This Notice explains how we collect, use, share, and protect personal data when you visit scribie.com, create an account, communicate with us, or use our Services. For personal data inside Customer Content, we act as a processor—see our DPA.
1. Personal data we collect
- Account & contact data: name, email, billing details, company, role.
- Transaction data: order history, invoices, payment confirmations (payments handled by our processor; we don’t store full card numbers).
- Service data: files you upload (audio/video), transcripts, preferences, project metadata.
- Device/usage data: IP address, device identifiers, browser, pages viewed, timestamps, and similar telemetry.
- Support & communications: help requests, feedback, call recordings (if applicable).
- Marketing preferences: your choices regarding newsletters and promotions.
- Sources: directly from you; from your organization; automated via your device; or (for B2B contacts) business‑to‑business sources.
2. Why we process your data & lawful bases
- Provide & support the Service (Contract, Art. 6(1)(b)).
- Billing & compliance (Legal obligation, Art. 6(1)(c)).
- Security & fraud prevention (Legitimate interests, Art. 6(1)(f)).
- Product analytics (Consent, Art. 6(1)(a))—when allowed.
- Marketing communications (Consent, Art. 6(1)(a); opt‑out Art. 21(2)).
- Respond to inquiries (Legitimate interests, Art. 6(1)(f)).
We do not use personal data in Customer Content to train models or create derivative works unless a customer opts in separately.
3. Cookies & tracking
We use necessary cookies to run our site and (with your consent) analytics/advertising cookies. See our Cookie Policy, where you can also change your choices at any time.
4. Sharing your data
We share data with service providers (cloud hosting, email, analytics, payments, support tools) under contracts that limit their use to our instructions. For Customer Content processing we use sub‑processors listed at /legal/subprocessors. We also share data if required by law or to protect rights and safety, or with your direction.
5. International transfers
If we transfer personal data outside the EEA/UK, we use appropriate safeguards such as the EU Standard Contractual Clauses (SCCs 2021/914) and UK addendum, plus additional measures as needed. You can request a copy of relevant safeguards.
6. Retention
We retain personal data only as long as necessary for the purposes described in this Notice, to provide the Services, or as required by law. Retention periods may vary based on account settings, contractual obligations, and legal requirements (e.g., tax and accounting records).
7. Your rights (EEA/UK)
You have the right to access, rectify, erase, restrict or object to processing, and data portability. Where processing is based on consent, you may withdraw consent at any time (it won’t affect prior processing). You may object to direct marketing at any time.
To exercise rights: use /privacy/requests or email privacy@scribie.com. We respond within one month (extendable by two months for complex requests).
8. Children
Our Service is not directed to children, and we do not knowingly collect personal data from children.
9. Security
We apply technical and organizational measures appropriate to the risk (encryption in transit/at rest, access controls, monitoring, incident response). See /trust for details.
10. Automated decisions
We do not make decisions with legal or similarly significant effects based solely on automated processing. If that changes, we will provide meaningful information about the logic involved and your rights.
11. How to contact us & complain
Questions? Please use /privacy/requests or contact us via /contact. EEA/UK: You can also complain to your local supervisory authority (see EDPB/ICO websites).
12. Changes to this Notice
We’ll post updates on this page and adjust the Effective date. If changes are material, we will notify you.