Privacy Policy

Last updated: March 12, 2026

This privacy policy aims to inform users of the VoLog platform (hereinafter the "Platform") about how their personal data is collected, used, and protected, in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act.

It complements the legal notices and the General Terms of Use available at the following address: https://volog.app/legal/conditions-generales

ARTICLE 1 - PREAMBLE

Personal data means any information that makes it possible to identify, directly or indirectly, a natural person (e.g., email address, IP address, account identifier).

This policy aims to inform users:

  • about the personal data collected;
  • about the purposes and legal basis of processing;
  • about data recipients;
  • about their rights;
  • about the Platform's cookie policy.

ARTICLE 2 - PRINCIPLES APPLICABLE TO DATA PROCESSING

In accordance with Article 5 of the GDPR, personal data are:

  • processed lawfully, fairly, and transparently;
  • collected for specified, explicit, and legitimate purposes;
  • adequate, relevant, and limited to what is necessary;
  • accurate and kept up to date where necessary;
  • kept for a limited period;
  • protected by appropriate security measures.

Processing is lawful only if it is based on at least one of the following grounds:

  • the user's consent;
  • performance of a contract;
  • a legal obligation;
  • the legitimate interest of the data controller.

ARTICLE 3 - DATA COLLECTED AND PROCESSED

Article 3.1 - Collected data

As part of the use of the Platform, the following data may be collected:

Identification data

  • Email address
  • Username
  • Password (encrypted)
  • Identifiers from third-party services (Google, Discord)

Usage data

  • Campaigns, sessions, notes, characters, and preferences created by the user
  • Text content, images, documents, or audio files provided by the user, including audio imported after confirming participant information and authorization
  • Content made public voluntarily via public campaign or session sharing

Technical data

  • IP address
  • Connection logs
  • Browsing data
  • Browser and device type
  • Anonymized browsing data used for minimal audience measurement

Billing data

  • Subscriptions, credits, invoices
  • Payment history

(Banking data is never stored by VoLog)

Article 3.2 - Purposes of processing

Personal data is collected for the following purposes:

  • creation and management of user accounts;
  • provision of Platform features, including audio import, transcription, and user-requested content generation (contract performance);
  • backup, organization, and retrieval of content (contract performance);
  • management of subscriptions, payments, and credits (contract performance and legal billing obligations);
  • security and abuse prevention (legitimate interest);
  • user support and service-related communications (contract performance);
  • continuous improvement of the Platform (legitimate interest, while respecting private content);
  • minimal and anonymized audience measurement to improve the user experience (legitimate interest).

Article 3.3 - Collection method

Some data is collected automatically during browsing:

  • IP address;
  • session and security data;
  • technical logs;
  • anonymized browsing data for minimal audience measurement.

Other data is collected when the user:

  • creates an account;
  • enters, imports, or generates content;
  • subscribes to a plan or purchases credits;
  • uses public sharing or search features;
  • browses public or private pages of the Platform.

Article 3.4 - Retention period

Data is retained:

  • as long as the user account is active;
  • until the account is deleted by the user;
  • then deleted or anonymized within a reasonable period.

Certain data is kept longer to meet legal obligations or under specific product rules:

  • billing data: 10 years;
  • technical and security logs: 12 months maximum; audio files: deleted as soon as they are no longer needed, and no later than 45 days in the remaining cases.

Article 3.5 - Hosting and subprocessors

The Platform is hosted by professional providers that meet security and GDPR compliance requirements.

Data may be transferred to processors needed for service operation or for the purposes described in this policy, including:

  • hosting and infrastructure;
  • payment provider (Stripe);
  • transactional email delivery services;
  • file processing, transcription, and AI services, including OpenAI when assisted features are used;
  • a privacy-friendly audience measurement service;
  • Reddit Ads Conversions API, only to measure conversions attributed to a Reddit campaign through a click identifier passed in the URL.

These providers act only on VoLog's instructions.

Article 3.6 - Transfers outside the European Union

The use of certain third-party services integrated into the Platform may involve data transfers to countries located outside the European Union.

Where applicable, these transfers are governed by the legal mechanisms provided for by the GDPR, including the standard contractual clauses approved by the European Commission.

Article 3.7 - Automated processing

Some Platform features rely on automated processing intended to organize, rephrase, or search the content provided by the user.

They are triggered at the user's request or when strictly necessary for the relevant features to function. Manual audio imports require a prior confirmation that the recorded participants have been informed and that the user has the necessary authorization.

These processes:

  • are not intended to produce legal effects with regard to the user;
  • do not constitute automated decision-making within the meaning of Article 22 of the GDPR.

ARTICLE 4 - DATA CONTROLLER

The data controller is:
VoLog
Website: https://volog.app
contact@volog.app

VoLog is not required to appoint a Data Protection Officer (DPO).

ARTICLE 5 - USERS' RIGHTS

In accordance with the GDPR, the user has the following rights:

  • right of access;
  • right to rectification;
  • right to erasure;
  • right to restriction of processing;
  • right to object;
  • right to data portability;
  • right to give instructions about their personal data after death;
  • right to lodge a complaint with the competent supervisory authority (CNIL).

Rights may be exercised by email at: contact@volog.app

When the user relies on a third-party authentication service (for example Google or Discord), some associated data may also be managed from the relevant third-party account.

ARTICLE 6 - COOKIES

The Platform uses only cookies strictly necessary for its operation, together with minimal audience measurement configured without advertising cookies or cross-site tracking.

Reddit Ads conversion measurement is performed server-side, without Reddit Pixel or advertising cookie: VoLog only keeps the rdt_cid click identifier received in the URL and does not send Reddit any email, IP address, or User-Agent. This measurement does not involve a marketing consent banner.

The user may configure their browser to limit certain technical cookies, subject to possible degradation of the service.

ARTICLE 7 - POLICY CHANGES

VoLog reserves the right to modify this policy at any time to ensure compliance with applicable legislation.

Users are encouraged to consult this page regularly.