Privacy Policy

Last update: 01.01.2026

This Privacy Policy (hereinafter: “Policy“) contains information on the processing of Your personal data in connection with the use of the “VOICIE” Application, operating at the internet address http://voicie.com/ (hereinafter: “Application“).

All capitalized terms that are not defined otherwise in the Policy have the meaning given to them in the Regulations, available at: https://voicie.com/regulamin.

Personal Data Controller

The administrator of Your personal data is Voicie Prosta Spółka Akcyjna (registered office address: ul. Opolska 110, 31-323 Kraków), entered into the register of entrepreneurs of the National Court Register kept by the District Court for Kraków-Śródmieście in Kraków, XI Commercial Division of the National Court Register under KRS number: 0001193097, holding NIP: 9452313558, REGON number: 542123332, with a share capital of PLN 1,000 (one thousand zlotys) (hereinafter: “Controller“).

Contact with the Controller

In all matters related to the processing of personal data, You can contact the Controller via: e-mail \- at the address: hello@voicie.com.

Personal Data Protection Measures

The Controller applies modern organizational and technical safeguards to ensure the best possible protection of Your personal data and guarantees that they process it in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter: “GDPR“), the Act of 10 May 2018 on personal data protection and other personal data protection regulations.

Information on Processed Personal Data

Using the Application requires the processing of Your personal data. Below You will find detailed information about the purposes and legal grounds for processing, as well as the processing period and the obligation or voluntary nature of providing them.

Purpose of processing	Processed personal data	Legal basis
Conclusion and performance of the Agreement for the provision of the Service	name and surname address e-mail address phone no. NIP company name other data provided in the form	art. 6 sec. 1 lit. b GDPR (processing is necessary for the performance of a contract to which the data subject is party or in order to take steps prior to entering into a contract)
Providing the above personal data is a condition for concluding and performing the agreement for the provision of the Service (providing them is voluntary, but the consequence of not providing them will be the inability to conclude and perform the above agreement). The Controller will process the above personal data until the claims arising from the Agreement for the provision of the Service of the Account become time-barred

Purpose of processing	Processed personal data	Legal basis
Signing up for the waitlist to use the Application	name e-mail address other data provided in the form	art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case handling the waitlist signup and contact)
Providing the above personal data is voluntary, but necessary to sign up for the waitlist and for contact regarding signups (the consequence of not providing them will be the inability to receive a response and sign up). The Controller will process the above personal data until an effective objection is raised or the purpose of processing is achieved (whichever event occurs earlier).

Purpose of processing	Processed personal data		Legal basis
Conducting complaint proceedings	name and surname e-mail address other data included in the message to the Controller		art. 6 sec. 1 lit. c GDPR – Consumer and Entrepreneur with Consumer rights (processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case obligations: to respond to a complaint – art. 7a of the Act on Consumer Rights; implementation of User rights arising from provisions on the Controller’s liability in the event of non-conformity of the physical Good with the sales Agreement or the Digital Service with the Agreement concerning it) art. 6 sec. 1 lit. b GDPR \- Entrepreneur (processing is necessary for the performance of the Agreement and the implementation by the Service Recipient of the rights granted to them under the Agreement)
Providing the above personal data is a condition for receiving a response to a complaint or the implementation of the Service Recipient’s and User’s rights arising from the Agreement (providing them is voluntary, but the consequence of not providing them will be the inability to receive a response to the complaint and the implementation of the above rights). The Controller will process the above personal data for the duration of the complaint procedure, and in the event of the implementation of the above Service Recipient rights – until they become time-barred.
Purpose of processing	Processed personal data		Legal basis
Conducting verification proceedings and considering appeals against decisions regarding handling illegal content	name and surname/name, contact details, including e-mail address other data included in the message to the Controller		art. 6 sec. 1 lit. c GDPR (processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case obligations: to ensure a mechanism for reporting illegal content (Art. 16 of Regulation 2022/2065 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act)(hereinafter: “DSA”), handling complaints (Art. 20 DSA).
Providing the above personal data is a condition for receiving a response to a report or the implementation of User rights arising from DSA provisions (providing them is voluntary, but the consequence of not providing them will be the inability to receive a response to the report and the implementation of the above rights). The Controller will process the above personal data for the duration of the complaint procedure, and in the event of the implementation of the above User rights – until they become time-barred.
Purpose of processing	Processed personal data		Legal basis
Handling inquiries submitted by Users	name e-mail address other data included in the message to the Controller		art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case responding to the received inquiry)
Providing the above personal data is voluntary, but necessary to receive a response to the inquiry (the consequence of not providing them will be the inability to receive a response). The Controller will process the above personal data until an effective objection is raised or the purpose of processing is achieved (whichever event occurs earlier).
Purpose of processing	Processed personal data		Legal basis
Sharing Opinions about Services	name optionally – other data included in the Opinion		art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case sharing the Opinion for information and promotional purposes)
Providing the above personal data is voluntary, but necessary to add an Opinion (the consequence of not providing them will be the inability to add an Opinion). The Controller will process the above personal data until an effective objection is raised or the purpose of processing is achieved (whichever event occurs earlier).
Purpose of processing	Processed personal data		Legal basis
Fulfilling tax obligations (e.g. issuing a VAT invoice, storing accounting records)	name and surname/company residence/registered office address NIP and other registry data		art. 6 sec. 1 lit. c GDPR (processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case obligations arising from tax law)
Providing the above personal data is voluntary, but necessary for the Controller to fulfill the tax obligations imposed on them (the consequence of not providing them will be the inability for the Controller to fulfill the above obligations). The Controller will process the above personal data for a period of 5 years from the end of the year in which the tax payment deadline for the previous year expired.
Purpose of processing	Processed personal data		Legal basis
Fulfillment of obligations related to personal data protection	name and surname contact data provided by You (e-mail address; correspondence address; phone number)		art. 6 sec. 1 lit. c GDPR (processing is necessary for compliance with a legal obligation to which the Controller is subject, in this case obligations arising from personal data protection regulations)
Providing the above personal data is voluntary, but necessary for the correct performance by the Controller of obligations arising from personal data protection regulations, including the implementation of rights granted to You by the GDPR (the consequence of not providing the above data will be the inability to correctly implement the above rights). The Controller will process the above personal data until the limitation periods for claims for violation of personal data protection regulations expire.
Purpose of processing	Processed personal data		Legal basis
Establishment, exercise or defense of claims	name and surname/company e-mail address residence/registered office address PESEL number NIP		art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case the establishment, exercise or defense of claims that may arise in connection with the performance of agreements concluded with the Controller)
Providing the above personal data is voluntary, but necessary to establish, exercise or defend against claims that may arise in connection with the performance of agreements concluded with the Controller (the consequence of not providing the above data will be the inability for the Controller to take the above actions) The Controller will process the above personal data until the limitation periods for claims that may arise in connection with the performance of agreements concluded with the Controller expire.
Purpose of processing	Processed personal data		Legal basis
Analysis of Your activity within the Application	date and time of visits device IP number device operating system type approximate location type of web browser time spent in the Application visited subpages and other actions taken within the Application		art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case obtaining information about Your activity within the Application)
Providing the above personal data is voluntary, but necessary for the Controller to obtain information about Your activity within the Application (the consequence of not providing them will be the inability for the Controller to obtain the above information). The Controller will process the above personal data until an effective objection is raised or the purpose of processing is achieved.
Purpose of processing	Processed personal data		Legal basis
Application Administration	IP address server date and time web browser information operating system information The above data is saved automatically in the so-called server logs, each time the Application is used (administering it without using server logs and automatic recording would not be possible).		art. 6 sec. 1 lit. f GDPR (processing is necessary for the purposes of the legitimate interests pursued by the Controller, in this case ensuring the proper operation of the Application)
Providing the above personal data is voluntary, but necessary to ensure the proper operation of the Application (the consequence of not providing them will be the inability to ensure the operation of the Application in a correct manner). The Controller will process the above personal data until an effective objection is raised or the purpose of processing is achieved.

Profiling

In order to create Your profile for marketing purposes and to direct direct marketing tailored to Your preferences to You, the Controller will process Your personal data in an automated manner, including profiling them – however, this will not produce any legal effects concerning You or similarly significantly affect Your situation.

The scope of profiled personal data corresponds to the scope indicated above regarding the analysis of Your activity within the Application and data that You save on the Account.

The legal basis for the processing of personal data for the above purpose is art. 6 sec. 1 lit. f GDPR, according to which the Controller may process personal data for the purposes of the legitimate interests pursued by them, in this case conducting marketing activities tailored to the preferences of recipients. Providing the above personal data is voluntary, but necessary to achieve the above purpose (the consequence of not providing them will be the inability for the Controller to conduct marketing activities tailored to the preferences of recipients).

The Controller will process personal data for profiling purposes until an effective objection is raised or the purpose of processing is achieved.

Recipients of personal data

The recipients of personal data will be the following external entities cooperating with the Controller:

1. Supabase, Inc. \- 65 Chulia Street \#38-02/03, OCBC Centre, Singapore 049513
2. Sendinblue, a simplified joint-stock company \- 9-17, rue Salneuve 75017 Paris
3. n8n GmbH \- Novalisstr. 10, 10115, Berlin, Germany
4. HOSTINGER INTERNATIONAL LIMITED, Cyprus private limited company \- 61 Lordou Vironos str., 6023 Larnaca, Cyprus
5. OpenAI, Inc.- 3180 18th Street, San Francisco, CA 94110, USA
6. Deepgram Inc. \- 548 Market St Suite 25104 San Francisco, CA 94104-5401
7. Google LLC \- 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
8. Google Cloud Poland Sp. z o.o \- ul. Rondo Daszyńskiego 2C, 00-843 Warszawa
9. Brevo (Sendinblue) – 17 rue de Salneuve, 75017 Paris, France 
10. SEOHOST Sp. z o.o. – ul. Obornicka 330, 60-689 Poznań, Poland 
11. EmailLabs (Vercom S.A.) – Nowy Rynek Poznań, Budynek D, ul. Wierzbięcice 1B, 61-569 Poznań, Poland 
12. Mollie B.V. – Keizersgracht 126, 1015CW Amsterdam, Netherlands 

Furthermore, personal data may also be transferred to public or private entities if such an obligation results from generally applicable provisions of law, a final court judgment or a final administrative decision.

Transfer of personal data to a third country

In connection with the use by the Controller of services provided, among others, by Google LLC, Meta, Open AL, Deepgram, Your personal data may be transferred to the following third countries: United Kingdom, Canada, USA, Chile, Brazil, Israel, Saudi Arabia, Qatar, India, China, South Korea, Japan, Singapore, Taiwan (Republic of China), Indonesia and Australia. The basis for the transfer of data to the above third countries are:

• in the case of the United Kingdom, Canada, Israel and Japan \- decisions of the European Commission finding an adequate level of personal data protection in each of the above third countries;
• in the case of the USA, Chile, Brazil, Saudi Arabia, Qatar, India, China, South Korea, Singapore, Taiwan (Republic of China), Indonesia and Australia \- contractual clauses ensuring an adequate level of protection, consistent with the standard contractual clauses set out in the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council.

You can obtain from the Controller a copy of the data transferred to a third country.

Rights

In connection with the processing of personal data, You have the following rights:

1. the right to information on what personal data concerning You is processed by the Controller and to receive a copy of this data (the so-called right of access). Issuing the first copy of the data is free of charge, for subsequent ones the Controller may charge a fee;
2. if the processed data becomes outdated or incomplete (or otherwise incorrect), You have the right to request its rectification;
3. in certain situations, You can ask the Controller to delete Your personal data, e.g. when:
   1. the data is no longer needed by the Controller for the purposes of which they informed;
   2. You have effectively withdrawn consent to data processing \- provided that the Controller does not have the right to process data on another legal basis;
   3. the processing is unlawful;
   4. the necessity to delete data results from a legal obligation imposed on the Controller;
4. in the case where personal data is processed by the Controller on the basis of consent granted for processing or in order to perform the Agreement concluded with them, You have the right to transfer Your data to another controller;
5. in the case where personal data is processed by the Controller on the basis of consent granted by You for processing, You have the right to withdraw this consent at any time (withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal);
6. if You consider that the processed personal data is incorrect, its processing is unlawful, or the Controller no longer needs specific data, You can request that for a specific, necessary time (e.g. checking the correctness of data or pursuing claims) the Controller does not perform any operations on the data, but only stores it;
7. You have the right to object to the processing of personal data, the basis for processing of which is the legitimate interest of the Controller. In the event of an effective objection, the Controller will stop processing personal data for the above purpose;
8. You have the right to lodge a complaint with the President of the Personal Data Protection Office if You consider that the processing of personal data violates the provisions of the GDPR.

Cookies

1. The Controller informs that the Application uses “cookies”, installed on Your end device. These are small text files that can be read by the Controller’s system, as well as by systems belonging to other entities whose services the Controller uses (e.g. Facebook, Google).
2. The Controller uses cookies for the following purposes:
   1. ensuring the proper operation of the Application – thanks to cookies, it is possible for the Application to operate efficiently, use its functions and comfortably move between individual subpages;
   2. increasing the comfort of using the Application – thanks to cookies, it is possible to detect errors on some subpages and constantly improve them;
   3. creating statistics – cookies are used to analyze how users use the Application. Thanks to this, it is possible to constantly improve the Application and adapt its operation to users’ preferences;
   4. conducting marketing activities – thanks to cookies, the Controller can direct advertisements tailored to users’ preferences to them.
3. The Controller may place both permanent and temporary (session) files on Your device. Session files are usually deleted when the browser is closed, while closing the browser does not delete permanent files.
4. Information about cookies used by the Controller is displayed in the panel located at the bottom of the Application’s website. Depending on Your decision, You can enable or disable cookies of individual categories (except for necessary cookies) and change these settings at any time.
5. Detailed information on the types of cookies used by the Controller can be found in the panel located at the bottom of the Application’s website.
6. Data collected using cookies does not allow the Controller to identify You.
7. Through most commonly used browsers, You can check whether cookies have been installed on Your end device, as well as delete installed cookies and block their installation in the future by the Application. Disabling or limiting the handling of cookies may, however, cause quite serious difficulties in using the Application, e.g. in the form of the necessity to log in on each subpage, a longer loading period of the Application, limitations in using some functionalities.

Final provisions

In matters not covered by the Policy, generally applicable provisions on personal data protection shall apply.

The Policy is effective from 01.01.2026.