Privacy Policy

Last updated: January 28, 2026

1. Introduction

About Us

Calybro is a transcription and content generation service operated by Digispark SRL, a company incorporated in Italy with VAT number IT04085591206 ("we," "us," "our," or "Service"). We provide professional audio and video transcription services, AI-powered summaries, translations, and related content generation tools through our online platform at https://calybro.com (the "Website").

About this Privacy Policy

This Privacy Policy (the "Policy") describes how we collect, use, store, and protect your personal information when you use our transcription and content generation service. Data protection refers to the safeguarding of personal data, as defined by the General Data Protection Regulation ("GDPR"), which encompasses any information pertaining to an identified or identifiable natural person.

Data Controller: Digispark SRL operates as the data controller for personal information processed through our platform.

Scope: This policy applies to our software-as-a-service transcription platform and all related services, including but not limited to audio/video transcription, AI-powered summaries, translations, subtitle generation, and URL-based transcription features.

In compliance with data protection regulations, your personal data will:

• Be used in a legal, fair, and transparent manner
• Only be collected for valid purposes that we have clearly explained to you and will not be used in a manner incompatible with those purposes
• Be relevant to the purposes we have disclosed to you and limited only to those purposes
• Be accurate and up to date
• Be retained only for as long as necessary to fulfil the purposes we have indicated to you
• Be kept and stored securely

We take our responsibilities seriously with regard to the processing of personal data. Please note that our Website may contain links to third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third-party websites.

The Website is not aimed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our Services or provide any information to us through the Website.

This Policy should be read alongside, and in addition to, our Terms of Service, which can be found at: https://calybro.com/terms.

2. Information We Collect

We collect and process the following data about you for the following purposes:

2.1 Identity and Contact Data

Personal data you give to us in order to use our services: We collect data about you that you provide to us by registering or filling in forms on our website, or by corresponding with us by phone, email, or other means. This includes:

• Registration information: Full name, email address, password
• Profile information: Display name, preferences, account settings
• Communication history: Records of your interactions with our support team
• Survey responses: Feedback and survey responses (when you choose to participate)

2.2 Content Data

Audio, video, and transcription content:

• Audio and video files you upload for transcription
• URLs you provide for remote transcription (YouTube, TikTok, Instagram, Vimeo, etc.)
• Transcribed content and generated summaries
• Metadata associated with your files (filename, upload date, file size, duration, format)
• Speaker labels and conversation analysis
• Highlights, subtitles (SRT, VTT), and other generated content
• Translations and translated content
• Chat messages and AI-generated responses
• Any personal information contained within your transcribed content

Important: When you use our URL transcription feature to transcribe content from third-party platforms (such as YouTube, TikTok, Instagram, Vimeo), you are responsible for ensuring you have the legal right to download and transcribe such content in compliance with those platforms' terms of service.

2.3 Technical Data

In order to provide you with the best experience possible on our Website, we collect certain technical information:

• Device information: IP address, web browser type and version, operating system
• Usage data: Login credentials, session information, usage patterns, feature interactions
• Performance data: Performance metrics, error logs, system diagnostics
• Analytics data: Page views, click patterns, navigation paths (collected with your consent)

This information is automatically collected to improve the content and navigation of our Website and to ensure platform security and stability.

2.4 Authentication Data

• OAuth authentication data from third-party providers (such as Google)
• Authentication tokens and session management data
• Account verification information

2.5 Financial Data

When you subscribe to a paid plan, we collect:

• Billing contact email address
• Payment method information (processed securely by our payment processor)
• Subscription details and transaction history
• VAT number (if applicable)

Note: Credit card details and sensitive payment information are directly collected and processed by our payment processor, who processes such data as a data controller according to their privacy policy. We do not have direct access to your full payment card details.

3. How We Use Your Information

We process your personal information for the following purposes:

3.1 Service Delivery

• Providing transcription services through AI transcription service providers
• Generating summaries, translations, and other content using AI content generation services
• Processing audio and video files with AI technologies
• Enabling speaker identification and labeling
• Creating highlights, summaries, and subtitles
• Processing URL-based transcription requests
• Delivering chat and AI interaction features

3.2 Platform Operation

• Maintaining your account and authentication
• Providing customer support and technical assistance
• Ensuring platform security and preventing abuse
• Processing payments and billing through payment processors
• Sending important service updates and notifications
• Managing subscriptions and plan changes

3.3 Service Improvement

• Analyzing usage patterns to enhance user experience
• Improving transcription accuracy and AI processing
• Developing new features and functionality
• Conducting quality assurance and testing
• Training and improving AI models (with your consent or as permitted by law - see Section 3.4)

3.4 AI Model Training

We may use your content data to train and improve our AI models and services. This includes:

• Using transcribed content to improve transcription accuracy
• Using generated summaries to enhance summary quality
• Training models to better handle different languages, accents, and content types

Your Control: You have the right to opt out of having your content used for AI model training. If you opt out, your content will be excluded from use in training or maintaining AI models, though we may still process it to provide the Services to you. You can manage this preference in your account settings or by contacting us.

Data Anonymization: When used for training purposes, personal data in your content will be anonymized to the extent possible.

3.5 Legal Compliance

• Complying with applicable laws and regulations
• Responding to legal requests and court orders
• Protecting our rights and interests
• Enforcing our terms of service
• Maintaining records for accounting and tax purposes

3.6 Marketing Communications

General: We may process your personal data to send you marketing communications regarding products or similar services to those initially contracted, where permitted by law.

Your right to object: You have the right to object to the processing of your personal data for our marketing communications at any time by:

• Using the unsubscribe option in any marketing email you receive
• Contacting us at support@mail.calybro.com
• Adjusting your preferences in your account settings

4. Information Sharing and Disclosure

4.1 Sub-processors and Service Providers

We share your data with carefully selected sub-processors who help us deliver our services. All sub-processors are bound by data processing agreements and implement appropriate technical and organizational measures to protect your data.

AI and Transcription Services:

• AI Transcription Service Providers: Audio/video transcription processing (may be located outside the EEA)
• AI Content Generation Service Providers: Content generation, speaker labeling, translations, and AI analysis (may be located outside the EEA)
• AI Embedding Service Providers: Text embeddings and semantic search capabilities (may be located outside the EEA)

Infrastructure and Storage:

• Cloud Storage Providers: Video/audio storage, playback, and streaming services (may be located globally)
• File Storage Services: Subtitle files and other document storage (may be located globally)
• Database Providers: Secure data storage and database services (may be located globally)
• Hosting Providers: Application hosting and content delivery (may be located globally)

Payment and Billing:

• Payment Processors: Payment processing and subscription management (may be located outside the EEA)

Analytics and Tracking:

• Analytics Services: User analytics and tracking (with cookieless mode support where available, may be located outside the EEA)
• Web Analytics Services: Platform performance and usage analytics (may be located outside the EEA)

Authentication and Communication:

• Authentication Providers: User authentication and OAuth services (may be located globally)
• Email Delivery Services: Transactional and marketing email delivery (may be located outside the EEA)

We regularly review our sub-processors to ensure they maintain appropriate security and privacy standards. We will notify you of any material changes to our sub-processors through updates to this Privacy Policy.

4.2 Legal and Safety Disclosures

We may disclose your information when:

• Required by law, regulation, or legal process
• Necessary to protect our rights, property, or safety
• Required to protect the rights, property, or safety of our users
• In connection with a merger, acquisition, or sale of assets
• With your explicit consent

4.3 No Sale of Personal Data

We do not sell, rent, or commercially exploit your personal information to third parties for marketing purposes. We only share your data as described in this Privacy Policy.

5. Data Storage and Security

5.1 Storage Location

• Your content and data are securely stored using cloud storage and database providers
• Data may be processed across multiple geographical locations by our sub-processors
• Backups are maintained to ensure service continuity and data recovery
• Some data may be stored in countries outside the European Economic Area (EEA)

5.2 Security Measures

We implement comprehensive security measures to protect your personal data:

• Encryption: Data encrypted in transit using TLS and at rest using industry-standard encryption (AES-256)
• Access Controls: Strict role-based access controls and authentication requirements
• Monitoring: Continuous monitoring for security threats and anomalies
• Regular Updates: Timely security patches and system updates
• Compliance: We work with infrastructure providers that maintain recognized security certifications (SOC 2, ISO 27001, or equivalent)

5.3 Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Content Data: Retained until you delete transcriptions or close your account. Upon account deletion, content data is permanently deleted within 30 days, except where retention is required by law.

Account Data: Retained for the duration of your account plus 30 days after account closure, or longer if required by law (e.g., for tax or accounting purposes).

Technical Logs: Retained for up to 12 months for security and diagnostics purposes.

Financial Data: Retained for the duration required by applicable accounting and tax laws (typically 7-10 years in Italy).

Legal Requirements: Some data may be retained longer to comply with legal obligations, resolve disputes, or enforce our agreements.

6. Your Rights Under GDPR and Other Data Protection Laws

As a Data Subject, you have the following rights:

6.1 Right of Access

You may request access at any time to a copy of the personal data we hold about you. This includes:

• What personal data we process about you
• Why we process it
• Who we share it with
• How long we keep it
• Your rights regarding this data

Any such request should be submitted to us in writing and sent to support@mail.calybro.com. We will need to verify your identity in such circumstances and may request more information or clarifications from you if needed to help us locate and provide you with the personal data requested.

There is usually no charge applied to access your personal data (or to exercise any of the other rights). However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee. Alternatively, we may refuse to comply with your request in these circumstances.

6.2 Right of Rectification

If the personal information we hold about you is inaccurate or incomplete, you may request to have your personal information updated and corrected. To do so at any time, please contact us by email at support@mail.calybro.com or use the account settings in the application.

6.3 Right to be Forgotten (Right of Erasure)

If we hold personal data concerning you which are no longer necessary for the purposes for which they were collected, or if you withdraw consent for us to process your personal data, you can request the deletion of this personal data. This right, however, will not apply where we are required to process personal data in order to:

• Comply with a legal obligation
• Establish, exercise, or defend legal claims
• Fulfill purposes of public interest

To request deletion, please contact us at support@mail.calybro.com or delete your account through the application settings.

6.4 Right of Restriction

You may restrict us from processing your personal data in any of the following circumstances:

• You have contested the accuracy of the personal data we hold on record in relation to you or for a period of time to enable us to verify the accuracy of the personal data
• The processing of your personal data is unlawful and you request the restriction of use of the personal data instead of its erasure
• We no longer require your personal data for the purpose of processing but you require this data for the establishment, exercise, or defence of legal claims
• Where you have contested the processing (under Article 21(1) of the GDPR) pending the verification of our legitimate grounds

6.5 Right to Data Portability

Where we process your personal data by automated means (i.e., not on paper) and this processing is based on your consent or required for the performance of a contract between us, you have the right to request from us a copy of your personal data in a structured, commonly used machine-readable format and, where technically feasible, to request that we transmit your personal data in this format to another controller.

You can export your transcriptions and content through the application or by contacting us.

6.6 Right to Object

You have the right to object to the processing of your personal data at any time:

• For direct marketing purposes
• For profiling to the extent it relates to direct marketing
• Where we process your personal data for the purposes of legitimate interests pursued by us, except where we can demonstrate compelling legitimate grounds for this processing which would override your interests, rights, and freedoms or in connection with the enforcement or defence of a legal claim

To exercise your right to object at any time, please email support@mail.calybro.com or adjust your preferences in your account settings.

6.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

6.8 Exercising Your Rights

To exercise these rights:

• Use the account settings and data management tools in the application
• Contact our support team through the in-app channels
• Email us at support@mail.calybro.com

We will respond to your request within one month of receipt. If we need more time, we will inform you of the reason and the extension period (up to two additional months for complex requests).

The rights described in this section are personal rights and are exercisable only by the individual person (or data subject) concerned.

7. International Data Transfers

Personal Data may be transferred to our trusted partners and service providers who maintain their servers outside of the European Economic Area ("EEA"), where the privacy and data protection laws may not be as protective as those in your jurisdiction, in accordance with Articles 45 and 46 of the GDPR.

This is only for the purposes of providing, and to the extent necessary to provide, the Services to you. There are special requirements set out under Chapter V of the GDPR (with which we comply) to regulate such data transfers and ensure that adequate security measures are in place to safeguard and maintain the integrity of your personal data on transfer.

We ensure such transfers comply with applicable data protection laws through:

• Standard Contractual Clauses: EU-approved contractual protections (SCCs)
• Adequacy Decisions: Transfers to countries with adequate protection levels as recognized by the European Commission
• Certification Programs: Sub-processors with recognized privacy certifications (e.g., Privacy Shield Framework successors, EU-US Data Privacy Framework)

For more information about this and the safeguards in place relating to the transfer, please contact us by email at support@mail.calybro.com.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files that are placed on your device when you visit our Website. They help us provide you with a better experience by remembering your preferences and understanding how you use our services.

8.2 Types of Cookies We Use

We use the following types of cookies and similar technologies:

Essential Cookies (Required):

• Authentication cookies: Maintaining secure login sessions
• Security cookies: Protecting against fraud and unauthorized access
• Functionality cookies: Remembering your settings and preferences

These cookies are necessary for the Website to function and cannot be switched off. They are usually only set in response to actions made by you.

Analytics Cookies (With Your Consent):

• Usage analytics: Understanding how you use our Website to improve our services
• Performance monitoring: Tracking platform performance and identifying issues
• Feature usage: Understanding which features are most valuable to users

We use analytics services that support cookieless mode, allowing us to collect usage data without storing cookies on your device when you have not consented to cookies. You can manage your cookie preferences through the cookie consent banner or your browser settings.

Preference Cookies:

• Language preferences: Remembering your language selection
• Theme preferences: Remembering your dark/light mode preference
• Display preferences: Remembering your UI customization choices

8.3 Managing Cookies

You can manage cookie preferences through:

• Cookie Consent Banner: When you first visit our Website, you can accept or reject non-essential cookies
• Browser Settings: Most browsers allow you to control cookies through their settings. However, disabling essential cookies may affect platform functionality
• Account Settings: Some cookie preferences can be managed through your account settings

8.4 Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. We do not control these cookies. Please refer to the third-party's privacy policy for information about their cookies.

9. Data Breach Notification

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

In the event of a security incident, such as destruction, loss, modification, accidental disclosure, unauthorized or illegal access to personal data ("Security Incident or Breach"), we will:

• Investigate the incident immediately
• Take steps to contain and remediate the breach
• Assess the risk to your rights and freedoms
• Notify the relevant supervisory authority within 72 hours (where required by law)
• Notify affected users without undue delay if the breach is likely to result in a high risk to your rights and freedoms

Notification shall not be required when it is unlikely that such security breach constitutes a risk to the rights and freedoms of natural persons.

10. Age Restrictions

Our service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our Services or provide any information to us through the Website.

If we become aware that we have collected data from a minor under 16, we will take steps to delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@mail.calybro.com.

11. Privacy Policy Updates

We may update this Privacy Policy to reflect changes in our practices or applicable laws. Material changes will be communicated through:

• Email notifications to registered users
• Prominent notices within the application
• Updates to the "last updated" date above

We encourage you to review this policy periodically to stay informed about our privacy practices. Your continued use of the Service after changes to this Privacy Policy constitutes acceptance of those changes.

If required under applicable laws, we will inform you of any material change to this Privacy Policy and obtain your consent where necessary.

Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at support@mail.calybro.com. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

12. Regulatory Compliance

We are committed to complying with applicable data protection regulations, including:

• GDPR: European Union General Data Protection Regulation (Regulation (EU) 2016/679)
• Italian Privacy Code: Codice in materia di protezione dei dati personali (Legislative Decree No. 196/2003, as amended)
• CCPA: California Consumer Privacy Act (where applicable to California residents)
• Other applicable privacy laws and regulations in jurisdictions where we operate

13. Contact Information

General Inquiries

For privacy-related questions or to exercise your rights:

• Email: support@mail.calybro.com
• Contact us through: The support channels available in the application
• Use the "Privacy" or "Data Protection" options: In our help system

Data Protection Officer

You may request to speak with our Data Protection Officer for complex privacy matters by contacting us at support@mail.calybro.com with "Data Protection Officer" in the subject line.

Supervisory Authority

You have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction if you believe we have not complied with our obligations under data protection laws.

For Italian residents: You can lodge a complaint with the Garante per la protezione dei dati personali (Italian Data Protection Authority):

• Website: https://www.garanteprivacy.it
• Email: garante@gpdp.it

For other EU residents: You can find your local supervisory authority at: https://edpb.europa.eu/about-edpb/board/members_en

For UK residents: You can lodge a complaint with the Information Commissioner's Office (ICO):

• Website: https://ico.org.uk

14. Company Information

Data Controller:

• Company Name: Digispark SRL
• VAT Number: IT04085591206
• Website: https://calybro.com
• Contact Email: support@mail.calybro.com

Your privacy is fundamental to our service. We are committed to transparency and are always available to address any concerns about how we handle your personal data.