Play.ht’s commitment to GDPR

The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union.

If your company needs to ensure it is GDPR-compliant, it also needs to ensure its providers (i.e. Play.ht) are also GDPR compliant. Play.ht is GDPR-compliant, and strictly enforces the regulation as to protect the user data we store.

Last updated: March 13, 2022

Types of Data collected

If you are a Visitor, User or Business Partner, we may collect one or both of the following types of data from you when you use or access our website, the Services or when you interact with the Technology, as applicable.

The first type of data is aggregated, non-personal, non-identifiable information pertaining to your use of the website or interaction with the Technology (“Non-personal Data “). We are not aware of the identity of the individual from which the Non-personal Data is collected. Non-Personal Data may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information about your device (e.g., the device you use, the type of browser and operating system your device uses, language preferences, access times and the website’s domain name from which you accessed the Services, etc.), in order to enhance the functionality of the Services and for security and functionality purposes.

The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Data“).

For the avoidance of doubt, if we combine Personal Data with Non-personal Data, the combined data will be treated as Personal Data as long as the data types remain combined. We act as a Processor of a User's Personal Data that we process on behalf of our Business Partners. We are considered to be the Controller of the Personal Data we collect from our Business Partners and Visitors.

The types of data that we collect as well as our reasons for processing such data are specified in the tables below:

Data We Collect from Business Partners and Visitors

Type of Data

How do we Use it

Data Provided Voluntarily: If you voluntarily contact us in any manner, whether via our contact form on our website, request a demo, via email, etc., you may be asked to provide us with your contact information such as your full name and email address as well as your Company name and job title.

We will use this data solely for the purpose of responding to your inquiries and to provide you with the support or information you requested. We will retain our correspondence with you for as long as we find necessary, subject to applicable law.

Business Partner’s Registration: If you wish to partner with us and integrate the Technology within your Digital Assets you will be requested to register and create an account. During the registration you will be requested to provide your contact details such as your name, email address, phone number and company name. You may also provide us with your email address through registration or other means of communications if you choose to download our Technology through third parties' plugin or app marketplace.

We will use this data to provide the Services and designate your account. Your contact details will be used in order to send you needed information related to our Services and our business engagement (e.g., send you a welcome message, notify you regarding any updates to our Services, send inquiries regarding your use of our Technology and Services for example where we detect you have failed to complete the download or otherwise reached the offered cap, send applicable invoices, etc.) and additional occasional communications and updates related to the Services, as well as provide you with tips related to our Services, and promotional and marketing emails. We may also use the information in order to verify your identity, including by sending you a text message for password verification purposes. We use a third-party payment processor to process the payments in consideration for our Services. We will not obtain your payment details other than as needed for validation purposes (e.g., 4 digits, BIN, expiry date). The processing of your payment details will be subject to the applicable third-party processor's policies.

Newsletter & Marketing List Subscription: If you voluntarily subscribe to our newsletter through our website, or otherwise agree to receive our updates and content, you may be requested to provide us with your contact information such as your name, email address and company name. You can unsubscribe at any time using the unsubscribe option within the body of the applicable email correspondence or by contacting us directly.

We use this data solely in order to provide you with the content that you requested to receive. The Company uses Crisp and Sendinblue for its email marketing services. Please review their privacy policies here:

https://crisp.chat/en/privacy/

https://www.sendinblue.com/legal/privacypolicy/

IP and Technical Data: When you access our website or interact with our Services, we may collect certain online identifiers (e.g. your IP address) as well as technical Non-Personal Data (e.g. the type of operating system, type of browser, device type, access time and date, directing URL and your approximate geographical location).

We use this data for our legitimate interests of: (i) operating, providing, maintaining, protecting, managing, customizing and improving our website and the way in which we offer it; (ii) enhancing your experience; (iii) auditing and tracking usage statistics and traffic flow; and (iv) protecting the security of our website. We will obtain your consent, if we are required to do so in accordance with applicable law when we use third party cookies on our website.

Data We Collect from Users:

Type of Data

Purpose of Processing

Online Identifiers & Technical Usage Personal Data: The Company may collect information regarding a User's interaction with the Services. Such information may include Online Identifiers such as the User's IP address, Advertising ID and IDFA. We may also assign a unique ID to your browser. The Company may also collect technical Data, such as, the type of operating system used, the type of browser, device type, access time and date, certain browsing data (e.g. directing URL) and the User's approximate geographical location.

We use this data for (i) operating, providing, maintaining, protecting, managing, customizing and improving our Services and the way in which we offer them as well as. In some cases, to provide Users with personalized Ads; (ii) enhancing your experience; and (iii) auditing and tracking usage statistics and traffic flow as well as calculating payments related to the Services, we provide to Business Partners. Where required under applicable law, we will require our Business Partner to obtain your consent to collect such data and share it with us. Note that, we use Google Ad Manager to operate our advertising campaigns. Google may use and retain certain types of data subject to its policies. Additional information can be found here.

Audio Widgets

Our Audio Widgets include: Article Player and Audio Buttons.

How Play.ht collects Data

Depending on the nature of your interaction with the website or the Services, the above mentioned data may be collected as follows:

Who do we disclose Information to?

We do not share your Personal Data with third parties except as specifically mentioned herein:

Our third parties help us use your personal information, as described above, and include:

Third-Party

Privacy Policy and Opt-Out

Firebase

https://firebase.google.com/support/privacy

Google Cloud

https://cloud.google.com/terms/cloud-privacy-notice

Google Analytics

https://policies.google.com/privacy

Hotjar

https://www.hotjar.com/legal/policies/privacy/

Mailgun

https://www.mailgun.com/privacy-policy/

Sendinblue

https://www.sendinblue.com/legal/privacypolicy/

Crisp

https://crisp.chat/en/privacy/

Stripe

https://stripe.com/en-in/privacy

Amazon Web Services

https://aws.amazon.com/privacy/

Google

https://policies.google.com/privacy

IBM

https://www.ibm.com/privacy

Microsoft Azure

https://azure.microsoft.com/en-in/support/legal/

Rewardful

https://www.rewardful.com/privacy

Government third parties, including government agencies, regulatory bodies and law enforcement agencies as required, authorized or permitted by law

Your Individual Rights

Please review our Privacy Rights Policy to learn more.

Change in Control or Sale

We can also share your personal information as part of a sale, merger or change in control, or in preparation for any of these events. Any other entity which buys us or part of our business will have the right to continue to use your information, but only in the manner set out in this Policy unless you agree otherwise.

International transfers of personal information (for users in the Designated Countries)

For our users in the Designated Countries, where we transfer your personal information to a third party provider that is not located in the Designated Country and is not subject to an adequacy decision by the EU Commission, we will require those third party providers to enter into an agreement that provides appropriate safeguards for your information.

Security

Our team closely monitors any unauthorized system access, and has put in place multiple preventive measures to reduce the attack surface on our systems and services. In 4 years, Play.ht has had 0 major security issues, with only a few minor ones, which we fixed the same day they were reported (those would not have allowed a hack or data breach).

Data Retention

We generally retain your personal information as long as you keep your account open or as needed to provide you Services. This includes data you or others provided to us and data generated or inferred from your use of our Services. In some cases we choose to retain certain information (e.g., insights about Services use) in a depersonalized or aggregated form.

Data Protection Officer

Play.ht has a designated Data Protection Officer, as required by GDPR:

Syed Mohammed Zubair
Role: Director of Account Management and Customer Success
Email: [email protected]