Pulspace®Back to Home

Privacy Policy

Last updated: 1/2/2026

BETA SERVICE NOTICE

Pulspace® is currently in beta testing. We are actively improving our service and privacy practices. This policy may be updated frequently as we refine our processes.

1. Data Controller Information

The data controller responsible for your personal information is:

Pulspace®
Email: info@pulspace.com

2. Information We Collect

2.1 Voice Recordings (With Your Consent)

When you provide feedback through our platform:

  • Voice Audio: Temporary recordings for transcription only. Audio is automatically deleted within 60 seconds after transcription.
  • Consent: By clicking "Start Recording," you consent to voice recording and processing.
  • Legal Basis: Consent (GDPR Article 6(1)(a)) and Legitimate Interest (Article 6(1)(f))

2.2 Transcribed Feedback

  • Text Transcripts: Text versions of your feedback, stored securely
  • AI Analysis: Sentiment scores, summaries, and categorization
  • Metadata: Timestamp, survey ID, optional ratings

2.3 Account Information

  • Organization Details: Business name, email address
  • Authentication: Encrypted passwords (we never store plain text)
  • Billing Info: Processed securely by Stripe (we don't store credit cards)

2.4 Cookies and Tracking

  • Essential Cookies: Authentication tokens (org_token) - required for service
  • Analytics: We may use anonymized usage data to improve the service
  • Your Control: You can delete cookies anytime via browser settings

3. How We Use Your Information

We process your data for the following purposes:

  • Service Delivery: Transcribe audio, analyze sentiment, generate insights (Legal basis: Contract performance)
  • Service Improvement: Improve AI accuracy and features (Legal basis: Legitimate interest)
  • Billing: Process payments via Stripe (Legal basis: Contract performance)
  • Security: Prevent fraud and abuse (Legal basis: Legitimate interest)
  • Communication: Service updates and support (Legal basis: Legitimate interest)

4. Data Sharing and Third Parties

We share data only with trusted service providers:

  • OpenAI (USA): Transcription (Whisper API) and sentiment analysis (GPT-4). Covered by OpenAI's Data Processing Addendum (DPA) for GDPR compliance. Audio is not stored by OpenAI.
  • Supabase (USA/EU): Database and storage. ISO 27001 certified. Data encrypted at rest and in transit.
  • Vercel (USA): Hosting and deployment. SOC 2 Type 2 certified.
  • Stripe (USA/EU): Payment processing. PCI DSS compliant. We never see your credit card details.

We never sell your data to third parties.

5. Data Retention

  • Audio Files: Deleted within 60 seconds after transcription
  • Feedback Transcripts: Retained while your account is active, or until you request deletion
  • Account Data: Deleted within 30 days of account closure
  • Billing Records: Retained for 7 years for tax compliance (legal requirement)
  • Anonymized Analytics: May be retained indefinitely for service improvement

6. Your Data Rights (GDPR)

If you're in the EU/UK, you have the following rights:

  • Right to Access: Request a copy of your data (email info@pulspace.com)
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data
  • Right to Data Portability: Export your data in CSV format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent for voice recording at any time
  • Right to Lodge a Complaint: Contact your local data protection authority

To exercise these rights, email info@pulspace.com. We'll respond within 30 days.

7. Data Security

We implement industry-standard security measures:

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for data at rest
  • Secure authentication with HTTP-only cookies
  • Regular security audits and penetration testing
  • Access controls and least-privilege principles
  • Bot detection and rate limiting to prevent abuse

However, no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security during beta testing.

8. International Data Transfers

Your data may be transferred to and processed in the United States. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) with all US-based processors
  • OpenAI's GDPR-compliant Data Processing Addendum
  • Encryption during transit and at rest

9. Children's Privacy

Pulspace® is not intended for use by individuals under 16 years old. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately at info@pulspace.com.

10. California Privacy Rights (CCPA)

If you're a California resident, you have additional rights:

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to opt-out of data sales (we don't sell data)
  • Right to non-discrimination for exercising your rights

11. Changes to This Policy

We may update this Privacy Policy as we improve our service. Changes will be posted on this page with an updated "Last updated" date. For material changes, we will notify you via email.

During beta testing, we may update this policy more frequently than usual.

12. Contact Us

For privacy questions, data requests, or concerns:

Email: info@pulspace.com
Subject Line: "Data Privacy Request"
Response Time: Within 30 days