LEGAL DOCUMENT

Your Privacy, Protected

We believe in transparency. Here's exactly how we handle your data, no legal jargon, just straight facts.

πŸ”

Bank-Level Security

256-bit encryption for all your data, always.

🚫

Never Sold

Your data is never sold to third parties. Period.

✨

You're in Control

Delete your data anytime. No questions asked.

πŸ“Š

What We Collect

Account Info

Just the basics - email and name for your account.

Your Content

Podcast scripts and topics - only for generation.

Usage Analytics

How you use PodThis - helps us improve.

Payment Data

Handled by Stripe - we never see your card.

How We Use Your Information

  • β€’ Provide and improve podcast generation services
  • β€’ Account communication and support
  • β€’ Process payments and manage subscriptions
  • β€’ Ensure platform security and prevent fraud

πŸ›‘οΈ Fort Knox Security

πŸ”

256-bit Encryption

Military-grade encryption for all your data

☁️

Secure Cloud

Google Cloud with automatic backups

πŸ”

Regular Audits

Monthly security scans and updates

πŸ‘€

Limited Access

Only essential team members

You Own Your Data

Full control, no exceptions.

πŸ‘οΈ

View Anytime

Access all your data instantly

πŸ“¦

Export Everything

Download all your content

πŸ—‘οΈ

Delete Permanently

Remove everything, no traces

⏳

Data Retention

We keep your data only as long as necessary:

Account Data

Until account deletion or 3 years of inactivity

Podcast Content

Until you delete it or close your account

Usage Analytics

Aggregated data retained for 26 months

Payment Records

7 years for tax and regulatory compliance

Support Tickets

2 years for service improvement purposes

Server Logs

90 days for security and debugging

πŸ€–

AI & Automated Processing

PodThis uses artificial intelligence to generate podcast content. Here's how your data interacts with AI:

  • β€’ Content Generation: Your topics and prompts are sent to Google Gemini API for script generation and text-to-speech synthesis. Google processes this data under their data processing terms.
  • β€’ No AI Training: Your content is not used to train or fine-tune AI models. It is processed solely to generate your podcasts.
  • β€’ Automated Decisions: We do not make automated decisions that produce legal or similarly significant effects on you. Content moderation may use automated tools, but human review is available on request.
  • β€’ AI-Generated Labels: Audio generated by PodThis may include metadata indicating it was AI-generated, in compliance with the EU AI Act.

Your GDPR Rights

European-level privacy protection for everyone, everywhere.

πŸ“‹

Information

Know what data we collect and why

πŸ”

Access

Get a copy of all your data

✏️

Rectification

Correct inaccurate information

πŸ—‘οΈ

Erasure

"Right to be forgotten" deletion

⏸️

Restrict

Limit how we process data

πŸ“¦

Portability

Export in machine format

🚫

Object

Stop processing for marketing

πŸ€–

Human Review

No fully automated decisions

βš–οΈ Legal Framework

The legal foundations for data processing:

πŸ“‹
Primary

Contract Performance

Essential for providing PodThis services

🎯
Analytics

Legitimate Interests

Service improvement and security

βœ‹
Optional

Consent

Marketing and optional features

πŸ›οΈ
Required

Legal Obligation

Tax and regulatory compliance

πŸ“¬

Exercise Your Rights

Submit a GDPR Request

Quick, easy, and always free.

πŸ“§

Contact Method

Send your request to:

gdpr@podthis.com
⏰

Response Time

Within 30 days

(60 days for complex requests)

πŸ’‘
What to Include:
  • β€’ Your request type (access, deletion, etc.)
  • β€’ Account email address
  • β€’ Specific data you're referring to
  • β€’ Identity verification may be required

Data Protection Officer

Our Data Protection Officer oversees GDPR compliance and data protection practices.

Data Protection Officer

dpo@podthis.com

Contact our DPO for privacy concerns, questions about data processing, or to file a complaint.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we've processed your data in violation of GDPR.

EU Residents

Contact your national data protection authority or the European Data Protection Board

πŸͺ

Cookies

Cookies are small text files stored on your device that remember your preferences and make PodThis work better for you.

⏱️

Session Cookies

Disappear when you close your browser

πŸ“…

Persistent Cookies

Stay for a set period to remember you

πŸ”’

Essential Cookies

Required for PodThis to function properly

Always On
β€’ Authentication state
β€’ Session management
β€’ Security features
πŸ“ˆ

Analytics Cookies

Help us understand how you use PodThis

Optional
β€’ Page load times
β€’ Error tracking
β€’ Usage statistics
βš™οΈ

Functional Cookies

Remember your preferences and settings

Optional
β€’ Theme preferences
β€’ Language settings
β€’ Dashboard layout
🎯

Marketing Cookies

Personalize content and recommendations

Optional
β€’ Content recommendations
β€’ Feature suggestions
β€’ Usage insights

Trusted Partners

πŸ“Š

Google Analytics

Usage statistics and performance monitoring

πŸ’³

Stripe

Secure payment processing and fraud prevention

πŸ›‘οΈ

Cloudflare

Security, performance, and global content delivery

πŸ”₯

Firebase

Authentication and real-time collaboration features

🌐 Browser Controls

  • β€’ Block cookies in browser settings
  • β€’ Use incognito/private mode
  • β€’ Clear cookies manually anytime

🚫 Opt-Out Options

  • β€’ Google Analytics Opt-out
  • β€’ Enable Do Not Track in your browser
  • β€’ Manage preferences in account settings
⚠️

Note: Disabling essential cookies may break PodThis functionality.

🌍

International Data Transfers

PodThis operates on Google Cloud infrastructure. Your data may be transferred to and processed in countries outside your own, including the United States. We protect these transfers through:

Standard Contractual Clauses

EU-approved contracts with all service providers processing data outside the EU/EEA

Adequacy Decisions

Data transferred only to countries with EU-approved privacy standards where applicable

Encryption in Transit

All data transfers are encrypted using TLS 1.3

Data Processing Agreements

Binding agreements with Google Cloud, Stripe, Firebase, and Cloudflare

πŸ›οΈ

California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA/CPRA) provides you with additional rights:

  • β€’ Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you
  • β€’ Right to Delete: Request deletion of your personal information, subject to certain exceptions
  • β€’ Right to Opt-Out: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising
  • β€’ Right to Correct: Request correction of inaccurate personal information
  • β€’ Non-Discrimination: We will not discriminate against you for exercising any of these rights

To exercise these rights, contact us at privacy@podthis.com. We will verify your identity and respond within 45 days.

🚨

Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms:

  • β€’ We will notify affected users within 72 hours of becoming aware of the breach, as required by GDPR
  • β€’ We will notify relevant supervisory authorities as required by applicable law
  • β€’ Notifications will describe the nature of the breach, the data affected, and the measures taken
  • β€’ We will provide guidance on steps you can take to protect yourself

Third-Party Services

We work with trusted partners to provide the best service:

Firebase

Authentication and real-time database

Stripe

Secure payment processing

Google Cloud

AI voice synthesis and infrastructure

Cloudflare

Content delivery and protection

Contact Us

Have questions about our privacy practices? We're here to help.

Privacy Team

privacy@podthis.com

Last updated: February 11, 2026