Legal

Privacy Policy

Effective date: April 7, 2026

Last updated: April 7, 2026

This Privacy Policy describes how AI Podcast, Inc. ("aipodcast," "we," "us," or "our") collects, uses, shares, and protects personal information in connection with:

(a) the website at aipodcast.io and any subdomains (the "Site"),

(b) the speech datasets, transcripts, metadata, and related materials we license to customers (the "Content"),

(d) any other services we provide (collectively, the "Services").

We take privacy seriously because our entire business depends on it. Every recording in our catalog is backed by a signed release from a real person, and every customer who licenses our data does so under a contract that includes specific privacy protections. This Policy explains what that looks like in practice — for visitors to our Site, for podcasters and speakers in our catalog, and for the customers who buy from us.

1. Quick Summary

If you're short on time, here's the short version. The full policy follows.

For Site visitors: We collect basic analytics, the contact information you give us in forms, and standard server logs. We use this to improve the Site and respond to inquiries. We do not sell your personal information.

For podcasters and speakers in our catalog: We collect audio recordings, basic identity information, recording metadata, and a signed release granting us the right to license your audio for AI training. You retain ownership of your audio, you can revoke consent at any time, and we maintain a documented chain of consent linking every file in our catalog back to you.

For customers who license our Content: Personal information about your authorized users (names, work emails, billing details) is processed to deliver the Services and is governed by our Terms of Service and any Data Processing Addendum we sign with you.

For everyone: We don't sell personal information. We don't use your data to train models without consent. We honor every privacy right available to you under applicable law (GDPR, UK GDPR, CCPA/CPRA, BIPA, and others). We maintain reasonable administrative, technical, and physical safeguards. Questions: privacy@aipodcast.io.

2. Information We Collect

2.1 From Site visitors

Information you provide directly. When you fill out a contact form, request a sample, subscribe to our newsletter, or email us, we collect the information you give us — typically your name, work email, company name, job title, and the message or use case you describe.
Automatically collected information. When you visit the Site, we automatically collect standard server logs and analytics data, including IP address, browser type, operating system, device identifiers, referring URL, pages viewed, time on page, and timestamps.
Cookies and similar technologies. We use a small number of cookies and similar technologies to make the Site work and to understand how it is used. See Section 11 for details and your choices.

2.2 From podcasters and speakers in our catalog

When you submit audio to us, become part of our network, or sign a release, we collect:

Identity information: name, email, phone number (optional), business or show name, country of residence, and payment information (bank account or payment processor identifier) for paying you.
Source Audio: the audio recordings you license to us, in their original form, plus any additional recordings we commission from you.
Recording metadata: sample rate, bit depth, microphone model, recording environment, language, accent or dialect, recording date.
Speaker metadata: language(s) spoken, accent or regional dialect, age range, gender (self-reported and optional), and similar attributes you choose to share for the purpose of describing the audio to potential licensees.
Consent records: the signed release, the version of the release, the date of signature, the IP address of signing, and any subsequent updates or revocation requests. We store these in a secured consent vault (Section 5).
Voice biometric verification: for verification purposes, we may ask you to record a short script and may compare voiceprints to confirm that the speaker on a submitted catalog matches the speaker on the contract. We use this only for verification, we do not use it to train any model, and we delete the verification recording after 12 months unless a longer period is required for compliance. For residents of jurisdictions with biometric privacy laws (Illinois, Texas, Washington, and others), we will obtain separate written consent before any voiceprint comparison.

2.3 From customers who license our Content

Account and billing information: business contact details, billing address, payment information, tax identification.
Authorized user information: names, work email addresses, and roles of the individuals authorized by Customer to access the Services.
Order details: the Datasets licensed, license type, fees, delivery preferences.
Usage information: logs of access, downloads, API calls, and similar interactions necessary to deliver and audit the Services.

2.4 From third parties

We may receive limited information about you from:

Public sources (e.g., LinkedIn, your company website, podcast directories) when we research potential customers or supply partners.
Service providers who help us run the business (email delivery, payment processing, analytics, customer support — see Section 6).
Referrals — when someone refers you to us as a potential customer, partner, or speaker.

3. How We Use Information

We use the information we collect for the purposes described below. We rely on the legal bases noted in Section 4 for each purpose.

3.1 To run the Site and respond to inquiries

Operating, securing, and improving the Site.
Responding to your messages, sample requests, and other inquiries.
Sending administrative or transactional emails (e.g., confirming a sample request).
Sending marketing communications, where you have opted in or where permitted under applicable law. You can opt out of marketing emails at any time using the unsubscribe link or by emailing privacy@aipodcast.io.

3.2 To deliver Datasets to customers

Processing orders, generating manifests, and delivering Content to customer cloud storage.
Providing customer support and account management.
Billing, invoicing, and collecting payment.
Maintaining audit trails as required by our internal controls and customer contracts.

3.3 To source, manage, and pay speakers

Verifying that speakers are who they say they are (including, with separate consent, voice biometric verification).
Maintaining the consent vault that backs every file in our catalog.
Paying speakers in accordance with their contracts.
Notifying speakers when their audio is used in a new license.
Honoring revocation and other speaker rights.

3.4 To comply with law and protect our interests

Complying with legal obligations, court orders, and government requests.
Enforcing our Terms of Service, contracts, and Acceptable Use policies.
Detecting, preventing, and investigating fraud, abuse, security incidents, and unlawful activity.
Protecting the rights, property, and safety of aipodcast, our customers, our speakers, and the public.

3.5 To improve the Services

Analyzing how the Site and Services are used, in aggregate and de-identified form, to improve product and content.
Developing new features, datasets, and business lines.

3.6 What we do NOT do

We do not sell personal information for monetary consideration.
We do not "share" personal information for cross-context behavioral advertising as that term is defined under the CPRA.
We do not use Source Audio or any voice biometric data to train our own generative models. We license Content to customers who train their models — and only under contracts that prohibit unauthorized use.
We do not use information from Site contact forms to make automated decisions that produce legal or similarly significant effects.

4. Legal Bases for Processing (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under Article 6(1) of the GDPR / UK GDPR:

Purpose	Legal basis
Operating the Site, responding to inquiries, processing orders	Contract (Art. 6(1)(b)) and our legitimate interest in running the business (Art. 6(1)(f))
Sending marketing communications	Consent (Art. 6(1)(a)) where required, otherwise our legitimate interest in promoting our Services to business contacts (Art. 6(1)(f))
Sourcing audio and managing speaker relationships	Consent (Art. 6(1)(a)) and contract (Art. 6(1)(b))
Voice biometric verification	Explicit consent (Art. 9(2)(a)) — voice biometrics are special-category data and we will not process them without your separate, explicit, written consent
Complying with law	Legal obligation (Art. 6(1)(c))
Detecting fraud and protecting our Services	Legitimate interest (Art. 6(1)(f))

You have the right to withdraw consent at any time where consent is the legal basis. Withdrawal does not affect the lawfulness of processing prior to withdrawal. To object to processing based on legitimate interest, contact privacy@aipodcast.io.

5. The Consent Vault

Because our business depends on the integrity of speaker consent, we maintain a dedicated consent vault that links every file in our catalog to a signed release. The consent vault includes:

The signed release (PDF and structured metadata).
The release version, date of signature, and signing IP address.
A unique consent record ID that travels with every file we deliver.
A complete history of revocation requests and the actions we took in response.
A complete history of customers who have received the file.

We store the consent vault separately from the Source Audio, with stricter access controls. Access to the consent vault is restricted to authorized personnel and is logged. Speaker contact information is encrypted at rest. The consent vault is retained for the longer of (a) the lifetime of the catalog file plus seven (7) years or (b) the period required by applicable law.

Customers may request a redacted excerpt of a release for their legal review. We do not disclose speaker contact information or other personal identifiers to customers absent a separate written agreement.

6. How We Share Information

We share personal information only as described below.

6.1 With our customers (carefully limited)

When we deliver Content to a licensee, we share only the information necessary to fulfill the license:

Pseudonymized speaker metadata (language, accent, age range, gender, equipment) — never personal identifiers like real names, contact information, or location.
Consent record IDs that link to (but do not contain) the underlying release.
Aggregated provenance information.

We do not share speaker names, contact information, or any data that would allow a customer to re-identify a speaker, except (i) where the speaker has expressly consented in writing for that customer, or (ii) where required by law.

6.2 With service providers

We share information with vendors who help us run the business, including:

Cloud hosting and storage: AWS, Google Cloud, or similar
Payment processing: Stripe, Wise, or similar
Email delivery and support: Postmark, Help Scout, or similar
Analytics: Plausible, Fathom, or similar privacy-respecting analytics
Identity and authentication: Auth0, Clerk, or similar
Legal, accounting, and professional advisors

Our service providers are bound by contractual obligations to use personal information only as needed to provide services to us, to maintain confidentiality, and to implement reasonable security safeguards. A current list of sub-processors is maintained at aipodcast.io/security/subprocessors.

6.3 With legal and regulatory authorities

We may disclose personal information when we believe in good faith that disclosure is necessary to:

Comply with applicable law, regulation, legal process, or government request.
Enforce our Terms of Service or other agreements.
Protect the rights, property, or safety of aipodcast, our customers, our speakers, or the public.
Investigate, prevent, or respond to suspected or actual fraud, security incidents, or illegal activity.

We will notify affected individuals of any law enforcement request unless legally prohibited.

6.4 In a corporate transaction

If aipodcast is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or part of its assets, personal information may be transferred to the surviving entity or buyer. We will require the recipient to honor the commitments in this Policy, and we will provide notice to affected individuals.

6.5 With your consent

We share personal information for any other purpose with your consent.

6.6 We do NOT sell personal information

aipodcast does not sell personal information for monetary consideration and does not "share" personal information for cross-context behavioral advertising as those terms are defined under the California Privacy Rights Act (CPRA). If this changes in the future, we will update this Policy and provide notice consistent with applicable law.

7. International Data Transfers

We are headquartered in the United States. Personal information we collect may be transferred to, stored in, and processed in the United States and other countries where we or our service providers operate. These countries may have data protection laws different from those of your country.

When we transfer personal information of EEA, UK, or Swiss residents outside of those regions, we rely on appropriate transfer mechanisms, including:

Standard Contractual Clauses ("SCCs") approved by the European Commission, supplemented as necessary in light of the Schrems II decision.
The UK International Data Transfer Addendum for transfers from the UK.
Adequacy decisions where the European Commission has determined that the destination country provides an adequate level of protection.

For copies of the safeguards in place, contact privacy@aipodcast.io.

8. Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy or as required by law.

Category	Typical retention period
Site contact form submissions	24 months from submission, unless you become a customer or speaker
Customer account and billing records	Duration of relationship + 7 years (tax and audit)
Customer order history and contracts	Duration of license + 7 years
Speaker releases (consent vault)	Duration of catalog file + 7 years, or as required by law
Source Audio	Duration of license relationship; deleted upon valid revocation in accordance with Section 8 of the Terms of Service
Voice biometric verification recordings	12 months from verification, or earlier on request
Site analytics (de-identified)	24 months
Server logs	90 days
Marketing email lists	Until you unsubscribe, plus a suppression record to honor your opt-out
Records required for legal claims or investigations	Duration of the matter + applicable statute of limitations

When personal information is no longer needed, we delete or de-identify it in accordance with our retention schedule.

9. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, and destruction. These include:

Encryption of data in transit (TLS 1.2 or higher) and at rest (AES-256).
Role-based access controls and the principle of least privilege.
Multi-factor authentication for employee and contractor access.
Audit logging and anomaly detection on the consent vault and customer delivery systems.
Regular vulnerability scanning and security testing.
A documented incident response plan and an incident notification commitment described in Section 13.
Vendor security reviews for material sub-processors.
A SOC 2 Type II program currently [in progress / completed].

No system can be guaranteed 100% secure. If you believe your interaction with us is no longer secure, please notify us immediately at security@aipodcast.io.

10. Your Rights

Depending on where you live and the type of relationship you have with us, you may have the following rights with respect to your personal information.

10.1 Rights available to all users

You can always:

Ask us what personal information we hold about you.
Ask us to correct inaccurate personal information.
Ask us to delete personal information.
Opt out of marketing communications at any time.
Lodge a complaint with us at privacy@aipodcast.io.

10.2 Rights for residents of the EEA, UK, and Switzerland (GDPR / UK GDPR)

You have the right to:

Access your personal information.
Rectification of inaccurate or incomplete information.
Erasure ("right to be forgotten") in certain circumstances.
Restriction of processing in certain circumstances.
Objection to processing based on legitimate interest, including for direct marketing.
Data portability for information you provided to us, where processing is based on consent or contract.
Withdrawal of consent where processing is based on consent.
Lodging a complaint with your local data protection authority. A list of EU supervisory authorities is available at edpb.europa.eu.

10.3 Rights for California residents (CCPA / CPRA)

You have the right to:

Know what personal information we collect, the sources, the purposes, and the categories of recipients.
Access the specific personal information we hold about you.
Delete personal information we hold about you, subject to legal exceptions.
Correct inaccurate personal information.
Opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under the CPRA.
Limit the use and disclosure of sensitive personal information, including voice biometric data.
Non-discrimination for exercising your rights.

You also have the right to designate an authorized agent to make a request on your behalf.

10.4 Rights for residents of other U.S. states

Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and other states with comprehensive privacy laws have similar rights. We honor requests under all applicable state privacy laws using the same intake process described below.

10.5 Biometric privacy (Illinois, Texas, Washington, and similar)

We will not collect, capture, store, or otherwise process voice biometric identifiers without first (a) informing you in writing that the data is being collected, (b) informing you in writing of the purpose and length of storage, and (c) obtaining your written consent. We will not sell, lease, trade, or otherwise profit from your voice biometric data.

10.6 How to exercise your rights

To exercise any of these rights, email privacy@aipodcast.io with the subject line "Privacy Rights Request" and include enough information for us to verify your identity. We will respond within the time required by applicable law (typically 30 days for GDPR, 45 days for CCPA, with possible extensions).

We may need to verify your identity before completing your request. For sensitive requests (such as deletion of consent vault records), we may use a higher-assurance verification method. We will not charge a fee for the first request in any 12-month period.

11. Cookies and Tracking

We use a small set of cookies and similar technologies on the Site:

Strictly necessary cookies: required for basic Site functionality (e.g., session management, security). These cannot be disabled.
Analytics cookies: to understand how the Site is used. We use a privacy-respecting analytics provider that does not use third-party tracking cookies and does not track users across sites.
Functional cookies: to remember preferences (e.g., language).

We do not use cookies for advertising or cross-context behavioral tracking.

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. If you disable strictly necessary cookies, parts of the Site may not function properly. If you use a Global Privacy Control (GPC) signal, we honor it as an opt-out preference signal under applicable law.

12. Children's Privacy

The Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. If you are a parent or guardian and you believe your child has provided us with personal information, contact us at privacy@aipodcast.io and we will delete the information.

We do not include Source Audio from individuals under the age of 18 in our catalog. If we become aware that any Source Audio includes a person under 18 without verified parental consent, we will remove that Source Audio from the catalog and notify any affected customers.

13. Data Breach Notification

If we become aware of a security incident that has resulted in unauthorized access to, disclosure of, or loss of personal information, we will:

Investigate promptly.
Notify affected individuals and applicable regulators within the time required by law (typically 72 hours for GDPR notifications to supervisory authorities, and "without unreasonable delay" to affected individuals).
Notify any customer whose Confidential Information or Content is implicated, in accordance with the Terms of Service and any applicable Data Processing Addendum.
Take reasonable steps to mitigate the impact and prevent recurrence.

To report a suspected security issue, email security@aipodcast.io.

14. Automated Decision-Making

We do not use personal information for automated decision-making that produces legal or similarly significant effects on individuals (within the meaning of GDPR Art. 22).

15. Third-Party Links and Services

The Site may contain links to third-party websites, services, or applications. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to read the privacy policies of any third-party services you use.

16. Notice for Customers (Controller / Processor Roles)

For most personal information that flows through the Services, aipodcast acts as an independent controller — for example, with respect to the personal information of speakers in our catalog and visitors to the Site. With respect to certain customer-side personal information processed in connection with delivering the Services to a customer (such as authorized user account information), aipodcast may act as a processor on behalf of the customer, in which case the relationship is governed by a Data Processing Addendum.

Customers who require a DPA, Standard Contractual Clauses, or specific data residency commitments should contact privacy@aipodcast.io.

17. Notice for Speakers and Podcasters

If you are a speaker whose audio is in our catalog (or being considered for it), the following rights and commitments apply specifically to you:

You retain ownership of your audio. We license it from you under a contract you sign.
You can revoke your consent at any time by emailing privacy@aipodcast.io. Upon revocation, we will (i) remove the audio from our catalog within 15 business days, (ii) notify any customer who has previously received the audio, and (iii) update the consent vault to reflect the revocation. Models that customers have already trained on the audio are not retroactively affected, but the audio cannot be used in any new training run after the revocation date.
We will not use your audio to create a voice clone of you, and we will not license your audio to a customer for voice cloning or impersonation purposes, without your separate, specific, written consent and additional compensation.
We will not share your real name, contact information, or any direct identifier with a customer absent your explicit written consent.
You can request a copy of your release and any associated consent vault records at any time.
You can ask us to correct or delete personal information we hold about you, subject to legal exceptions (for example, we may need to retain billing records for tax purposes).

18. Changes to This Policy

We may update this Policy from time to time. If we make a material change, we will notify you by email (if we have your email address) or by posting a prominent notice on the Site at least 30 days before the change takes effect, unless a shorter period is required by law. The "Last updated" date at the top reflects when this Policy was most recently revised.

19. Contact Us

If you have any questions, concerns, or requests about this Policy or our privacy practices:

General privacy questions: privacy@aipodcast.io

Security issues and incident reports: security@aipodcast.io

Speaker consent and revocation requests: privacy@aipodcast.io

Customer DPAs and legal inquiries: legal@aipodcast.io

Postal mail:

AI Podcast, Inc.

Attn: Privacy

Phoenix, Arizona, USA

EU/UK Representatives

If you are located in the EEA or the UK, you can also contact:

EU Representative (per GDPR Art. 27):
UK Representative (per UK GDPR Art. 27):

You also have the right to lodge a complaint with your local data protection authority.