Privacy & Data Policy — dict.is

Effective date: October 16, 2025

Privacy & Data Policy — dict.is (EU/GDPR-Compliant Version)

Effective date: October 16, 2025

This Privacy & Data Policy explains how dict.is (“the Company”, “we”, “us”) processes personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable data protection laws within the European Economic Area (EEA).

1. Data Controller

The Data Controller responsible for processing personal data under this Policy is:
dict.is
Email: 📧 info@dict.is

2. Categories of Personal Data Processed

dict.is processes only the minimum amount of personal data necessary to provide the Service:

  • Name
  • Phone number
  • WhatsApp business profile (if applicable)

Audio content and transcriptions are processed in real time and not stored after processing.

3. Legal Basis for Processing (Article 6 GDPR)

We process personal data based on one or more of the following legal grounds:

  • Article 6(1)(b): Processing necessary for the performance of a contract (to provide the Service);
  • Article 6(1)(f): Processing based on our legitimate interest to operate, secure, and improve the Service;
  • Article 6(1)(a): Processing based on your consent, when applicable (e.g., optional communications).

4. Purpose of Processing

We process your data to:

  • Provide and maintain the transcription and summarization service;
  • Identify users and ensure Service integrity;
  • Communicate with users regarding Service-related issues or updates;
  • Comply with applicable legal obligations under EU law.

We do not use personal data for profiling, marketing, or automated decision-making.

5. Data Retention

dict.is does not store audio or transcription data.
Personal identification data (name, phone number, WhatsApp business profile) are retained only for as long as necessary to operate the Service and maintain essential contact records, in accordance with Article 5(1)(e) GDPR.
Data are securely deleted or anonymized once no longer required.

6. Data Security (Article 32 GDPR)

We implement appropriate technical and organizational measures to protect personal data, including:

  • End-to-end encrypted data transmission;
  • Immediate deletion of transient audio and transcription data;
  • Secure storage and restricted access for any retained personal data.

7. Processors and Third-Party Services

We use trusted third-party providers who process data on our behalf, including:

  • GROK — AI transcription and summarization;
  • Supabase — secure data infrastructure and hosting.

All processors operate under written agreements compliant with Article 28 GDPR and act solely under our documented instructions.

8. International Data Transfers

Where personal data are transferred outside the EEA, such transfers are carried out in compliance with Articles 44–49 GDPR, using Standard Contractual Clauses (SCCs) or equivalent safeguards.

9. Rights of Data Subjects

Under Articles 12–23 of the GDPR, you have the right to:

  • Request access to your personal data;
  • Request correction or deletion (“right to be forgotten”);
  • Restrict or object to processing;
  • Request data portability;
  • Withdraw consent at any time (without affecting prior lawful processing).

To exercise these rights, contact us at info@dict.is.
We will verify your identity and respond within one month, as required by Article 12(3) GDPR.

10. Children’s Data

The Service is not directed to children under 16 years of age.
We do not knowingly collect or process data from minors. If we become aware of such data, we will delete it immediately.

11. Cookies and Tracking

dict.is uses only essential, technical cookies required for Service functionality.
We do not use analytics, advertising, or profiling cookies.

12. Updates to This Policy

We may amend this Policy to reflect legal or technical changes.
The latest version will always be available at https://dict.is/dp.
Any significant changes will be communicated in advance where required by law.

13. Contact

For any questions about this Policy or your personal data, contact:
📧 info@dict.is

Legal Disclaimer

This document is provided for informational purposes only and does not constitute legal advice or create any legal relationship between dict.is and the user.
While dict.is strives to maintain accuracy and compliance with applicable laws, users are encouraged to seek independent legal counsel for specific legal questions.