Back to Home

Privacy Policy

Your Privacy Rights and Data Protection

Quick Navigation

Data CollectedHow We Use DataData SharingData RetentionYour RightsInternationalSecurityContact Us

Our Privacy Commitment

At Utopia Audio, we believe your privacy is a fundamental right. We are committed to transparency about our data practices, giving you control over your personal information, and protecting your data with industry-leading security measures.

Effective Date:May 21, 2026
Last Updated:May 21, 2026

This Privacy Policy describes how Utopia Audio ("Company," "we," "us," or "our") collects, uses, shares, and protects your personal information when you use our AI-powered real-time translation services, including our website at utopia.audio, browser extensions, mobile applications, APIs, and any related services (collectively, the "Services").

This Privacy Policy applies to users worldwide and is designed to comply with applicable privacy laws in all jurisdictions where we operate, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Lei Geral de Proteção de Dados (LGPD), Personal Information Protection and Electronic Documents Act (PIPEDA), and other regional privacy regulations.

1. Information We Collect

1.1 Information You Provide Directly

When you use our Services, you may provide us with the following information:

Account Information

  • Name and email address
  • Username and password (stored in hashed form)
  • Profile picture (optional)
  • Language preferences
  • Account settings and preferences

Payment Information

  • Billing name and address
  • Payment card information (processed securely by our payment processor, Stripe)
  • Transaction history
  • Note: We do not store full credit card numbers on our servers

Communications

  • Support requests and correspondence
  • Feedback and survey responses
  • Any other information you choose to provide

1.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

Device and Technical Information

  • Device type, model, and operating system
  • Browser type and version
  • IP address and approximate geographic location (city/country level)
  • Device identifiers (for mobile apps)
  • Screen resolution and display settings
  • Time zone and language settings

Usage Information

  • Features used and actions taken within the Services
  • Translation language pairs selected
  • Duration and frequency of use
  • Error logs and performance data
  • Referring URLs and exit pages

Cookies and Similar Technologies

  • Essential cookies (required for service functionality)
  • Authentication tokens
  • Preference cookies (to remember your settings)
  • Analytics cookies (with your consent where required)

We do NOT use cookies for advertising or user tracking purposes.

1.3 Audio and Video Data

Important: Translation Data Processing

  • Transient Processing: Audio and video content is processed in real-time for translation purposes only
  • No Permanent Storage: We do NOT permanently store the audio, video, or translated content from your viewing sessions
  • Immediate Deletion: Translation data is deleted from our servers immediately after delivery
  • No Third-Party Sharing: Your translation content is never shared with third parties for their own purposes

1.4 Information from Third Parties

We may receive information from third parties including:

  • Social Login Providers: If you sign in using Google, Apple, or other social authentication, we receive your name, email, and profile picture
  • Payment Processors: Transaction status and limited billing information from Stripe
  • Analytics Providers: Aggregated, anonymized usage data

2. How We Use Your Information

2.1 Primary Purposes

We use your information for the following primary purposes:

Provide Services

  • Process real-time translations
  • Authenticate your identity
  • Manage your account
  • Process payments

Improve Services

  • Analyze usage patterns
  • Develop new features
  • Fix bugs and errors
  • Optimize performance

Communicate

  • Send service notifications
  • Respond to support requests
  • Provide updates and news
  • Send promotional emails (with consent)

Protect & Secure

  • Prevent fraud and abuse
  • Enforce our terms
  • Protect user safety
  • Comply with legal obligations

2.2 Legal Bases for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our Services to you (Article 6(1)(b))
  • Legitimate Interests: Processing for our legitimate business interests, such as improving services and preventing fraud (Article 6(1)(f))
  • Consent: Processing based on your explicit consent, such as marketing communications (Article 6(1)(a))
  • Legal Obligation: Processing necessary to comply with legal requirements (Article 6(1)(c))

2.3 AI and Machine Learning

Our Services use artificial intelligence and machine learning to provide translations. We may use anonymized, aggregated data to improve our AI models. Individual translation content is NOT used to train our models without explicit consent, and your personal viewing habits are never linked to AI training data.

3. How We Share Your Information

Our Core Promise

We do NOT sell your personal information. We do NOT share your data with third parties for their marketing purposes. We do NOT use your data for targeted advertising.

3.1 Service Providers

We share information with trusted service providers who assist in operating our Services:

  • Cloud Infrastructure: Secure data storage and processing (e.g., AWS, Google Cloud)
  • Payment Processing: Stripe for secure payment transactions
  • Email Services: For transactional and marketing communications
  • Analytics: Anonymized usage analytics to improve our Services
  • Customer Support: Help desk and support ticket systems

All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to us.

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders, legal requests)
  • Requests from law enforcement or government authorities
  • Protection of our rights, property, or safety
  • Prevention of fraud, security threats, or illegal activities

Where permitted by law, we will notify you of such requests unless prohibited from doing so.

3.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Data TypeRetention Period
Account InformationDuration of account + 30 days after deletion request
Payment Records7 years (legal/tax requirements)
Translation ContentDeleted immediately after delivery
Usage Logs90 days
Support Communications2 years after resolution
Marketing PreferencesUntil consent is withdrawn

After the retention period, data is either deleted or anonymized. We may retain anonymized, aggregated data indefinitely for statistical and analytical purposes.

5. Your Privacy Rights

Depending on your location, you may have various rights regarding your personal information. We honor all applicable privacy rights regardless of whether they are legally required in your jurisdiction.

5.1 Universal Rights

All users have the following rights:

Access

Request a copy of your personal data

Correction

Update inaccurate or incomplete data

Deletion

Request deletion of your personal data

Portability

Receive your data in a portable format

Opt-Out

Unsubscribe from marketing communications

Withdraw Consent

Withdraw previously given consent

5.2 Regional Privacy Rights

European Union / EEA / UK (GDPR / UK GDPR)

Under GDPR, you have additional rights including:

  • Right to Object: Object to processing based on legitimate interests
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Not Be Subject to Automated Decisions: Request human intervention in automated decisions
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

Our Data Protection Officer can be reached at: dpo@utopia.audio

View Full GDPR Rights →

California, USA (CCPA / CPRA)

California residents have additional rights under CCPA:

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the "sale" of personal information (Note: We do NOT sell your data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use of Sensitive Personal Information: Limit how we use sensitive data
View Full CCPA Rights →

Brazil (LGPD)

Brazilian users have rights under the Lei Geral de Proteção de Dados:

  • Confirmation of the existence of processing
  • Access to your data
  • Correction of incomplete, inaccurate, or outdated data
  • Anonymization, blocking, or deletion of unnecessary data
  • Data portability to another service provider
  • Information about public and private entities with which we shared data
  • Information about the possibility of denying consent and its consequences
  • Revocation of consent

Canada (PIPEDA / Provincial Laws)

Canadian users have rights under PIPEDA and provincial privacy laws:

  • Right to access your personal information
  • Right to challenge accuracy and completeness
  • Right to withdraw consent (subject to legal restrictions)
  • Right to complain to the Office of the Privacy Commissioner of Canada

Australia (Privacy Act / APPs)

Australian users have rights under the Privacy Act 1988:

  • Right to access and correct your personal information
  • Right to complain about privacy breaches
  • Right to opt out of direct marketing
  • Right to complain to the Office of the Australian Information Commissioner (OAIC)

China (PIPL)

Chinese users have rights under the Personal Information Protection Law:

  • Right to know and decide on processing of your personal information
  • Right to access and copy your personal information
  • Right to correction and deletion
  • Right to withdraw consent
  • Right to request explanation of processing rules
  • Right to refuse automated decision-making
View Full PIPL Rights →

Other Jurisdictions

We also comply with privacy laws in:

  • Singapore (PDPA): Access, correction, and withdrawal of consent rights
  • South Africa (POPIA): Right to access, correction, and deletion
  • Japan (APPI): Right to disclosure, correction, and cessation of use
  • South Korea (PIPA): Right to access, correction, suspension, and deletion
  • India (DPDPA): Right to access, correction, and erasure
  • Thailand (PDPA): Right to access, rectification, and erasure
  • New Zealand (Privacy Act 2020): Right to access and correction

5.3 How to Exercise Your Rights

To exercise any of your privacy rights:

  • Email: Contact us at privacy@utopia.audio
  • Account Settings: Manage many preferences directly in your account dashboard
  • Response Time: We will respond to your request within 30 days (or as required by applicable law)
  • Verification: We may need to verify your identity before processing your request

6. International Data Transfers

We operate globally and may transfer your personal information to countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards to protect your information:

6.1 Transfer Mechanisms

  • Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses for transfers from the EEA/UK
  • Data Processing Agreements: All service providers are bound by strict data processing agreements
  • Adequacy Decisions: Where applicable, we rely on adequacy decisions by relevant authorities
  • Your Consent: In some cases, we may rely on your explicit consent for transfers

6.2 Data Storage Locations

Our primary data centers are located in the United States and European Union. We select data center locations to optimize performance while maintaining security and compliance with applicable laws.

7. Data Security

We implement robust technical and organizational measures to protect your personal information:

Technical Safeguards

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for data at rest
  • End-to-end encryption for audio/video streams
  • Regular security audits and penetration testing
  • Web Application Firewall (WAF) protection
  • DDoS mitigation

Organizational Safeguards

  • Role-based access controls
  • Employee security training
  • Background checks for personnel with data access
  • Incident response procedures
  • Regular security reviews
  • Vendor security assessments

7.1 Compliance Standards

Our security practices are designed to comply with:

  • SOC 2 Type II standards
  • HIPAA requirements for applicable data
  • ISO 27001 information security principles
  • PCI DSS for payment data (via Stripe)

7.2 Security Incident Response

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities within the timeframes required by applicable law (72 hours under GDPR).

8. Children's Privacy

Our Services are not intended for children under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children.

  • If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately
  • We will promptly delete any such information from our records
  • We comply with COPPA (Children's Online Privacy Protection Act) in the United States and similar laws in other jurisdictions

9. Third-Party Links and Services

Our Services may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access. We are not responsible for the privacy practices of third parties.

10. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Because there is no industry standard for DNT signals, we do not currently respond to DNT signals. However, we do not track your online activities across third-party websites for advertising purposes.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • For material changes, we will provide at least 30 days' notice via email or prominent notice on our Services
  • Your continued use of the Services after the effective date of changes constitutes acceptance of the updated policy
  • If you do not agree with changes, you should stop using the Services and request deletion of your data

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Utopia Audio - Privacy Team

Privacy Inquiries

privacy@utopia.audio

Data Protection Officer (EU/UK)

dpo@utopia.audio

General Support

support@utopia.audio

13. Supervisory Authorities

You have the right to lodge a complaint with your local data protection authority. Key authorities include:

  • EU: Your national Data Protection Authority (list at edpb.europa.eu)
  • UK: Information Commissioner's Office (ICO) - ico.org.uk
  • USA (California): California Attorney General - oag.ca.gov/privacy
  • Canada: Office of the Privacy Commissioner - priv.gc.ca
  • Australia: Office of the Australian Information Commissioner - oaic.gov.au
  • Brazil: Autoridade Nacional de Proteção de Dados (ANPD)
  • Singapore: Personal Data Protection Commission (PDPC)
  • South Africa: Information Regulator

Last Updated: May 21, 2026

Effective Date: May 21, 2026

Terms of UseGDPR RightsCCPA RightsPIPL Rights