Privacy Policy
Date: January 16, 2026
Intro
Readdle Limited (“Readdle” or “we”) welcomes you on our website at link (“Website”).
​
This Privacy Policy describes which of your personal data the Website collects, how stores, processes, and uses it, and what happens when you use the Website.
​
We understand you care about your privacy, and we appreciate the trust you place in us. To justify that trust, we embed the latest data security standards, improve our awareness of privacy matters, and comply with the General Data Protection Regulation and other privacy laws.
Table of Contents
About Us
We are the controller of your personal data processed in connection with the Website. This means that we determine the purposes and means of processing personal data.
Our details:
Readdle Limited
Glandore Business Centres, 26-27 Fitzwilliam Place, Fitzwilliam Hall, Dublin 2, D02T292, Ireland
Our Data Protection Officer:
Privacity GmbH
Neuer Wall 50, 20354 Hamburg, Germany
Our contacts:
-
rdsupport@readdle.com – for general inquiries
-
dpo@readdle.com – for privacy inquiries
Our support team is happy to assist you with any matter. We kindly ask you to be polite and calm in your communication with us. Otherwise, we may not respond to offensive emails/messages.
About You
When you visit our Website, you become our user (“User”). Please note that we do not knowingly process the personal data of Users under the age of 18. If you are such a User or you are a legal representative of such a User, please contact us.
Personal Data
Sources of Data
We receive data when you visit our Website and interact with it, depending on your actions on the Website.
​
We may also, although we do not necessarily do so, receive data from third parties. For example, we collect analytics data at the Website with the help of third-party providers via cookies and similar technologies. It depends on your settings.
Lawful Bases for Processing
To process your personal data, we rely on the following lawful bases:
-
performance of the contract — for the processing of personal data necessary for the negotiation, conclusion, and performance of a contract with you;
-
legal obligation — for the processing of data as required by applicable laws or if requested by a law enforcement agency, court, supervisory authority, or another state-authorized public body;
-
legitimate interest — for the processing necessary for the development of our services, taking into consideration your interests, rights, and expectations;
-
consent — for additional processing for specific purposes.
Personal Data on the Website
Subscription Data
We may collect and process data you provide when subscribing to our waiting list for the product. Specifically, based on your consent, we may process the following:
-
name;
-
email;
-
details about the transcription experience you shared with us.
The data is stored up to two (2) months or until you withdraw your consent, whichever happens earlier.
Technical Data
Similar to many other websites, we collect certain data about our Users when you visit our Website, such as IP address, browser type, and device type. We also use cookies and similar technologies to collect additional data, including advertising measurements and detailed statistics about how you interact with the Website (e.g., your browsing patterns over time).
For more details, please refer to our Cookie Policy.
Support Requests Data
When you address your request for support, we may collect the following information to help you:
-
name;
-
email;
-
subject of the letter and message.
This data is processed for assistance with your request based on the performance of contract. Also, we may process your message for the improvement of our Website and product, based on the legitimate interest.
​
The data is stored up to six (6) years after the last communication on the ticket.
​
We may also collect analytics on request categories to improve our services and responses.
​
To process and analyse your requests more efficiently, we may engage trusted AI providers. Before proceeding with these providers, we always take necessary technical and organizational precautions, including pseudonymisation, data minimization, conducting data protection impact assessments, and establishing data processing agreements. No data is used for training.
Data Sharing with Third Parties
We may share your personal data with third parties without causing you any harm and in strict compliance with applicable laws. Additionally, we have put in place organizational and technical measures to secure your personal data during its transfer to third parties.
​
To share your data, we rely on the following lawful bases, such as consent, compliance with the law, and performance of a contract, depending on the specific circumstances.
​
Specifically, we may share your data with the following categories of the third parties:
-
Analytics tools - to understand and promote our business;
-
Contractors necessary for the services provision to you - to operate, develop, and improve the functionality of the Website, fulfill your support requests, etc.;
-
Services our team uses internally for operation of the business - CRM systems, messengers, and other services in our organization to provide you with our services;
-
State authorities, courts, law enforcement agencies, etc. - if necessary to comply with a government request, court order, or applicable law, prevent unlawful use of the Website, protect against claims of third parties, help prevent or investigate fraud.
To get a detailed list of the third-party recipients of your personal data, contact us.
Data Transfer Outside the European Economic Area
The personal data we collect is stored on the US servers, which participate in the Data Privacy Framework, and European Economic Area (“EEA”) servers, which fall under the General Data Protection Regulation.
​
We may share personal data with the recipients in the USA and other countries, including non-EEA ones, ensuring that your data is protected and processed in accordance with the General Data Protection Regulation.
​
To share the data outside the EEA, we rely on the adequacy decision by the European Commission or the Data Privacy Framework participation of the recipient. If the recipient does not participate in the Data Privacy Framework and its country is not deemed to provide an adequate level of protection for your personal data, we adopt Standard Contractual Clauses based on legislation assessments for data protection during transfer and storage.
​
You can read more detailed measures to protect your personal data here.
Security Measures
We routinely conduct Data Protection Impact Assessments to guarantee the implementation of adequate technical and organizational measures. These measures aim to prevent accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.
​
To enhance the protection of your personal data, we employ HTTPS and encryption, establish segmented group and individual access (as necessary), utilize an alarm system, implement a corporate VPN, and adhere to formally approved internal policies, including those for password management and physical access.
​
Furthermore, we consistently monitor the state of the art of our technologies and diligently maintain backups. Additionally, all our contractors are bound by contractual obligations that comply with GDPR requirements.
​
You can contact us in case of any questions regarding security issues.
​
Here you can find information about the specific steps we mentioned above:
-
Physical measures: Limited access to premises
-
Policies and instructions: Password policy, Monitoring and physical access policy, Contractual obligations and corporate VPN, Internal security policy, Access control policy
-
Transfer protection: Data protection agreements, Standard contractual clauses, Data Privacy Framework
-
Contractor and staff training
-
Agreements: Non-disclosure agreements, Data protection agreements
-
Regular access and policy review
-
Code review
-
Privacy Protection: Privacy by design and by default, Internal procedures for GDPR compliance
-
Encryption Technologies: Encryption in transit, Backup encryption, State-of-the-art methods of cryptographic keys
-
Backup: Regular backup of the entire system, Redundant operation of the critical services in multiple data centers controlled by a high-availability system
-
Two-factor Authentication
-
Stress Tests
-
Static Analysis
-
Quality Assurance
-
Regular Patch Management
-
Dependency and Supply Chain Vulnerability Check
Data Subjects Rights
European Economic Area and United Kingdom Residents
As a data subject, you have the right to access, manage, and control your data either directly or by submitting a request to us. This section outlines these rights and explains how you can exercise them based on your place of residence.
-
Right to access: You can request an explanation of the processing of your personal data.
-
Right to rectification: You can change the data if it is inaccurate or incomplete.
-
Right to erasure: You can send us a request to delete your personal data from our systems. We will remove them unless otherwise provided by law.
-
Right to restrict the processing: You may partially or completely prohibit us from processing your personal data.
-
Right to data portability: You can request all the data you provided to us and request to transfer data to another controller.
-
Right to object: You may object to the processing of your personal data.
-
Right to withdraw consent: You can withdraw your consent at any time.
-
Right to file a complaint: If your request was not satisfied, you could file a complaint to the regulatory body.
To exercise your rights, please contact us.
For EEA residents: We will answer your request within one (1) month. If your request is not satisfied, you can submit a complaint to your local Data Protection Authority. You may find it here.
​
For UK residents: We will answer your request within one month. If your request is not satisfied, you can submit a complaint at the Information Commissioner’s Office via number 0303-123-1113 or go online at www.ico.org.uk/concerns.
United States Residents
Your rights vary depending on the state of your residency, as indicated below:
-
Right to access: You can request an explanation of the processing of your personal data.
California, Virginia, Ohio, Colorado, Nevada, Massachusetts, Minnesota, New York, North Carolina, Pennsylvania, Delaware, Utah -
Right to correct: You can change the information if it is inaccurate or incomplete.
California, Virginia, Colorado, Nevada, Massachusetts, Minnesota, New York, North Carolina, Delaware -
Right to delete: You can send us a request to delete your personal data from our systems.
California, Virginia, Ohio, Colorado, Massachusetts, Minnesota, New York, North Carolina, Pennsylvania, Utah -
Right to portability: You can request all the data that you provided to us, as well as request to transfer data to another controller.
California, Virginia, Ohio, Colorado, Massachusetts, Minnesota, New York, North Carolina, Utah -
Right to opt out of sales: You can opt out of the sale of personal data to third parties.
California, Virginia, Ohio, Colorado, Nevada, Massachusetts, Minnesota, New York, North Carolina, Pennsylvania, Delaware, Utah -
Right to opt out of certain purposes: You can opt out of processing for profiling/targeted advertising purposes.
Virginia, Colorado, Connecticut, Indiana, Montana, Tennessee, Texas, Utah -
Right to opt out of the processing of sensitive data: You can opt out of the processing of sensitive data.
California -
Right against automated decision-making: You can prohibit a business from making decisions about a consumer based solely on an automated process without human input.
California, Virginia, Colorado, Massachusetts, Minnesota, New York, North Carolina -
Right to lodge a complaint: If your request is not satisfied, you can file a complaint with the regulatory body.
All states
To exercise your rights, please contact us.
​
We will answer your request within 30 to 60 days, depending on the state and legislative requirements. If your complaint is not satisfied, you can submit a complaint with the Federal Trade Commission.
​
Note: Some states do not have their own privacy laws. The rights of residents of such states are governed by U.S. federal law. If your state is not on the list, please contact us.
Do Not Sell My Personal Information
California residents, under the California Consumer Privacy Act (CCPA), possess the right to opt out of the “sale” of their personal information by entities governed by the CCPA.
​
We do not sell your personal information to anyone, nor do we use your data as a business model.
​
Ensuring your privacy is our utmost priority, and we are dedicated to safeguarding it.
​
We adhere to the CCPA by providing California residents the option to opt out of any potential future sale of their personal information. If you wish to register your preference that we do not sell your data in the future, please contact us.
Do-Not-Track Requests
California residents visiting our Website have the option to request that we do not automatically collect and track information related to their online browsing activities across the Internet.
​
These requests can usually be made via web browser settings that manage signals or other mechanisms, enabling consumers to express their preferences concerning the collection of personal data about their online activities over time and across third-party websites or online services.
​
We currently do not have the ability to honor these requests. However, we may update this Privacy Policy as our capabilities evolve.
Canada Residents
-
Right to be informed: With the help of this Policy, we enable your right to be informed of the purposes of the processing, including automated processing, the categories of personal data processed, the recipients or categories of recipients of such data, and the storage periods.
-
Right to access: You can request an explanation of how your personal data is processed.
-
Right to correction/rectification: You can change the data if it is inaccurate or incomplete.
-
Right to data portability (Quebec residents only): You can request all the data you provided to us and request to transfer the data to another controller.
-
Right to delete (Quebec residents only): You can send us a request to delete your personal data from our systems. We will remove all data except of what we are obliged to store in compliance with the law requirements.
-
Right to withdraw consent: You can withdraw your consent at any time.
-
Right not to be subject to automated decision-making: You can object to being subject to automated processing to know if there are consequences concerning them due to such processing. If you are a Quebec resident, you can rectify (correct) the data used for automated processing.
-
Right to lodge a complaint: If your request is not satisfied, you could file a complaint with the regulatory body.
To exercise your rights, please contact us.
​
We will answer your request within thirty (30) days. If your complaint is not satisfied, you can submit a complaint to the Office of the Privacy Commissioner of Canada.
Privacy Policy Updates
The Privacy Policy and the relationships falling under its effect are regulated by the General Data Protection Regulation. Please note that the laws and requirements for processing personal data can evolve. In the event of changes, we will release an updated version of the Privacy Policy on our Website to reflect these modifications.
​
If we make substantial changes to the Privacy Policy or the Website that affect your data privacy rights, we will notify you by email or display information on the Website and ask you to read it. You will be notified in advance, and if you continue to use the Website after these changes take effect, it will be considered that you have consented to and accepted the revised Privacy Policy.