This Privacy Policy explains how Talkzen ("we", "us", or "our") collects, uses, discloses and protects your personal data when you access or use our website talkzen.io, our application app.talkzen.io and any related service (the "Service"). We comply with Regulation (EU) 2016/679 (the "GDPR") and applicable data protection laws.
01Who we are
Talkzen is the data controller responsible for your personal data under this Policy. You can reach us through the channels listed in the Contact section below.
02Data we collect
Depending on how you interact with the Service, we may collect the following categories of personal data:
- Account data: name, email address, password (hashed), company name, role, billing information.
- Communication data: messages, conversation logs, attachments, voice recordings and metadata generated through the Service.
- Usage data: IP address, device identifiers, browser type, operating system, referring URL, pages visited, timestamps, interaction events.
- Contact data: details you provide via our contact forms, support tickets or sales inquiries.
- Cookie data: see Section 9 below.
03How we use your data
We process your personal data to:
- Provide, operate and maintain the Service;
- Authenticate users and prevent fraud or abuse;
- Process payments and manage subscriptions;
- Improve, personalise and develop new features;
- Provide customer support and respond to inquiries;
- Send service announcements, security alerts and, with your consent, marketing communications;
- Comply with legal obligations.
04Legal basis for processing
We rely on the following legal bases (Art. 6 GDPR):
| Purpose | Legal basis |
|---|---|
| Service delivery & account management | Performance of a contract |
| Marketing communications | Consent |
| Analytics & product improvement | Legitimate interest |
| Legal & tax compliance | Legal obligation |
05Sharing and sub-processors
We do not sell your personal data. We share data only with vetted sub-processors that help us deliver the Service, under written agreements requiring GDPR-grade protection. Categories include:
- Cloud hosting and infrastructure providers (EU region by default);
- Payment processors (e.g. Stripe);
- Transactional email and notification providers;
- AI model providers strictly limited to processing requests;
- Analytics tools configured to respect privacy.
A current list of sub-processors is available on request via privacy@talkzen.io.
06International data transfers
Where personal data is transferred outside the European Economic Area, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, supplementary technical measures, and transfer impact assessments where required.
07Data retention
We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, comply with legal obligations, resolve disputes and enforce agreements. Typical retention periods:
- Account data: for the duration of your subscription, plus up to 24 months after closure;
- Conversation logs: configurable by you; default 12 months;
- Billing records: 10 years (legal requirement in most EU jurisdictions);
- Support tickets: 36 months after closure.
08Your rights
Under the GDPR, you have the right to:
- Access your personal data;
- Rectify inaccurate or incomplete data;
- Erase your data ("right to be forgotten");
- Restrict or object to processing;
- Data portability: receive your data in a structured, machine-readable format;
- Withdraw consent at any time, without affecting prior lawful processing;
- Lodge a complaint with a supervisory authority (e.g. the Italian Garante per la protezione dei dati personali).
To exercise your rights, contact us at privacy@talkzen.io. We respond within one month.
09Cookies and similar technologies
We use cookies and similar technologies to operate the Service, remember your preferences, measure performance and (with consent) deliver marketing. You can manage your preferences through the cookie banner shown on your first visit, and revoke or update them at any time.
Cookie categories used:
- Strictly necessary: required for the Service to function (e.g. session, security). No consent required.
- Functional: remember language and UI preferences.
- Analytics: anonymised usage statistics.
- Marketing: only with explicit consent.
10Security
We implement technical and organisational measures designed to protect personal data, including encryption in transit (TLS 1.2+) and at rest, access controls based on the principle of least privilege, network segmentation, regular backups, monitoring, vulnerability scanning and personnel training. No system is 100% secure; in the event of a personal data breach we will notify affected users and the competent authority where required by law.
11Children
The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact privacy@talkzen.io and we will delete it promptly.
12Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be notified by email or via a prominent notice on the Service at least 14 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.
13Contact
For any questions about this Policy or how we handle your personal data:
- Email: privacy@talkzen.io
- Contact form: talkzen.io/contact
This document is provided in English, Italian and Spanish. In case of discrepancies, the English version prevails.