Privacy by design: GDPR Compliant EU Data Centers No Data Sales End-to-End Encrypted
EaseTalk

Privacy Policy

Your privacy and data protection are our top priorities

Last updated: January 2025 • GDPR Compliant

All data encrypted & stored in EU

Quick Summary:

EaseTalk is designed with privacy by design principles. We collect minimal data necessary for app functionality, store everything securely in EU-compliant Firebase servers, and never sell your personal information. You have full control over your data.

1. Introduction

EaseTalk ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with all applicable data protection laws, including the General Data Protection Regulation (GDPR), Digital Services Act (DSA), and App Store guidelines.

This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our mobile application and related services.

2. Data Controller Information

Data Controller: EaseTalk
Contact: marcofaggiani04@gmail.com
Location: Cork, Ireland (EU)
DPO Contact: Available upon request

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent (Art. 6(1)(a)): For optional features like analytics and marketing communications
  • Contract Performance (Art. 6(1)(b)): To provide our speech practice services
  • Legitimate Interest (Art. 6(1)(f)): For app improvement and security
  • Special Category Data (Art. 9(2)(a)): Explicit consent for health-related speech data

4. Information We Collect

4.1 Personal Information

  • Account information (email, name, age range)
  • Profile preferences and settings
  • Therapist connection data (if applicable)

4.2 Speech and Health Data

  • Voice recordings during practice sessions
  • Speech pattern analysis and fluency metrics
  • Progress tracking and mood logs
  • Practice session history and performance data

4.3 Technical Data

  • Device information and operating system
  • App usage analytics and crash reports
  • IP address and general location (country level)
  • Firebase Analytics data (anonymized)

4.4 Therapist Integration Data

  • Therapist-assigned exercises and goals
  • Shared progress reports and session summaries
  • Communication logs between user and therapist

5. How We Use Your Information

5.1 Core App Functionality

  • Provide AI-powered speech practice sessions
  • Generate personalized feedback and recommendations
  • Track your progress and improvement over time
  • Enable therapist collaboration features

5.2 Service Improvement

  • Analyze usage patterns to improve app features
  • Develop better AI models for speech analysis
  • Identify and fix technical issues
  • Conduct research for speech therapy advancement

5.3 Communication

  • Send important service updates and notifications
  • Provide customer support
  • Share relevant educational content (with consent)

6. Data Storage and Security

Firebase Infrastructure

We use Google Firebase services hosted in EU data centers to ensure GDPR compliance:

  • Firestore Database (EU-west): User profiles and progress data stored in EU-west region
  • Firebase Authentication (EU storage): Secure user login configured for EU data storage
  • Firebase Storage (EU-west): Encrypted voice recordings stored in EU-west region
  • Firebase Analytics: Anonymized insights with EU data processing
Security Measures
  • End-to-end encryption for voice recordings
  • TLS/SSL encryption for data transmission
  • Regular security audits and penetration testing
  • Access controls and authentication protocols
  • Automated backup and disaster recovery systems

6.3 Data Retention

  • Account Data: Retained while account is active + 30 days after deletion
  • Voice Recordings: Automatically deleted after 90 days unless saved by user
  • Progress Data: Retained for 2 years for continuity of care
  • Analytics Data: Anonymized and retained for 26 months (Google Analytics standard)

7. Data Sharing and Third Parties

7.1 We DO NOT sell your personal data

EaseTalk will never sell, rent, or trade your personal information to third parties for marketing purposes.

7.2 Limited Sharing Scenarios

  • Therapist Integration: When therapists use EaseTalk to monitor client progress, they act as independent data controllers for their therapeutic relationship. EaseTalk processes this data on their behalf as a data processor. Both EaseTalk and therapists are responsible for GDPR compliance in their respective roles. Progress data is shared with connected therapists only with explicit user consent.
  • Service Providers: Google Firebase (EU-based, GDPR-compliant). We have signed GDPR-compliant Data Processing Agreements with all service providers, including Google Firebase, which is covered by Google Cloud Data Processing Terms with Standard Contractual Clauses for EU data protection.
  • Legal Requirements: When required by law or to protect user safety
  • Business Transfers: In case of merger/acquisition (with user notification)

7.3 International Transfers

All data processing occurs within the EU. Any transfers outside the EU are protected by:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Explicit user consent where required

8. Your Rights Under GDPR

As an EU resident, you have comprehensive rights over your personal data:

Access & Portability
  • Right of Access: Request a copy of your data
  • Data Portability: Export in machine-readable format
Correction & Deletion
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request data deletion
  • Right to be Forgotten: Complete removal
Processing Control
  • Restrict Processing: Limit data use
  • Right to Object: Opt-out of processing
  • Withdraw Consent: Revoke permissions

8.4 Exercising Your Rights

To exercise any of these rights, contact us at marcofaggiani04@gmail.com. We will respond within 30 days and may request identity verification for security purposes.

9. Children's Privacy

EaseTalk is designed for users aged 13 and above. We do not knowingly collect personal information from children under 13. If we discover such data has been collected, we will delete it immediately.

For users aged 13-16 in the EU, parental consent may be required in accordance with local GDPR implementations.

10. Cookies and Tracking

Our mobile app uses minimal tracking technologies:

  • Essential Cookies: Required for app functionality (no consent needed)
  • Analytics Cookies: Firebase Analytics (with consent)
  • Performance Cookies: Crash reporting and performance monitoring

You can manage cookie preferences in the app settings.

11. AI and Automated Decision Making

EaseTalk uses AI for:

  • Speech pattern analysis and feedback: No solely automated decisions with legal effects
  • Personalized exercise recommendations: User retains full control over exercise selection
  • Progress assessment: Therapist oversight available for all assessments

Important: Our AI provides guidance tools, not diagnostic decisions. Professional therapist oversight is always available.

You have the right to:

  • Request human (therapist) review: Request human review of AI-generated assessments at any time
  • Contest AI-generated feedback: Challenge or correct AI-generated results that you disagree with
  • Understand AI logic: Request explanations of how AI analyzes your speech data and the decision criteria used
  • Not be subject to automated decisions: You will not be subject to decisions based solely on automated processing that produce legal or similarly significant effects

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected users without undue delay
  • Provide clear information about the breach and our response
  • Take immediate steps to contain and remedy the breach

13. Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

  • Notify users of material changes via email or in-app notification
  • Provide 30 days notice before changes take effect
  • Maintain previous versions for reference
  • Seek new consent where required by law

14. Supervisory Authority

You have the right to lodge a complaint with your local data protection authority. In Ireland, this is:

Data Protection Commission (DPC)
Website: www.dataprotection.ie
Phone: +353 57 868 4757
Email: info@dataprotection.ie

Contact Our Data Protection Team

Have questions about your privacy or data rights? We're here to help.

Email: marcofaggiani04@gmail.com

Subject Line: "Privacy Inquiry - EaseTalk"

Response Time: Within 30 days (usually much faster)

15. Pilot Program Notice

EaseTalk is currently in pilot/beta phase. During this period:

  • Features may change based on user feedback and clinical insights
  • We collect additional usage data to improve the service and validate effectiveness
  • Participation is voluntary; you may withdraw anytime without penalty
  • Enhanced support available for pilot participants
  • Your feedback helps shape the final product and contributes to research

Pilot data retention: All pilot data is subject to the same GDPR protections and retention periods as described in Section 6.3 of this policy.

16. App Store Compliance

This privacy policy complies with:

  • Apple App Store Review Guidelines
  • Google Play Store Developer Policy
  • EU Digital Services Act (DSA)
  • General Data Protection Regulation (GDPR)
  • ePrivacy Directive

Effective Date:

This Privacy Policy is effective as of January 1, 2025, and applies to all users of the EaseTalk mobile application and related services.