Privacy Policy

We are serious about your privacy and understand its importance to you. That is why we work hard to ensure that your information is well protected and that we collect the minimum data that we need in order to make your experience with our Website and Services possible and better.

What is the present Privacy Policy?

This Privacy Policy is meant to inform you about the personal data we collect, by whom and how they will be processed, what we use them for, how long we will store them, what safeguards we have undertaken to keep them secure.

It also describes how you can be in control of your personal information, in particular the choices available to you regarding our use of your data and how you can access and update this information.

This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

Please read this Policy carefully before providing your personal information. By using this Website and our Services, you consent to all of the terms and conditions of this Policy. If you do not agree to abide by these terms, you are not authorized to use or access the Website and its Services.

Who processes your personal data?

speechbox.ai is a web platform offering SaaS cloud text to speech converter, owned by Web Extreme Ltd., with UIC 206750815, registered in the Republic of Bulgaria, Sofia 1000, 10 Ivan Peichev Str.

We are a Personal Data Controller, and as such we are responsible for the processing and storage of your personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 (the General Data Protection Regulation) and Bulgarian legislation.

Our Data Protection Office is Vasil Atanasov, to whom you may address any questions and/or requests you may have regarding your personal data and/or this Policy. You may send an email to:

What information do we collect as you use our services?

1. Information you provide to us

Most of the information that we collect is directly provided to us by you. This is so in these cases:

  • When you create an account

We will ask you to provide us with an e-mail address and a password, which are required in order to create your SpeechBox account. You also have the option to provide us with additional personal data in order to make your account more personalized. These may include your username, first and last name, phone number, birth date, gender, country, etc.

  • When you make a purchase

We will collect certain personal data if you sing up for our 7-day Trial or if you purchase any of our Paid Subscriptions. The exact personal data collected will vary depending on the payment method but will include information such as: name, date of birth, credit or debit card type, expiration date, certain digits of your card number, mobile phone number, other payment account information, details of your purchase and payment history.

  • When you contact us

Whether you have a question about features, trials, pricing, or anything else, you may decide to contact our team. For that to be possible, you need to fill in our contact form, which includes personal information such as your name, e-mail address, and any type of personal data you decide to include in your message.

2. Information from other sources

We also collect additional information about you which is not delivered to us by you directly.

When you visit our Website our servers automatically record information that your browser sends. This data may include information such as your device’s IP address, browser type and version, operating system and version, language preferences or the webpage you were visiting before you came to our Website, pages of our Website that you visit, the time spent on those pages, information you search for on our Website, and other statistics. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding Website usage. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system.

If you choose to pay for a service or feature by invoice, we may receive data from our payment partners to enable us to send you invoices, process your payment and provide you with what you have purchased.

Do we use Cookies?

The Website uses "cookies" to help personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

We may use cookies to collect, store, and track information for statistical purposes to operate our Website and Services. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the features of the Website and Services. To learn more about cookies and how to manage them, visit www.internetcookies.org

For more information please read our Cookie Policy

What are the purposes of processing your personal data?

In order to make our Website and Services available to you, or to meet a legal obligation, we need to collect and use your personal information. If you do not provide the information that we request, we may not be able to provide you with the requested services.

We may use your information for the following purposes:

  • Create and manage user accounts;
  • Fulfill and manage orders;
  • Deliver services;
  • Process your payment;
  • Run and operate our Website and Services;
  • Improve products or services;
  • Understand, diagnose, troubleshoot, and fix issues with the Website and/or our Services;
  • Answer to messages sent via the contact form;
  • Perform direct marketing via e-mail;
  • Deliver targeted advertising;
  • Contact you directly or through a third-party service provider regarding products or services you have signed up or purchased from us;
  • Perform transactional or service-related communications;
  • Request user feedback;
  • Improve your experience;
  • Respond to legal requests and prevent harm;
  • Exercise or defend legal claims;
  • Comply with legal obligations and law enforcement requests.

On which legal basis do we process your personal data?

We collect and process your personal data in accordance with the legal grounds provided for in Art. 6 of the General Data Protection Regulation. We collect your personal information on the following grounds:

  • 1. Performance of a contract

We collect your personal data on the basis of the concluded purchase agreement for the services we offer in order to process your payment and to provide you with the purchased services depending on the subscription plan you have chosen.

  • 2. Legitimate interest

We believe that both you and us have a legitimate interest in keeping your personal data stored for the purposes of certain marketing campaigns, in the case of formal proceedings, as well as for the purpose of improving your experience with our services, including troubleshooting and fixing issues with the Website.

  • 3. Consent

Based on your unambiguous and explicit consent, we process your personal data regarding the registration on the Website, the use of the so-called Cookies, the use of our contact form, the use of direct email marketing. You can withdraw your consent at any time.

  • 4. Legal obligation

In certain cases, we may use your personal data in connection with legal obligations that we have.

Who can we disclose your information to?

Depending on the requested Services or as necessary to complete any transaction or provide any service you have requested, we may share your information with your consent with our trusted third parties that work with us, any other affiliates and subsidiaries we rely upon to assist in the operation of the Website and Services available to you. We do not share Personal Information with unaffiliated third parties. These service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. We may share your Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. These third parties are given Personal Information they need only in order to perform their designated functions, and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes.

We will disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

In the event we go through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of its assets, your user account, and Personal Information will likely be among the assets transferred.

For how long do we retain your information?

We keep your personal data only as long as necessary to provide you with our Services. We keep some of your account information only for as long as you are a user of our Services. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

If there is an unresolved issue relating to your account, we will retain the necessary personal data until the issue is resolved. If we are under a legal obligation to retain some of your personal data, we will retain them for the period required by applicable law. We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally.

Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.

Is your personal data transferred to other countries?

Depending on your location, data transfers may involve transferring and storing your information in a country other than your own, namely when you use our services form a country other than the country where our servers are located. This will be done only for the purposes of performing our contractual obligations, contacting you when you have decided to use our contact form, or when we have your consent to do so.

What rights do you have regarding your personal information that we process?

You have the following rights, whose exercise we will facilitate at any time:

  • Right to information

You have the right to receive information at the time we collect your personal data regarding the data we collect, who will process it, for what purposes and for what reasons.

  • Right to access

You may request access to your personal data that we store. You also have the right to request a free copy of your personal data that are being processed.

  • Right to rectification

You have the right to request that we amend or update any inaccurate or out-of-date personal data.

  • Right to erasure (‘right to be forgotten’)

You have the right to obtain the erasure of your personal data where they are no longer necessary in relation to the purposes of the processing or where there is no legal ground for the processing.

  • Right to restriction of processing

In certain cases, you have the right to request that we temporarily or permanently stop processing all or some of your personal data.

  • Right to data portability

You have the right to receive your personal data in a structured, commonly used and machine-readable format and the right to transmit those data to another controller provided that this is possible and feasible.

  • Right to object

You have the right to make a reasoned objection to the processing of your personal data, when we use them on the basis of legitimate interest. Thus, we will be required not to use them in the future.

  • Right to withdraw consent

When we process your personal data on the basis of consent, you can withdraw it at any time. Thus, we will be required not to use them in the future.

  • Right to claim

You have the right to seek protection of your rights by the Commission for Personal Data Protection (CPDP). CPDP is an independent state body that oversees the lawfulness of personal data processing activities. You can file complaints to CPDP in person or by letter at: 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592; by fax – 029153525; electronically to the CPDP’s e-mail address – kzld@cpdp.bg. More information about the procedure could be found at the following internet address: https://www.cpdp.bg/.

How to exercise these rights?

You can exercise any of the listed rights by submitting a written application to the address of the Controller. The application should contain: name and address, personal identification number, description of the request, preferred form for receiving information, signature, date of submission of the application and address for correspondence. If the application is submitted by an authorized person, an explicit proxy should also be attached.

An application may also be submitted electronically. It has to be signed with a qualified electronic signature.

You can also exercise your rights by using the contact form on the Website, providing for this purpose: name, e-mail address, description of the request, preferred form of communication, date of submission of the application.

When describing your request, please include sufficient details that will allow us to properly understand the request and respond to it.

We cannot respond to your request or provide you with personal information unless we first verify your identity or authority to make such a request and confirm that the personal information relates to you.

How do we ensure the security of your personal data?

We understand well how important it is for your personal data to be properly processed and protected. The Controller’s team has imposed adequate technical and organizational measures to protect your personal information.

Our measures, inter alia, ensure compliance with the principles relating to processing of personal data, ensuring that personal data shall be:

  • Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);
  • Adequate, relevant and limited to what is necessary in relation to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
  • Accurate and, where necessary, kept up to date. We have undertaken reasonable steps to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);
  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’);
  • The controller shall be responsible for, and be able to demonstrate compliance with the principles relating to processing of personal data (‘accountability’);

All direct payment gateways adhere to the latest security standards as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. Sensitive and private data exchange happens over a SSL secured communication channel and is encrypted and protected with digital signatures.

Our Website is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users. Scans for malware are performed on a regular basis for additional security and protection.

Although we maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our Website cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.

Our Website contains links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Website and to read the privacy statements of each and every website that may collect Personal Information.

When can we change our current Policy?

We reserve the right to change this Policy at any time by updating, supplementing and amending it. When changes are made, we will revise the updated date at the bottom of this page. We may also provide notice to you in other ways in our discretion, such as through contact information you have provided. Any updated version of this Privacy Policy will be effective immediately upon the posting of the revised Privacy Policy unless otherwise specified. Your continued use of the Website or Services after the effective date of the revised Privacy Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.

What happens if you are under 16 years of age?

We do not knowingly collect any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through our Website or Service. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through our Website or Service without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Information to us through our Website or Service, please contact us. You must also be at least 16 years of age to consent to the processing of your Personal Information in your country (in some countries we may allow your parent or guardian to do so on your behalf).

Last update on March 6th, 2023