Skip to main content
phon.ist

Privacy Policy

We believe in transparency. This policy explains how we collect, use, and protect your personal data.

Introduction

At phon.ist, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered phone announcement generation service. We are committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller

The data controller responsible for processing your personal data is:

[COMPANY NAME]

[ADDRESS]

[POSTAL CODE] [CITY]

[COUNTRY]

Email: privacy@phon.ist

Data We Collect

We collect the following types of data:

  • Anonymous Usage Data: We use Matomo analytics (self-hosted) to understand how visitors use our website. This data is anonymized and does not identify individual users.
  • Order Data: When you create an announcement, we collect your email address, the text input you provide, your selected voice preference, and your chosen audio format preset.
  • Payment Data: Payment processing is handled by Stripe. We do not store credit card information. Stripe processes and stores payment data in accordance with their privacy policy and PCI-DSS compliance standards.
  • Generated Audio Files: Audio files created through our service are temporarily stored in S3-compatible storage for delivery purposes.

Legal Basis for Processing (GDPR Art. 6)

We process your personal data based on the following legal grounds:

  • Contract Fulfillment (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which you are a party. This includes processing your order, generating your audio file, and delivering the final product.
  • Legitimate Interest (Art. 6(1)(f) GDPR): We have a legitimate interest in analyzing website usage to improve our service and user experience. This includes anonymized analytics data.
  • Consent (Art. 6(1)(a) GDPR): Where applicable, we may process data based on your explicit consent, which you can withdraw at any time.

Data Storage & Retention

Your data is stored and retained as follows:

  • Database: Order data and user information are stored in our database, which is hosted within the European Union to ensure GDPR compliance.
  • Audio Files: Generated audio files are stored in S3-compatible storage for 30 days after generation to allow for re-downloads. After this period, files are automatically deleted.
  • Order Records: Order data is retained for 7 years as required by tax law and accounting regulations in Germany.
  • Analytics Data: Anonymized analytics data is retained for up to 2 years for statistical purposes.

Third-Party Services

We use the following third-party services to operate our platform:

  • OpenAI: We use OpenAI's text-to-speech API to generate audio. Your text input is sent to OpenAI for processing. Please review OpenAI's Privacy Policy.
  • ElevenLabs: We use ElevenLabs' text-to-speech API for certain voice options. Your text input is sent to ElevenLabs for processing. Please review ElevenLabs' Privacy Policy.
  • Stripe: Payment processing is handled by Stripe. Payment data is processed and stored by Stripe in accordance with their privacy policy. Please review Stripe's Privacy Policy.
  • Matomo Analytics: We use self-hosted Matomo analytics to track website usage. This service is hosted on our own infrastructure and data remains under our control. Analytics are anonymized and do not identify individual users.
  • Glitchtip: We use Glitchtip for error tracking and monitoring to ensure service reliability. Error logs may contain technical information but are anonymized where possible.

Your Rights (GDPR)

Under the General Data Protection Regulation, you have the following rights:

  • Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and access to that data.
  • Right to Rectification (Art. 16 GDPR): You have the right to have inaccurate personal data corrected and incomplete data completed.
  • Right to Erasure (Art. 17 GDPR): You have the right to request deletion of your personal data under certain circumstances (e.g., when data is no longer necessary for the original purpose).
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21 GDPR): You have the right to object to processing of your personal data based on legitimate interests.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe that processing of your personal data violates GDPR.

To exercise any of these rights, please contact us at privacy@phon.ist.

Cookies

We use the following cookies:

  • Matomo Analytics Cookies: We use Matomo analytics cookies to track website usage. These cookies are anonymized and do not identify individual users. You can opt out of Matomo tracking by disabling cookies in your browser settings or using our opt-out mechanism (if available).
  • Stripe Session Cookies: Stripe uses session cookies to process payments securely. These cookies are essential for payment functionality.

Contact

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Email: privacy@phon.ist

Last Updated: December 2024