|
|
|
|
|
|
|
Information received from
social networks, if you connect a social
network to our Services, or interact with our service through a social
network, we may receive information from your social network such as name,
email, phone number, and any other information you permit the social network
to share with third parties.
|
We use this information to
provide you with the Services.
|
|
|
·
Name, email, location which enables us to create accounts and
serve the correct content | The processing is necessary for the performance of
a contract with you | Facebook, Google, Meta, TikTok, Snapchat, retool, customer.io, Kako, Line | | Information
received from third parties, from time to time, we may receive information
about you from third parties and other users of the Services. We may obtain
information from third parties to enhance or supplement our existing user
information. We may also collect information about you from publicly available
sources. | We use this information to identify a user across multiple devices,
to aggregate metrics and monitor performance, to diagnose and fix problems. We
also use it for tracking users across devices | The processing is necessary for
our legitimate interests, namely maintaining our IT systems and their security
and maintaining and improving of the Services. | |
PERSONAL DATA WE COLLECT ABOUT YOU AUTOMATICALLY
We also automatically collect personal data indirectly
about how you access and use the Speak Website and/or Application, information
about the device you use to access the Speak Website and/or Application and
usage information about the length of time you are using the Speak Website
and/or Application. We use this information for our own analytical purposes to
improve the Speak Website and/or Application and our other services. We
typically collect this information through a variety of tracking technologies,
including cookies and similar tracking technologies.
We collect the categories of personal data set forth in the
How We Collect and Use Personal Data section of our Privacy Notice
directly when you use the Speak Site and Application. The table in this section
4 sets out in further detail the categories of personal data we collect about
you automatically and how we use that information. The table also lists the
legal basis which we rely on to process the personal data and recipients of
that personal data. For more information on cookies and other tracking
technologies we use, please see Section 8 below.
We may anonymise and aggregate any of the personal data we
collect (so that it does not directly identify you). We may use anonymised
information for purposes that include testing our IT systems, research, data
analysis, improving the Speak Website and/or Application and our services or
developing new services and features. We may also share such anonymised and
aggregated information with others.
We may link or combine the personal data we collect about
you and the information we collect automatically.
|
Category of personal data
|
How we may use it
|
Legal basis for the
processing
|
Recipients of personal data
|
|
Information the computer,
tablet, smartphone or other device you use,
such as your IP address, browser type, Internet service provider, device
type/model/manufacturer, operating system, date and time stamp, and a unique
ID that allows us to uniquely identify your browser, mobile device, or your
account (including, for example, a persistent device identifier or an Ad ID),
and other such information. We may also work with third-party partners to
employ technologies, including the application of statistical modeling tools,
which permit us to recognize and contact you across multiple devices.
|
Where relevant and where
permitted under applicable law, we use this information to identify potential
risk or unlawful behaviour including fraud detection, theft prevention,
emergency response purposes and legal compliance.
|
Legitimate interests, namely
identifying and mitigating the risk of unlawful behaviour to protect the
Services and Application, and our users
|
·
customer.io
·
Apple, Google
|
|
|
|
|
We use this information to
improve and monitor the Services.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
·
customer.io
·
Apple, Google
·
Facebook, Tiktok, and other ad
platforms via their own cookies
|
|
We use this information to
analyse preferences, trends and statistics to better improve the Services and
Application.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
Information about the way
you access and use our Services, for
example, the site from which you came and the site to which you are going
when you leave our Services, how frequently you access the Services, whether
you open emails or click the links contained in emails, whether you access
the services from multiple devices, and other browsing behavior and actions
you take on the Sites.
|
Where relevant and where
permitted under applicable law, we use this information to identify potential
risk or unlawful behaviour including fraud detection, theft prevention,
emergency response purposes and legal compliance.
|
Legitimate interests, namely
identifying and mitigating the risk of unlawful behaviour to protect the
Services and Application, and our users
|
·
customer.io
·
Apple, Google
·
Facebook, Tiktok, Google and other ad
platforms via their own cookies
|
|
We use this information to
improve and monitor the Services.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
We use this information to
analyse preferences, trends and statistics to better improve the Services and
Application.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
Information about how you
use the Services, such as the pages you
visit, the links you click, the ads you view and click on, videos you watch,
and other similar actions. We may also use third-party tools to collect
information you provide to us or information about how you use the Services
and may record your mouse movements, scrolling, clicks and keystroke activity
on the Services and other browsing, search or purchasing behavior. These
tools may also record information you enter when you interact with our
Services or engage in chat features through our Services.
|
Where relevant and where
permitted under applicable law, we use this information to identify potential
risk or unlawful behaviour including fraud detection, theft prevention,
emergency response purposes and legal compliance.
|
Legitimate interests, namely
identifying and mitigating the risk of unlawful behaviour to protect the
Services and Application, and our users
|
|
|
We use this information to
improve and monitor the Services.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
We use this information to
analyse preferences, trends and statistics to better improve the Services and
Application.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
Information about your
location, such as general geographic
location that we or our third-party providers may derive from your IP
address.
|
We use this information to
improve and monitor the Services.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
Where relevant and where
permitted under applicable law, we use this information to identify potential
risk or unlawful behaviour including fraud detection, theft prevention,
emergency response purposes and legal compliance.
|
Legitimate interests, namely identifying
and mitigating the risk of unlawful behaviour to protect the Services and
Application, and our users
|
|
|
Analytics information. We may collect analytics data or use third-party
analytics tools to help us measure traffic and usage trends for the services
and to understand more about the demographics of our users (including through
the use of automated tools leveraging AI).
|
We use this information to
improve and monitor the Services.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
|
We use this information to
analyse preferences, trends and statistics to better improve the Services and
Application.
|
We will only process your
personal data in this way to the extent that you have given us your consent
to do so.
|
|
RECIPIENTS
We may share your personal data with the categories of
third parties described in the Our Disclosure of Personal Data section above
(as required in accordance with the uses set out in the tables above).
MARKETING
From time to time we may contact you with information about
our products and services, including sending you marketing messages and asking
for your feedback on our products and services.
Our marketing messages will be sent by email, text, post,
push notification, and instant messages apps such as “WhatsApp”. For some
marketing messages, we may use personal data we collect about you to help us
determine the most relevant marketing information to share with you.
We will only send you marketing messages if you have given
us your consent to do so. You can withdraw your consent at a later date by
clicking on the unsubscribe link at the bottom of our marketing emails, by
opting out via the link in the text message, by contacting us on the contact
details provided at the end of this Privacy Notice. We make every effort to
promptly process all unsubscribe requests. You may not opt out of
service-related communications (e.g., account verification, transactional
communications, changes/updates to features of the Services, technical and
security notices).
RETENTION
The criteria used to determine the period for which
personal data about you will be retained varies depending on the legal basis
under which we process the personal data:
Contract. Where we are processing personal data
based on a contract, we generally will retain your personal data for the
duration of the contract plus some additional limited period of time that is
necessary to comply with law or that represents the statute of limitations for
legal claims that could arise from our contractual relationship.
Legitimate Interests. Where we are processing
personal data based on our legitimate interests, we generally will retain such
information for a reasonable period of time in order to fulfill the legitimate
interests, taking into account your fundamental interests and your rights and
freedoms.
Consent. Where we are processing personal data based
on your consent, we generally will retain your personal data until you withdraw
your consent, or otherwise for the period of time necessary to fulfil the
underlying agreement with you or provide you with the applicable service for
which we process that personal data.
Legal Obligation. Where we are processing personal
data based on a legal obligation, we generally will retain your personal data
for the period of time necessary to fulfil the legal obligation.
Legal Claim. We may need to apply a “legal hold” that
retains information beyond our typical retention period where we face threat of
legal claim or intent to establish a claim. In that case, we will retain the
information until the hold is removed, which typically means the claim or
threat of claim has been resolved.
COOKIES AND SIMILAR TECHNOLOGIES
The Speak Website and Application uses cookies and similar
tracking technologies to distinguish you from other users of the Speak Website
and Application. Cookies are pieces of code that we transfer to your device for
record-keeping purposes. This helps us to provide certain functionalities of
the Speak Website and Application, to monitor and improve the Speak Website and
Application. We also use cookies and similar tracking technologies on the Speak
Website and Application to allow our partners determine products and services
that may be of interest to you and to display relevant advertising to you as
you browse the Internet.
We use the following types of cookies:
Strictly necessary cookies. These are cookies that
are required for the operation of our Website and Application. They include,
for example, cookies that enable you to log into secure areas of our Website
and Application, use a shopping cart or make use of e-billing services.
Analytical/performance cookies. They allow us to
recognise and count the number of visitors, to see how visitors move around the
Speak Website and Application when they are using it and to monitor the
performance of certain features on the Speak Website and Application. This
helps us to improve the way the Speak Website and Application works, for
example, by ensuring that users are finding what they are looking for easily
and to test the rollout of new features.
Functionality cookies. These are used to recognise
you as you move around the Speak Website and Application and to remember
information that you enter when you use the Speak Website and Application, such
as when you fill in a form.
Advertising / Performance Cookies. These cookies are
used to make advertising messages about Speak that are displayed on third party
websites more relevant to you and your interests. They also perform functions
like preventing the same ad from continuously reappearing, ensuring that ads
are properly displayed, and choosing which ads to display to you based on your
interests.
Third party cookies. These cookies are used by third
parties on our Website for the purposes of serving relevant advertisements to
you based on your interests on our Services.
The table at this paragraph 8 sets out more information
about the cookies we use and how long they remain on your device.
Other than cookies that are required to operate the
Website, we will only place cookies on your device with your consent. You can
also change your preferences in relation to the cookies you consent to receive
by using our cookie management tool.
You also have the ability to opt out by disabling cookies
in your browser or mobile settings. These settings will typically be found in
the "options" or "preferences" menu of your browser. In
order to understand these settings, the following links may be helpful,
otherwise you should use the "Help" option in your browser for more
details.
Cookie settings in
Internet Explorer
Cookie
settings in Firefox
Cookie settings in
Chrome
Cookie
settings in Safari web and iOS.
|
Cookie Name
|
Type of cookie
|
When is the cookie set?
|
How long does the cookie stay on my device?
|
Purposes / Additional information
|
|
Website Cookies and Tracking Technologies
|
|
|
|
|
|
Enzuzo
|
Essential
|
When the user first visits the Speak Website
|
Until Cleared
|
Powers our Cookie banner
|
|
Karrot Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
|
Naver Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
|
Hotjar
|
Analytical/Performance
|
When the user first visits the Speak Website
|
Until Cleared
|
Software which lets us better understand users behavior
on our website
|
|
Facebook Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
|
Google Tag Manager
|
Analytical/Performance
|
When the user first visits the Speak Website
|
Until Cleared
|
Software which lets us better understand users behavior
on our website
|
|
Google Analytics
|
Analytical/Performance
|
When the user first visits the Speak Website
|
Until Cleared
|
Software which lets us better understand users behavior
on our website
|
|
Twitter Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
|
Google Ads Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
|
Segment
|
Analytical/Performance
|
When the user first visits the Speak Website
|
Until Cleared
|
Software which lets us better understand users behavior
on our website
|
|
TikTok Pixel
|
Advertising
|
When the user first visits the Speak Website
|
Until Cleared
|
Enables more relevant messaging
|
TRACKING TECHNOLOGIES USED IN OUR EMAILS
Our emails may contain tracking pixels that identify email
performance information, including delivery status, if and when you have opened
an email that we have sent to you, how many times you have read it, and whether
you have clicked on any links in that email. We use this information on an
aggregate basis to help us measure the effectiveness of our marketing email
campaigns, make the emails we send to you more relevant to your interests and
to understand if you have opened and read any important administrative emails
we might send you.
STORING AND TRANSFERRING YOUR PERSONAL DATA
Security. We implement appropriate technical and
organisational measures to protect your personal data against accidental or
unlawful destruction, loss, change or damage. All personal data we collect will
be stored on our secure servers. We will never send you unsolicited emails or
contact you by phone requesting your account ID, password, credit or debit card
information.
International Transfers of your personal data. The
personal data we collect may be transferred to and stored in countries outside
of the jurisdiction you are in where we and our third party service providers
have operations. If you are located in the UK or European Economic Area ("EEA"),
your personal data may be processed outside of the UK or EEA. These
international transfers of your personal data will be made pursuant to
appropriate safeguards, including:
ensuring that the personal data is transferred to countries
recognised by the European Commission or the UK Secretary of State (as
applicable) as offering an equivalent level of protection; or
ensuring that such transfer is to a third party who uses
appropriate safeguards in respect of the processing in question, including but
not limited to the EU-U.S. Data Privacy Framework and the UK or EU standard
contractual clauses, which are recognised as offering adequate protection for
the rights and freedoms of data subjects, as determined by the European
Commission or the UK Secretary of State (as applicable).
We may transfer your personal data to, or store your
personal data in, the following countries:
|
Country
|
Appropriate Safeguard
|
|
USA
|
For EEA users: the Standard Contractual Clauses
annexed to Commission Implementing Decision (EU) 2021/914.
|
|
For UK users: the template Addendum issued by the
UK Information Commissioner and laid before the UK Parliament in accordance
with s119A of the Data Protection Act 2018 on 2 February 2022, as it is
revised under Section 18 of the Approved Addendum.
|
|
(For EEA users) UK
|
Adequacy Decision as adopted by the European Commission
on the basis of Article 45 of Regulation (EU) 2016/679 (the GDPR).
|
|
(For UK users) EEA
|
Adequacy Decision as adopted by the UK Secretary of State
on the basis of Sections 17A and 17B(12) (and 74A and 74B) of the Data
Protection Act 2018.
|
We will take appropriate steps to ensure that your personal
data is treated securely and in accordance with applicable law and these
Privacy Disclosures regardless of where it is processed.
If you wish to enquire further about the safeguards we use,
please contact us using the details set out at the end of these Privacy
Disclosures.
PROFILING
We may analyse personal data we have collected about you to
create a profile of your interests and preferences so that we can contact you
with information that is relevant to you. We may make use of additional
information about you when it is available from external sources to help us do
this effectively.
YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA
In accordance with applicable privacy laws, you have the
following rights in respect of your personal data that we hold:
Right of access. You have the right to obtain:
confirmation of whether, and where, we are processing your
personal data;
information about the categories of personal data we are
processing, the purposes for which we process your personal data and
information as to how we determine applicable retention periods;
information about the categories of recipients with whom we
may share your personal data; and
a copy of the personal data we hold about you.
Right of portability. You have the right, in certain
circumstances, to receive a copy of the personal data you have provided to us
in a structured, commonly used, machine-readable format that supports re-use,
or to request the transfer of your personal data to another person.
Right to rectification. You have the right to obtain
rectification of any inaccurate or incomplete personal data we hold about you
without undue delay.
Right to erasure. You have the right, in some
circumstances, to require us to erase your personal data without undue delay if
the continued processing of that personal data is not justified.
Right to restriction. You have the right, in some
circumstances, to require us to limit the purposes for which we process your
personal data if the continued processing of the personal data in this way is
not justified, such as where the accuracy of the personal data is contested by
you.
Right to withdraw consent. There are certain
circumstances where we require your consent to process your personal data. In
these instances, and if you have provided consent, you have the right to
withdraw your consent. If you withdraw your consent, this will not affect the
lawfulness of our use of your personal data before your withdrawal.
You have a right to object to any processing based on
our legitimate interests. There may, depending on the particular circumstances,
be compelling reasons for continuing to process your personal data despite your
objection, and we will assess and inform you if that is the case. You can
object to marketing activities for any reason.
In some jurisdictions, you have the right to stipulate
instructions concerning the conservation, deletion and communication of your
personal data after your death. In the absence of instructions to the contrary
from the deceased, it is possible for heirs to request that data processors
take into account the death of the deceased with a view to deleting or updating
the deceased's account.
If you wish to exercise one of these rights, please contact
us using the contact details at the end of these Privacy Disclosures.
We will not charge you a fee for complying with your
request to exercise one of these rights, other than where the request is
manifestly unfounded or excessive (such as if you submit a number of repeated
requests), in which case we may charge you a reasonable fee to cover our
administrative costs.
Due to the confidential nature of data processing we may
ask you to confirm your identity when exercising the above rights.
You also have the right to lodge a complaint to a data
protection authority. If you are based in the European Union, information about
how to contact a data protection authority is available here.
If you are based in the UK, information about how to contact your local data
protection authority is available here.
NOTICE TO YOU
If we need to provide you with information about something,
whether for legal, marketing or other business-related purposes, we will select
what we believe is the best way to get in contact with you. We will usually do
this through email or by placing a notice on the Speak Website and Application.
CONTACTING US
Please contact [email protected]
if you have any questions, comments and requests regarding these Privacy
Disclosures.
14. ADDITIONAL KOREA
DISCLOSURES
1. Collection and Use of Personal data
We collect various categories and types of personal data
from a variety of sources and for a variety of purposes. To learn more about
the types of personal data we collect, the sources from which we collect or
receive personal data, and the purposes for which we use personal data, please
review the How We Collect and Use Personal Data and Our Disclosure of
Personal Data sections of our Privacy Notice to learn more.
We collect and process the following categories of personal
data based on your consent:
Newsletter, Marketing Emails, and Blog Information
Feedback Information
Other Information
Automatically Collected Personal Data for the purpose of interest-based
advertising
Separately, we may collect and use the following categories
of personal data without your consent, based on other legal
grounds, specifically Article 15(1)(4) of the Personal Information
Protection Act (performance of a contract with the data subject):
Account Information
Payment Information
Audio Information
Inquiry and Communications Information
Business Representative Contact Information
Automatically Collected Personal Data used for providing personalized
(non-advertising) service
2. Data Retention
To learn more about our data retention practices, please
review the Data Retention section of our Privacy Notice to learn more.
As noted in the Data Retention section of our
Privacy Notice, we retain personal data only for as long as reasonably
necessary for the purposes for which it was collected, or as required under
applicable law. In accordance with Korean law, we may be required to retain
certain types of personal data for longer periods, as outlined below:
Records related to contracts or withdrawal of offers: 5 years
(Pursuant to Article 6(1)(2) of the Enforcement Decree of the Act on Consumer
Protection in Electronic Commerce)
Records related to payment and the supply of goods or services: 5
years
(Article 6(1)(3) of the same Enforcement Decree)
Records related to consumer complaints or dispute resolution: 3
years
(Article 6(1)(4) of the same Enforcement Decree)
Records related to labeling and advertising: 6 months
(Article 6(1)(1) of the same Enforcement Decree)
Records of telecommunications data, including computer
communications, internet log records, and tracking data of access sources: 3
months
(Article 15-2(2) of the Protection of Communications Secrets Act)
3. Transfer of Personal Data Abroad and Outsourcing of
Personal Data Processed
For information on how we may transfer your personal data
and outsource our personal data processing activities, please see Annex 1
of our Privacy Notice.
4. Rights of Users and Legal Representatives and Their
Exercise Methods
Users can exercise the following rights related to personal
data protection at any time against Speakeasy Labs, Inc.
·
Request for personal data perusal
·
Request for transmission of their personal data
·
Request for correction in case of error
·
Request for deletion
·
Request for processing stop
·
Withdrawal of consent to the processing of personal data
Users can request for these rights through Speakeasy Labs,
Inc. by letter, phone, email, fax, etc., and Speakeasy Labs, Inc. will take
immediate action.
When users request corrections or deletions of personal
data errors and omissions, Speakeasy Labs, Inc. does not use or provide the
personal data until the correction or deletion is completed.
Such rights can also be exercised through a legal
representative or assigned agent of the user. In such cases, a power of
attorney in the form of Form 11 of the Notification on the Methods of
Processing Personal Data (Personal Information Protection Commission
Notification No. 2025-5) must be submitted. Users should not violate other
users' personal data or their privacy by violating relevant laws and
regulations concerning the protection of personal data processed by Speakeasy
Labs, Inc.
Speakeasy Labs, Inc. is not intended for users under the
age of 14 years old. Therefore, we do not knowingly collect and use the
personal data of children under 14.
5. Procedure and Method of Personal data Destruction
The procedure and method of destroying personal data in
Speakeasy Labs, Inc. are as follows.
Destruction Procedure
When the purpose of processing personal data is achieved,
we immediately destroy the personal data that has become unnecessary. When
personal data should be preserved according to the provisions of relevant laws
and regulations, we will separately store and manage the personal data or
personal data file. At the time of destruction, we: select relevant personal
data for which the cause of destruction has occurred, receive the approval of
the personal data officer for it, and then destroy it.
Destruction Method
Personal data printed on paper is shredded using a
shredder, and personal data stored in the form of electronic files is deleted
using a technical method that makes records irreversible.
6. Matters on the Guarantee of Personal data Safety
Speakeasy is implementing various safety measures to ensure
that personal data is not stolen, leaked, altered, or damaged in the course of
processing the personal data of users.
User personal data is encrypted and stored and managed. It
is transmitted over encrypted communication (SSL), and passwords are stored and
managed by one-way encryption, which is impossible to decrypt.
A system is installed in an area where access is controlled
from the outside to prevent the theft or damage of personal data from hacking
or computer viruses.
Data is regularly backed up to prevent damage to user
personal data or data. The latest antivirus programs are used to prevent user
personal data or data from being leaked or damaged, and technology such as
encrypted communication (SSL) is used for secure network transmission of personal
data.
Unauthorized access from the outside is controlled using an
intrusion blocking system. We are making all possible technical efforts to
ensure system security.
The number of employees processing personal data is
minimized to reduce the risk of personal data leakage.
Systematic standards are established for database systems
that store personal data and systems that process personal data, and continuous
audit is conducted.
Regular education and campaigns on obligations and security
regarding personal data protection are conducted for employees who process
personal data.
An internal management plan is being implemented for the
safe processing of personal data.
7. Name and Contact Information of the Personal data
Protection Officer and Corresponding Department
Personal Data Protection Officer
Name: Connor Nicolai Zwick
Position: Chief Executive Officer
Email: [email protected]
Personal Data Protection Department
Department: Development Team
In-charge: Andrew Hsu
Position: Chief Technology Officer
Email: [email protected]
Users can inquire Speakeasy on all personal data
protection-related queries, complaint handling, damage relief, etc., and
Speakeasy will respond and process your inquiries without delay.
In case of need for reporting or consultation about
personal data, please contact the following institution:
Personal data Infringement Report Center (http://privacy.kisa.or.kr / 118 Toll-free)
Cyber Investigation Department (http://www.spo.go.kr / 1301 Toll-free)
Cyber Safety Division (http://cyberbureau.police.go.kr /
182 Toll-free)
Appointment of Domestic Representative
Domestic Representative
Name: Speakeasy Labs Korea Co., Ltd. (Representative Lee
Seung-Yeop)
Address: 9th floor, BMY Yeoksam Tower, 16, Teheran-ro
27-gil, Gangnam-gu, Seoul
Phone Number: 1668-1051
Email: [email protected]
The domestic corporate body is a marketing service company
for the US corporate body, Speakeasy Labs, Inc. Necessity permitting, the
appointed representative performs the duties of the information management
officer, handles notification of loss, theft, leakage of personal data, and
submits data to the Personal Data Protection Commission.
15. ADDITIONAL JAPAN
DISCLOSURES
1. Collection and Use of Personal data
We collect various categories and types of personal data
from a variety of sources and for a variety of purposes. To learn more about
the types of personal data we collect, the sources from which we collect or
receive personal data, and the purposes for which we use personal data, please
review the How We Collect and Use Personal Data and Our Disclosure of
Personal Data sections of our Privacy Notice to learn more.
2. Data Retention
To learn more about our data retention practices, please
review the Data Retention section of our Privacy Notice to learn more.
3. Transfer of Personal Data Abroad and Outsourcing of
Personal Data Processed
For information on how we may transfer your personal data
and outsource our personal data processing activities, please see Annex 1
of our Privacy Notice.
4. Procedure and Method of Personal data Destruction
The procedure and method of destroying personal data in
Speakeasy Labs, Inc. are as follows.
Destruction Procedure
When the purpose of processing personal data is achieved,
we immediately destroy the personal data that has become unnecessary. When
personal data should be preserved according to the provisions of relevant laws
and regulations, we will separately store and manage the personal data or
personal data file. At the time of destruction, we: select relevant personal
data for which the cause of destruction has occurred, receive the approval of
the personal data officer for it, and then destroy it.
Destruction Method
Personal data printed on paper is shredded using a
shredder, and personal data stored in the form of electronic files is deleted
using a technical method that makes records irreversible.
5. Rights of Users and Legal Representatives and How to
Exercise Them
Users can inquire or modify their own registered personal
data at any time. Also, they can request deletion, processing stoppage, and
withdrawal of consent to collection and use of such information.
Disclosure of Personal Data
If a user requests the disclosure of personal data, Speak
will disclose it to the user without delay. However, in cases where disclosure
might result in any of the following, we may not disclose all or part of the
information, and if we decide not to disclose it, we will notify you without
delay.
When there is a risk of harming the life, body, property or
other rights and interests of the person or a third party
When it may significantly hinder the proper execution of
Speak's business
In other cases where it is contrary to the law
Correction and Deletion of Personal Data
If a user requests a correction for an error in personal
data, Speak will not use or provide the personal data to a third party until
the correction is completed.
Also, if incorrect personal data has already been provided
to a third party, we will notify the third party without delay to make the
corrections.
Speak treats personal data that has been cancelled or
deleted at the request of the user as specified in the "Retention and Use
Period of Personal data" and processes it so that it cannot be viewed or
used for any other purposes.
Please note, only those who are 14 years old or older can
register or use Speak.
6. MEASURES TO ENSURE THE SAFETY OF PERSONAL DATA
Speak implements the following measures to ensure the
safety of users' personal data in order to prevent it from being lost, stolen,
leaked, altered, or damaged while processing users' personal data.
Users' personal data is stored and managed after being
encrypted, is transmitted via encrypted communication (SSL), and passwords are
stored and managed after one-way encryption to make decoding impossible.
We have installed the system in an area where access from
the outside is controlled to prevent leakage or damage of users' personal data
or data by hacking or computer viruses.
In preparation for damage to personal data, data is backed
up regularly, and efforts are made to prevent users' personal data and data
from being leaked or damaged by using the latest antivirus software. We also
ensure that personal data can be securely transmitted over the network through
encrypted communication (SSL).
We are using an intrusion prevention system to control
unauthorized access from the outside, and we are making efforts to equip all
possible technical devices to secure the system in order to ensure system
security.
By minimizing the number of employees who handle personal
data, we are reducing the risk of personal data leakage.
Systems have been established for generating and changing
passwords that can access databases and systems that process personal data, and
the right of access, and continuous audits are carried out.
Regular education on personal data protection obligations
and security is conducted for employees who handle personal data.
An internal management plan has been established and
implemented to ensure the safe processing of personal data.
7. Changes to the Personal data Processing Policy
In case of addition, deletion, or modification of the
contents of this privacy policy, Speak will send a notification via email at
least 7 days before the change.
Enforced on 12/7/23
8. Personal Data Protection Officer and Department
Contact Information
Personal Data Protection Officer
Name: Connor Nicolai Zwick
Position: CEO
Email: [email protected]
Address of the Speakeasy Labs, Inc.: 100 Pine St., Suite
2000, San Francisco, CA 94111.
Department in Charge of Personal Data Protection
Department Name: Development Team
Person in Charge: Andrew David Hsu
Position: CTO
Email: [email protected]
Users can contact the Personal Data Protection Officer and
the designated department for any inquiries, complaints handling, and damage
relief related to protection of personal data arising while using Speak's
services. Speak ensures prompt responses and processing for user inquiries.
If you need further consultation or reports related to
personal data leakage, please contact the following organizations.
Personal data Protection Commission (http://www.ppc.go.jp / 03-6457-9680)
Cyber Security Bureau of the National Police Agency (http://www.npa.go.jp/cybersecurity
/ 03-3581-0141)
Fair Trade Commission Consumer Consultation Room (http://www.caa.go.jp / 0570-064-370)
9. Contact Information
[email protected]
16. ADDITIONAL MEXICO
DISCLOSURES
1. Collection and Use of Personal data
We collect various categories and types of personal data
from a variety of sources and for a variety of purposes. To learn more about
the types of personal data we collect, the sources from which we collect or
receive personal data, and the purposes for which we use personal data, please
review the How We Collect and Use Personal Data and Our Disclosure of
Personal Data sections of our Privacy Notice to learn more.
2. Data Retention
To learn more about our data retention practices, please
review the Data Retention section of our Privacy Notice to learn more.
3. Transfer of Personal Data Abroad and Outsourcing of
Personal Data Processed
For information on how we may transfer your personal data
and outsource our personal data processing activities, please see Annex 1
of our Privacy Notice.
4. Procedure and Method of Personal data Destruction
The procedure and method of destroying personal data in
Speakeasy Labs, Inc. are as follows.
Destruction Procedure
When the purpose of processing personal data is achieved,
we immediately destroy the personal data that has become unnecessary. When
personal data should be preserved according to the provisions of relevant laws
and regulations, we will separately store and manage the personal data or
personal data file. At the time of destruction, we: select relevant personal
data for which the cause of destruction has occurred, receive the approval of
the personal data officer for it, and then destroy it.
Destruction Method
Personal data printed on paper is shredded using a
shredder, and personal data stored in the form of electronic files is deleted
using a technical method that makes records irreversible.
5. Identity and address of the responsible party
Speakeasy Labs, Inc. with address at 100 Pine St, Suite
2000, San Francisco, CA 94111.
6. Users and legal representatives' rights and how to
exercise them:
Options or means offered by the responsible party to
limit the use or disclosure of personal data
To limit the use or disclosure of your personal data, the
owner must send an email to the following email address: [email protected], requesting the
limitation of the use or disclosure in question, where you can ask to be
included in the internal exclusion lists not to be contacted for promotional
and market logic purposes.
Means to exercise your rights of access,
rectification, cancellation, or opposition (“ARCO Rights”)
In accordance with the Law, the owner of personal data has
the right to Access ("Access") the data that the Responsible
party has and to the details of its processing, as well as to Rectify them if
they are inaccurate or incomplete ("Rectification"); Cancel
them within the terms of the Law (“Cancellation”) or Oppose the
processing for specific purposes ("Opposition").
The owner of personal data or his legal representative may
exercise the rights described above through an email to the following email
address: [email protected],
indicating that he is requesting to exercise his ARCO rights. This request may
be through free writing considering the elements of Article 29 of the Law, or
the Privacy Office will send you back the form to exercise ARCO rights as a
response.
For the request to exercise your ARCO rights, you should
consider the following requirements:
Official identification of the owner.
Indicate the email to communicate the response to your
request.
Clear and precise description of the personal data
concerning which it is sought to exercise any of the aforementioned rights.
If the right is exercised by a representative, the official
identification and the document proving their representation must be provided.
If the information provided in the request is insufficient
or wrong to attend to it, or the necessary and indispensable documents for its
attention are not accompanied, the Responsible party may request the necessary
information and/or documentation according to Article 96 of the regulation. The
owner will have 10 business days, to attend to this requirement. The
responsible will answer your request within 20 (twenty) business days from the
date of receipt of your request, this period may be extended only once for an
equal period according to Article 32 of the Law. If the request is appropriate,
it will be made effective within 15 business days.
In case of exercising the right of access, the medium
through which you can obtain the information or personal data requested will be
in simple copies or electronic documents (which will be sent to the email
indicated in your request). The Responsible party may deny access to personal
data, or the rectification or cancellation, or concede the opposition to the
processing, in the cases established in Article 34 of the Law.
The Responsible party will not be obliged to cancel the
personal data of the owner, under the cases established in Article 26 of the
Law.
For clarification regarding the procedure and requirements
for exercising ARCO rights, the empowered figure to provide attention is the
Information Privacy Office. The contact details are as follows: [email protected]
7. Matters related to security measures for personal
data
Speak implements the following security measures to ensure
that personal data is not lost, stolen, leaked, altered, or damaged while it is
processing user's personal data.
Users' personal data is encrypted, stored, and managed, it
is transmitted through encrypted communications (SSL), and passwords are stored
and managed one-way encrypted to make them indistinguishable
A system is installed in an area where access from the
outside is controlled to prevent personal data or user data from being leaked
or damaged due to computer hacking or computer viruses.
Data is regularly backed up to be prepared in case of
damage to personal data, the latest antivirus programs are used to prevent the
leakage or damage of personal data or user data, and encrypted communication
(SSL) is used to safely transmit personal data over the network.
Unauthorized access from outside is controlled using an
intrusion prevention system, and all possible technical devices are being
prepared to ensure system security.
The number of employees who handle personal data is
minimized to reduce the risk of personal data leaks.
Systematic standards are established for password creation,
changes, and access authority for the database system that stores personal data
and the system that processes personal data, and continuous audits are
conducted.
Regular training and campaigns are conducted on the
obligations of personal data protection and security for employees who handle
personal data.
An internal management plan for the safe processing of
personal data is established and implemented.
8. Designation and contact information of the personal
data protection office and responsible department Personal data
protection officer
Name: Connor Nicolai Zwick
Role: CEO
Email: [email protected]
Personal Data Protection Department
Department Name: Development Team
Person in Charge: Andrew David Hsu
Role: CTO
Email: [email protected]
Users may consult all matters related to personal data
protection, complaint handling, and damage compensation derived from using
Speak's services to the Personal data Protection Officer and the responsible
department. Speak will respond and process users' queries promptly.
If you need to report or consult about personal data
breaches, contact the National Transparency Institute, information access, and
personal data protection (INAI):
Website: www.inai.org.mx
Phone: 5550042400
9. Designation of national representative National
representative
Name: Speakeasy Labs Korea Co., Ltd. (Representative Lee
Seung Yeop)
Address: 9th floor, BMY Yeoksam Tower, 16 Teheran-ro
27-gil, Gangnam-gu, Seoul Phone Number: 1668-1051
Email: [email protected]
The national corporation is a marketing service company for
the American corporation Speakeasy Labs Inc. If necessary, the national
representative performs functions such as notifying and reporting personal data
protection officer duties, personal data loss, theft, personal data leakage and
submitting materials to the Personal data Protection Commission.
10. Notification of changes/updates to the privacy
notice
This Privacy Notice may be modified and/or updated at any
time by the Responsible party, to address legislative or jurisprudential
reforms, internal policies, or new requirements, being the updated version
which is published on the website and applicable at all times.
17. ADDITIONAL CHINA
DISCLOSURES
1. Collection and Use of Personal data
We collect various categories and types of personal data
from a variety of sources and for a variety of purposes. To learn more about
the types of personal data we collect, the sources from which we collect or
receive personal data, and the purposes for which we use personal data, please
review the How We Collect and Use Personal Data and Our Disclosure of
Personal Data sections of our Privacy Notice to learn more.
2. Data Retention
To learn more about our data retention practices, please
review the Data Retention section of our Privacy Notice to learn more.
3. Transfer of Personal Data Abroad and Outsourcing of
Personal Data Processed
For information on how we may transfer your personal data
and outsource our personal data processing activities, please see Annex 1
of our Privacy Notice.
4. Procedure and Method of Personal data Destruction
The procedure and method of destroying personal data in
Speakeasy Labs, Inc. are as follows.
Destruction Procedure
When the purpose of processing personal data is achieved,
we immediately destroy the personal data that has become unnecessary. When
personal data should be preserved according to the provisions of relevant laws
and regulations, we will separately store and manage the personal data or
personal data file. At the time of destruction, we: select relevant personal
data for which the cause of destruction has occurred, receive the approval of
the personal data officer for it, and then destroy it.
Destruction Method
Personal data printed on paper is shredded using a
shredder, and personal data stored in the form of electronic files is deleted
using a technical method that makes records irreversible.
5. Rights of the user and legal representative and how
to exercise these rights
Options or methods provided by the controller to
limit the use or disclosure of personal data.
To limit the use or disclosure of their personal data, the
holder should send an email to the following email address: [email protected], requesting limitation
of the use or disclosure involved, and requesting to be included in the
internal do-not-contact list for non-promotion and marketing logic purposes.
The method of exercising access, correction,
deletion, or opposition rights (“ARCO rights”).
In accordance with the law, the holder of personal data has
the right to access the data and details of its procession held by the
controller, and to correct it ("Correct") if it is incorrect
or incomplete; To cancel ("Cancel") or oppose its use for
specific purposes ("Oppose") under the terms provided by law.
The holder of personal data or his legal representative can
exercise the above rights by sending an email to the following address: [email protected], indicating in it the
request to exercise his ARCO rights. This request may be made in free writing,
considering the elements of Article 29 of the law, or the Privacy Office will
send you a format for exercising ARCO rights as a response.
The following requirements must be considered for the
request to exercise ARCO rights:
Legal identification of the holder.
The inclusion of a specified email address to notify its
response to your request.
A clear and precise description of the personal data for
which any of the aforementioned rights are requested to be exercised.
If the right is exercised by a representative, the official
identification and document proving their representative status should be
provided.
If the information requested in the request is insufficient
or wrong for processing, or if the necessary documents are not attached, the
controller may request that it provide the necessary information and/or
documents for processing in accordance with Article 96. The holder has 10
working days to respond to this request. The controller will respond to it
within 20 (twenty) working days after receiving the request. The aforementioned
term can be extended one same term once according to Article 32 of the law. If
the request is approved, it will take effect within 15 working days.
If exercising the right of access, the necessary
information or personal data can be obtained in the form of simple photocopies
or electronic files (which will be sent to the email you specified in your
request). The controller may refuse to access personal data, or perform a
correction or cancellation, or grant the right to oppose the processing of
personal data in the situations listed in Article 34 of the law.
According to the provisions of Article 26 of the Law, the
controller does not need to cancel the personal data of the holder.
To clarify doubts about the procedure and requirements for
exercising ARCO rights, the person responsible for providing attention is the
Information Privacy Office, whose contact information is as follows: [email protected]
6. MATTERS related to the security measures of personal
data
Speak implements the following security measures to ensure
that users' personal data is not lost, stolen, leaked, altered or damaged when
processed.
Users' personal data is encrypted, stored, and managed, and
transmitted through encrypted communication (SSL), and passwords are stored and
managed in a one-way encryption method that cannot be decrypted.
A system is installed in one area, and external access is
controlled to prevent the disclosure or damage of users' personal data or data
due to computer viruses or network attacks.
Data are backed up regularly to prepare for the damage to
users' personal data, the latest antivirus programs are used to prevent the
disclosure or damage of users' personal data or data, and encrypted
communication (SSL) is used to securely transmit personal data over the
network.
Intrusion prevention systems are used to control
unauthorized external access, and all possible technical equipment is prepared
to ensure the security of the system.
The number of employees processing personal data is reduced
to reduce the risk of personal data leakage.
An internal management plan is established and implemented
to process personal data securely.
7. personal data Department in charge of personal data
protection
Designation and contact information of the person and
department in charge of personal data protection Person in charge
of personal data protection
Name: Connor Nicolai Zwick
Position: CEO
Email: [email protected]
Department in charge of personal data protection
Department name: Development Team
Person in charge: Andrew David Hsu
Position: Technical Director
Email: [email protected]
Users can consult the person in charge of personal data
protection and the department in charge about matters related to personal data
protection, complaint handling, and damages resulting from the use of the Speak
service. Speak will respond quickly and handle users' consultations.
8. Designation of National Representative National
Representative
Name: Speakeasy Labs Korea Co., Ltd. (Representative Lee
Seung Yeop)
Address: 27 Teheran-ro 16th Street BMY Yeoksam Building 9th
Floor, Gangnam District, Seoul
Phone Number: 1668-1051
Email: [email protected]
The national company is a company providing market
promotion services for U.S. Speakeasy Labs Inc. If necessary, the national
representative will assume the obligations of notifying and reporting the
personal data protection responsible, personal data loss, theft, leakage, and
submitting data to the personal data protection committee, etc.
9. Notice of changes/updates to the privacy statement
The controller can modify and/or update this privacy
statement at any time to address legislative or judicial reforms, internal
policies, or new needs; updated versions will be posted on the website Privacy
Notice, and this version will always apply.
18. Annex I
The following disclosures apply to residents of China,
Korea, Japan, and Mexico.
1. Outsourcing of Personal Information Processing
Speakeasy Labs, Inc. outsources personal information
processing tasks as follows in order to smooth out personal information-related
tasks. We will disclose this information through the privacy policy, without
hesitation, if the content of the delegated tasks or the trustee changes.
|
Trustee Company Name
|
Contents of Delegated Tasks
|
|
Speakeasy Labs Korea Co., Ltd.
|
Advertisement and service representation
|
|
Speak Japan G.K.
|
Advertisement and service representation
|
|
Peaberry Software Inc. ("http://customer.io/")
|
Receiving marketing emails
|
|
Twilio Inc. ("SendGrid")
|
Receiving notification emails
|
|
FrontApp, Inc.
|
Customer inquiries and refund processing
|
|
SurveyMonkey
|
Recruitment of interview participants and app
satisfaction survey
|
|
Paddle.com/ Market Limited
|
Paid payment agency service, receipt of payment receipt,
refund processing
|
|
NHN Payco
|
Service for paying rewards for referring friends
|
|
Mode Analytics, Inc.
|
Data analysis and ticket issuing services
|
|
Kakao Corp.
|
Kakao Business Channel, Biz Message, 1:1 chat
|
|
Sweet Tracker Co., Ltd.
|
Sending Friend Talk, Alert Talk, and text messages
|
|
Retool Inc.
|
Management of in-house internal services
|
|
Google Cloud Platform ("BigQuery",
"Firebase")
|
Personal information storage and encryption, in-app
real-time user information management
|
|
The PostgreSQL Global Development Group
|
App real-time user information and app content DB
|
|
Integromat LLC
|
Automation of in-house services
|
|
OpenAI, L.L.C.
|
Voice recognition function, provision of real-time
conversation experience, R&D
|
|
|
|
