Skip to main content
Pulspace®Back to Home

Privacy Policy

Last updated: January 2026

This Privacy Policy explains how Pulspace ("we", "our", or "us") collects, uses, and protects your personal data when you use our voice feedback platform. By using the Service, you agree to the terms of this Privacy Policy.

YOUR DATA IS NEVER USED TO TRAIN AI MODELS

All feedback collected through Pulspace is anonymous and belongs to you. We use enterprise AI APIs which explicitly exclude customer data from model training. Your voice recordings, transcripts, and insights are processed solely to deliver our service — never to train or improve AI models.

1. Definitions

  • Service refers to the Pulspace voice feedback platform and related services.
  • You means the individual or organization accessing or using the Service.
  • Personal Data is any information that can be used to identify you, such as your name, email address, or voice recordings.
  • Organization refers to a business account that creates surveys and collects feedback.
  • Respondent refers to an individual who provides voice or text feedback through the Service.

2. Data Controller

The data controller responsible for your personal information is:

Pulspace
Email: info@pulspace.com

Learn more about our voice feedback platform and how it helps businesses gather customer insights.

3. What Data We Collect

Voice Recordings

When you provide feedback through our platform:

  • Voice Audio: Temporary recordings for transcription only. Audio is automatically deleted within 60 seconds after transcription.
  • Consent: By clicking "Start Recording," you consent to voice recording and processing.
  • Legal Basis: Consent (GDPR Article 6(1)(a)) and Legitimate Interest (Article 6(1)(f))

Transcribed Feedback

  • Text Transcripts: Text versions of your feedback, stored securely
  • AI Analysis: Sentiment scores, summaries, and categorization
  • Metadata: Timestamp, survey ID, optional ratings

Account Information

  • Organization Details: Business name, email address
  • Authentication: Encrypted passwords (we never store plain text)
  • Billing Info: Processed securely by Stripe (we do not store credit cards)

Image Uploads (Pro Tier)

  • Image Files: Photos uploaded to accompany voice feedback (JPEG, PNG, WebP)
  • AI Moderation: Images analyzed for safety using industry-standard AI moderation
  • AI Analysis: Caption generation using enterprise vision AI
  • Storage: Securely stored in Supabase Storage with encrypted transmission
  • Content Policy: Inappropriate content blocked per our Content Moderation Policy

Cookies and Tracking

  • Essential Cookies: Authentication tokens (org_token) - required for service
  • Analytics: We may use anonymized usage data to improve the service
  • Your Control: You can delete cookies anytime via browser settings

4. How We Use Your Data

We process your data for the following purposes:

  • Service Delivery: Transcribe audio, analyze sentiment, generate insights (Legal basis: Contract performance)
  • Service Improvement: Improve AI accuracy and features (Legal basis: Legitimate interest)
  • Billing: Process payments via Stripe (Legal basis: Contract performance)
  • Security: Prevent fraud and abuse (Legal basis: Legitimate interest)
  • Content Safety: AI moderation to detect inappropriate content (Legal basis: Legitimate interest)
  • Communication: Service updates and support (Legal basis: Legitimate interest)

5. Third-Party Services

We use the following third-party providers to process your data:

AI Processing Provider (USA)

  • Purpose: Speech-to-text transcription, sentiment analysis, image moderation, image captioning
  • Data: Voice audio (temporary), text transcripts, uploaded images
  • Audio is not stored after processing
  • Enterprise API tier with Data Processing Addendum (DPA) for GDPR compliance
  • Customer data explicitly excluded from AI model training

SELF-HOSTED & OPEN-SOURCE OPTIONS AVAILABLE

For organizations requiring maximum data sovereignty, we offer self-hosted deployment options and can integrate open-source AI models upon request. This ensures your data never leaves your infrastructure. Contact us at info@pulspace.com to discuss enterprise deployment options.

Supabase (USA/EU)

  • Purpose: Database, authentication, and file storage
  • Data: Account information, transcripts, images, analytics
  • ISO 27001 certified. Data encrypted at rest and in transit.
  • Supabase Privacy Policy

Vercel (USA)

Stripe (USA/EU)

  • Purpose: Payment processing
  • Data: Billing information (we never see your credit card details)
  • PCI DSS Level 1 compliant
  • Stripe Privacy Policy

We never sell your data to third parties.

6. Data Retention

  • Audio Files: Deleted within 60 seconds after transcription
  • Feedback Transcripts: Retained while your account is active, or until you request deletion
  • Account Data: Deleted within 30 days of account closure
  • Billing Records: Retained for 7 years for tax compliance (legal requirement)
  • Anonymized Analytics: May be retained indefinitely for service improvement

7. Your Rights Under GDPR

If you are in the EU/UK, you have the following rights:

  • Right to Access - Request a copy of your data
  • Right to Rectification - Correct inaccurate data
  • Right to Erasure - Request deletion of your data ("Right to be Forgotten")
  • Right to Data Portability - Export your data in CSV format
  • Right to Object - Object to certain types of processing
  • Right to Withdraw Consent - Withdraw consent for voice recording at any time
  • Right to Restrict Processing - Limit how we process your data
  • Right to Lodge a Complaint - Contact your local Data Protection Authority

To exercise these rights, email info@pulspace.com. We will respond within 30 days.

8. Data Security

We implement industry-standard security measures:

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for data at rest
  • Secure authentication with HTTP-only cookies
  • Regular security audits and penetration testing
  • Access controls and least-privilege principles
  • Bot detection and rate limiting to prevent abuse
  • PII redaction in transcripts (emails, phone numbers, addresses)

No system is 100% secure. While we implement industry-standard security measures, we continuously work to improve our security practices.

9. International Data Transfers

Your data may be transferred to and processed in the United States. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) with all US-based processors
  • Data Processing Agreements with all service providers (Supabase, Vercel, Stripe, AI providers)
  • Encryption during transit and at rest

10. Children's Privacy

Pulspace is not intended for use by individuals under 16 years old. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately at info@pulspace.com.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to Know - What personal information we collect
  • Right to Delete - Request deletion of your personal information
  • Right to Opt-Out - Opt out of data sales (we do not sell data)
  • Right to Non-Discrimination - Equal service regardless of exercising your rights

12. Changes to This Policy

We may update this Privacy Policy as we improve our service. Changes will be posted on this page with an updated "Last updated" date. For material changes, we will notify you via email.

13. Contact Us

For privacy questions, data requests, or concerns:

Email: info@pulspace.com
Subject Line: "Data Privacy Request"
Response Time: Within 30 days

For questions about service terms, billing, or account issues, see our Terms of Service.