This privacy notice for Gladia, a French “société par actions simplifiée” with capital of 1,838.83 euros, having its registered office at 38 rue de la Tremblaie, 35510 Cesson-Sévigné (France), registered with the R.C.S of Rennes (France) under No. 909 935 736, and Gladia Inc., a Delaware corporation with an address at c/o Corporation Service Company, 251 Little Falls Drive, Wilmington, New Castle County, Delaware 19808 (collectively, “Gladia”, "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services (the "Services"), such as when you:
- Visit our website at https://gladia.io or any website of ours that links to this privacy notice.
- Use our AI audio transcription service (the “AI Service”).
- Engage with us in other related ways, including any sales, marketing, or event.
Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at
privacy@gladia.io.
Summary of key points
This summary provides key points from our privacy notice, but you can find out more details about any of these topics by using our table of contents below to find the section you are looking for.
In what capacity do we process your personal data?
We process your personal data as a "data controller" for the purposes defined in Sections 1.1 and 1.3. When we provide our services to a client with whom we have entered into an agreement, we process personal data as a "data processor" on behalf of our clients, who act as "data controllers", as described in Section 1.2.
What personal data do we process?
When you visit, use, or navigate our Services, we may process personal data depending on how you interact with Gladia and the Services, the choices you make, and the products and features you use. The personal data collected and the means of collection are described in Section 2.
Do we process any sensitive personal data?
We do not process sensitive personal data.
How do we process your personal data?
We process your personal data to provide, improve, and administer our Services, communicate with you, and for security purposes. We process your data only when we have a valid legal basis to do so.
In what situations and with which parties do we share personal data?
We may share data in specific situations and with specific third parties such as our IT providers.
How do we keep your personal data safe?
We are SOC 2 Type 2 and HIPAA certified and as such have organizational and technical processes and procedures in place to protect your personal data. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
What are your rights?
Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal data.
How do you exercise your rights?
The easiest way to exercise your rights is by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.
Table of contents
1. How do we process your personal data?
2. What categories of data are collected, and how are they collected?
3. What legal basis do we rely on to process your personal data?
4. When and with whom do we share your personal information?
5. Do we use cookies and other tracking technologies?
6. How long do we keep your information?
7. How do we keep your information safe?
8. Do we collect information from minors?
9. What are your rights?
10. Do California residents have specific privacy rights?
11. Do we make updates to this notice?
12. How can you contact us about this notice?
1. How do we process your personal data?
1.1 As a “data controller”, we process your personal data for a variety of reasons, depending on how you interact with our Services, including:
- To manage our commercial relationship with our clients. We may process your data for administrative purposes in relation to our AI Service, for instance ordering and invoicing our AI Service.
- To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
- Our AI Service offers you the ability to register and log in using your Google account. Where you choose to do this, we will receive certain profile information about you from Google. This will include identification data. We will use the information we receive only for the purpose of making it easier for you to log in to our AI Service. We recommend that you review Google’s privacy notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and app.
- To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
- To send you marketing and promotional communications. We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time. For more information, see the "WHAT ARE YOUR RIGHTS?" Section below.
- To organize meeting with you.
- To respond to your request for a demonstration via the contact form on the website.
- To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
- To facilitate your browsing on our website thanks to cookies, as specified in Section 5.
- To improve our AI Service’s source code, as specified in Section 1.3.
- For recruitment management when you are located in the European Union and you apply to join our company.
- If you are a natural person acting as a consumer (i.e. for non-business related purposes), we may collect your data as a data controller to provide you with our AI Service. Please note that if you are a legal person and/or acting for business related purposes, we will process data as a processor, as set forth in Section 1.2.
- For other general business purposes, such as to maintain the day-to-day operation and security of our Services, to protect the integrity of our business, and for analytics, auditing and technical assistance purposes. Further, we might use the information collected to secure online transactions, prevent fraud and payment incidents, and manage debt collection.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Gladia’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Gladia about our users is among the assets transferred.
- To enforce our contracts, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties. We also collect information in order to comply with certain legal rules and regulations that we are subject to, and as required by law enforcement and/or regulatory authorities.
1.2 We also process personal data in our capacity as a "data processor", while the client acts as the "data controller". This processing is carried out exclusively in accordance with the client's instructions and in compliance with applicable data protection regulations for the following purposes:
- To provide the requested AI Service.
- To provide our clients with support and maintenance in relation to the AI Service.
If you provide us with any personally identifiable information about another person, you represent and warrant that (i) you have that person’s consent to do so; and (ii) that you are responsible for ensuring that your (and any of your personnel or representatives, if applicable) use, control, processing and treatment of such information and any of your legal policies relating thereto are in compliance with all applicable laws, rules and regulations and the Terms of Service. You agree that any information uploaded in connection with the AI Service shall not include any data that is subject to specific regulatory or self-regulatory requirements, including, without limitation: financial account numbers, social security numbers, tax ID numbers, passport numbers, any government identification numbers of any kind, payment card data, protected health information or other sensitive information.
For more details on the terms of this processing, please refer to our Data Processing Agreement, which outlines our obligations and commitments as a “data processor” regarding the protection of personal information.
1.3 As part of the development and improvement of our AI Service, we use publicly available datasets containing human voice recordings (the “Datasets”). This notice aims at informing you about the use of these Datasets if you are a data subject in connection with these Datasets.
Sources of the data
The Datasets are publicly available online and subject to the Creative Commons BY (CC‑BY) license (such as Common Voice by Mozilla, Earnings Call by Meta, Librispeech, Coraal, openslr.org or Google’s Fleur dataset available on huggingface.co).
Nature of the collected data
The Datasets contain only human voice recordings. No other data that could allow direct identification of individuals (e.g., name, surname, address, metadata related to the recordings, etc.) is collected or processed. The Datasets do not contain any voice recordings from the use of the AI Service. Our Datasets contain several thousand hours of recording in more than a hundred languages.
Purpose of the processing
The use of these Datasets is strictly limited to the following purpose:
- Testing and improving the performance of our AI Service’s source code.
No commercial exploitation or individual profiling is carried out.
Data retention period
The Datasets are retained only for the time strictly necessary for testing and improving the source code of our AI Service. Once their purpose is fulfilled, they are deleted from our systems.
Your rights
The Datasets do not contain any information that could directly identify individuals. Therefore, if you wish to exercise your rights in accordance with Section 9, Gladia may require that you prove that your voice is included in the Datasets.
2. What categories of data are collected, and how are they collected?
-
When you create an account:
- Name
- Lastname
- Email or work email
-
When you browse our website:
-
When you or your company enters into a contract with Gladia and you are designated as a representative or contact person for your company:
- Name
- Lastname
- Email or work email
- Personal telephone number or professional telephone number
- Personal address or professional address
- Banking data
-
When you use the AI Services:
-
When you send an email inquiry:
- Name
- Lastname
- Email or work email
-
When you are located in the European Union and you submit your application for a job offer published by Gladia on a partner platform (such as LinkedIn, Welcome to the Jungle):
- Name
- Lastname
- Email
- Telephone number
- CV
-
When you request to exercise your rights:
- Last name
- First name
- Email
3. What legal basis do we rely on to process your personal data?
If you are located in the EU or UK, this section applies to you.
The EU General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal basis we rely on in order to process your personal data.
As such, we may rely on the following legal basis to process your personal data:
-
Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose.
You can withdraw your consent at any time.
We base the following processing on consent:
- Sending you marketing and promotional communications.
- Facilitating your browsing on our website thanks to cookies.
- Organizing meetings with clients and prospects.
-
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
We base the following processing on a contract:
- Managing our commercial relationship with our clients.
- Facilitating account creation and authentication and otherwise manage user accounts.
- Providing you with our AI Service if you are a natural person acting as a consumer i.e. for non-business related purposes.
- Managing recruitment when you are located in the European Union.
- Responding to your request for a demonstration via the site's contact form.
-
Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate interests.
We may process your personal information for the following purposes:
- Requesting feedback.
- Protecting our Services.
- Testing and improving our AI Service’s source code.
-
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
4. When and with whom do we share your personal information?
In the context of the purposes outlined above, we may transfer some of your personal data to third parties such as:
- IT services providers, for the purposes of hosting your information, maintaining and improving our systems.
- Companies within our group of companies.
- Our accountants and counsels.
In the event of a transfer outside the European Union, we ensure that our processor or partner offers sufficient guarantees with regard to applicable legislation (in particular by means of standard contractual clauses of the European Commission and/or the Data Privacy Framework).
If our business is sold or merged with another company, your information may be disclosed to our counsels, any potential purchasers and advisors, and transferred to new assignees or beneficiaries of the business.
We can also share information about you:
- In response to a request for information from a competent authority, if we believe that disclosure of such information is lawful or required by any applicable law or regulation, or in the course of legal proceedings.
- With representatives of law enforcement, judicial or administrative authorities or other authorised third parties.
5. Do we use cookies and other tracking technologies?
What is a cookie?
A cookie is a small text file that is downloaded onto your device when you use certain applications and allows an application to recognise a user's device.
Cookies are used to help users navigate applications more efficiently and to perform certain functions, as well as to provide information to the owners of the application.
What type of cookies do we use?
Purpose |
Legal basis |
Maximum life duration |
Making our website usable by enabling basic functions such as page navigation and access to secure areas of the website. Our website cannot function properly without these cookies.
|
Legitimate interest
|
13 months
|
Enabling our website to retain information that modifies the way the site behaves or displays, such as your preferred language or the region in which you are located.
|
Consent |
13 months |
Helping Gladia, by collecting and communicating information, to understand how visitors interact with our website.
|
Consent |
13 months |
Tracking visitors across websites. The aim is to display ads that are relevant and interesting to the individual user and therefore more valuable to third-party publishers and advertisers.
|
Consent |
13 months |
How can you restrict or delete cookies?
You may delete and block all cookies from this website, but please be aware that restricting or deleting cookies may impact on the functionalities of the Services.
Your web browser may allow you to restrict or delete cookies set by our website. The Help function within your browser should tell you how. Alternatively, you can visit www.allaboutcookies.org which provides general information about cookies and how you can manage cookies on your device.
Do Not Track Settings
We do not recognize Do Not Track signals.
Some third parties may collect aggregate information about the users’ online activities over time and across websites when they use the Service.
While this information does not include personally identifiable information, certain processing activities that combine aggregate information with other information in possession of such third parties could result in the identification of users.
6. How long do we keep your information?
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).
Purpose |
Duration |
Managing our commercial relationship with our clients
|
Duration of our commercial relationship + 5 years
|
Facilitating account creation and authentication and otherwise manage user accounts
|
Duration of our commercial relationship + 5 years
2 years if your account is inactive
|
Requesting feedback
|
Duration of our commercial relationship
|
Sending you marketing and promotional communications
|
Duration of our commercial relationship + 3 years
|
Providing you with our AI Service if you are a natural person acting as a consumer i.e. for non-business related purposes
|
Duration of our commercial relationship + 5 years
|
Responding to your request for a demonstration via the site's contact form
|
3 years from last contact or receipt of contact details
|
Organizing meetings with clients and prospects
|
For clients : duration of our commercial relationship + 3 years
For prospects : 3 years from last contact or receipt of contact details
|
Managing recruitment
|
Accepted candidate : duration of employment contract + 5 years
Rejected candidate : up to 2 years after the last contact, unless the candidate agrees to an extension
|
Protect our Services
|
Duration of our commercial relationship + 5 years
|
Any personal data processed by us as a “data processor” for the purposes described in Section 1.2 will be deleted upon client’s instructions.
When the duration stipulated above expire, we will either delete or anonymize such information.
7. How do we keep your information safe?
We are SOC 2 Type 2 and HIPAA certified. As such, we have been successfully audited on the following subjects: security, availability, confidentiality, processing integrity and privacy.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process.
However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.
8. Do we collect information from minors?
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services.
If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.
If you become aware of any data we may have collected from children under age 18, please contact us at
privacy@gladia.io.
9. What are your rights?
In some regions (like the EEA and UK), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information.
You can make such a request by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.
We will consider and act upon any request in accordance with applicable data protection laws.
If you are located in the UK, the contact details for the data protection authorities are available here:
https://ico.org.uk/.
Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.
However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below. You will then be removed from the marketing lists.
However, we may still communicate with you – for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
Account Information
- Log in to your account settings and update your user account.
- Contact us using the contact information provided.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases.
However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.
10. Do California residents have specific privacy rights?
Pursuant to California Civil Code Sec. 1789.3, California resident users are entitled to know that they may file grievances and complaints with the California Department of Consumer Affairs, 1625 North Market Blvd., Suite N 112, Sacramento, CA 95834; or by telephone at (800) 952-5210; or by email to
dca@dca.ca.gov. For more information about protecting your privacy, you may wish to visit:
www.ftc.gov.
How do we use and share your personal information?
More information about our data collection and sharing practices can be found in this privacy notice.
You may contact us by email at
privacy@gladia.io, or by referring to the contact details at the bottom of this document.
If you are using an authorized agent to exercise your right to opt out we may deny a request if the authorized agent does not submit proof that they have been validly authorized to act on your behalf.
Will your information be shared with anyone else?
We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider. Each service provider is a for-profit entity that processes the information on our behalf.
We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration.
Gladia has not disclosed or sold any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. Gladia will not sell personal information in the future belonging to website visitors, users, and other consumers.
11. Do we make updates to this notice?
We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible.
If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification.
We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
12. How can you contact us about this notice?
If you have questions or comments about this notice, you may email our data protection officer at
privacy@gladia.io or by post to:
GLADIA SAS
Data protection officer
38 rue de la Tremblaie
35510 Cesson-Sévigné (France)
+33 6 26 79 48 70