Privacy Policy

SL-NS Transcripts is responsible for the personal information under its control, including information transferred to third parties for processing (such as Microsoft Azure).

Privacy Officer: Steora has appointed a Privacy Officer accountable for compliance with this policy.

Contact: Please see "Contact Us" contact details.

A. Personal Information You Directly Provide

(PIPEDA Principles 2 & 4: Identifying Purposes and Limiting Collection)

• Contact & Account Data: Name, email address, telephone number, and payment/billing address (if applicable).
• Customer Content: The audio or video files you upload and the resulting text transcripts. This is considered highly sensitive data.
• Correspondence: Information contained in communications with us, such as support tickets or email exchanges.

B. Technical and Usage Data Collected Automatically

• Log Data: IP address, browser type, operating system, pages viewed, and access times.
• Cookies: Small data files placed on your device to maintain session integrity, remember your preferences, and analyze site traffic.

We collect, use, and disclose your personal information only with your knowledge and meaningful consent, except where legally required or permitted without consent.

Meaningful Consent: By registering for an account, uploading files, or submitting information via a form, you are providing your express consent to the collection, use, and disclosure of your personal information as outlined in this policy.

Withdrawal of Consent: You may withdraw your consent at any time, subject to legal or contractual restrictions, by contacting us. Withdrawing consent may limit our ability to provide you with certain Services.

We use trusted third-party service providers to support our operations. These providers are bound by contractual obligations to protect your personal information and limit its use to the purposes specified by us.

A. Microsoft Azure Disclosure (Cloud Computing and Storage)

• Data Hosting and Processing: We rely on Microsoft Azure to host our website, manage application infrastructure, and securely store and process your Customer Content (files and transcripts).
• Microsoft's Role: Microsoft acts as a data processor on our behalf, providing the underlying computing, storage, and networking resources.
• Security and Location: We select the Azure Region(s) where your data is stored (e.g., Canadian data centres, if available and selected). We leverage Microsoft's industry-leading security commitments to safeguard your data.
• Contractual Terms: Our relationship with Microsoft is governed by the Microsoft Products and Services Data Protection Addendum ("DPA"), which outlines both our and Microsoft's obligations regarding the processing and security of your data.
• Microsoft Privacy: For more information on Microsoft's own data practices, please review the Microsoft Privacy Statement.

B. Google reCAPTCHA Disclosure (Spam and Abuse Prevention)

• We use Google reCAPTCHA on our forms (e.g., sign-up, contact) to protect against bots and abuse.
• Data Collected: The reCAPTCHA service collects certain user and device information for the sole purpose of determining if the user is human. This may include your IP address, the date and time of the visit, browser and device information, and interaction patterns with the web page.
• Purpose: The information collected is used by Google to provide, maintain, and improve the reCAPTCHA service and for general security purposes. The data is not used by Google for personalized advertising.
• Google's Policy: By using our Services, you consent to the data collection and processing by Google in accordance with the Google Privacy Policy and Google Terms of Service.

We implement reasonable physical, organisational, and technical security safeguards appropriate to the sensitivity of the information.

• Encryption: Customer Content is protected by encryption both in transit (using SSL/TLS) and at rest (storage encryption within Azure).
• Access Control: Access to Customer Content is strictly limited to authorised personnel necessary for service delivery, troubleshooting, and support.

You have the right to be informed of the existence, use, and disclosure of your personal information and to challenge the accuracy and completeness of that information.

Access Request: To request access to your personal information, please submit a written request to us. We will respond to your request within the timeframe required by PIPEDA (generally 30 days) and provide the information in an understandable format.

Correction: You may update or correct your account information directly through your online account settings, or by submitting a written request to our Privacy Officer.

We are committed to making our privacy policies and practices easily understandable and readily available. If you have any questions, concerns, or wish to challenge our compliance with this policy or PIPEDA, please contact: