Privacy Policy

Last updated: February 21, 2026

PodcastPilot ("we", "us", or "our") is operated by AIONIQS. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at podcastpilot.pro and our SaaS platform (collectively, the "Service").

We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is:

AIONIQS
Email: privacy@podcastpilot.pro

2. Information We Collect

2.1 Information You Provide

• Account information: Name, email address, and password when you create an account.
• Payment information: Billing details processed securely through Stripe. We do not store credit card numbers on our servers.
• Content you upload: Podcast episodes (audio and/or video files) that you submit for processing.
• Communications: Any messages or support requests you send us.

2.2 Information Collected Automatically

• Usage data: Pages visited, features used, timestamps, and interaction patterns.
• Device information: Browser type, operating system, device type, and screen resolution.
• Log data: IP address, referring URL, and access timestamps.
• Cookies: Essential cookies for authentication and session management. See Section 8 for details.

3. Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

• Performance of a contract (Art. 6(1)(b)): To provide the Service you have subscribed to, process your episodes, and manage your account.
• Legitimate interests (Art. 6(1)(f)): To improve our Service, ensure security, prevent fraud, and communicate about service updates.
• Consent (Art. 6(1)(a)): For optional marketing communications. You can withdraw consent at any time.
• Legal obligation (Art. 6(1)(c)): To comply with applicable laws, such as tax and accounting requirements.

4. How We Use Your Information

• To provide, operate, and maintain the Service.
• To process your podcast episodes and generate content outputs.
• To process payments and manage subscriptions.
• To send transactional emails (account confirmations, password resets, subscription updates).
• To improve the Service based on usage patterns (anonymised and aggregated).
• To respond to your enquiries and provide customer support.
• To detect and prevent fraud, abuse, and security incidents.

5. Data Sharing and Third Parties

We do not sell your personal data. We share data only with the following categories of service providers, each of whom is bound by data processing agreements:

• Stripe: Payment processing. Stripe Privacy Policy
• Supabase: Database hosting and authentication. Supabase Privacy Policy
• Vercel: Website hosting. Vercel Privacy Policy
• Resend: Transactional email delivery. Resend Privacy Policy
• AI processing providers: For content generation from your uploaded episodes. Episodes are processed and not retained beyond the processing window.

6. International Data Transfers

Some of our service providers are based in the United States. Where personal data is transferred outside the European Economic Area (EEA) or the United Kingdom, we ensure adequate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Transfers to countries with an adequacy decision.
• Data Processing Agreements with all sub-processors.

7. Data Retention

• Account data: Retained for the duration of your account plus 30 days after deletion.
• Uploaded episodes: Processed and stored for your access. Deleted within 30 days of account deletion or upon your request.
• Generated content: Stored for your access for the duration of your subscription.
• Payment records: Retained for 7 years as required by tax law.
• Log data: Retained for up to 90 days for security and debugging purposes.

8. Cookies

We use the following categories of cookies:

• Strictly necessary cookies: Required for authentication, session management, and security. These cannot be disabled.
• Analytics cookies: Used to understand how visitors interact with the Service. These are only placed with your consent.

We do not use advertising or tracking cookies. You can manage cookie preferences through your browser settings.

9. Your Rights Under GDPR

If you are located in the EEA or the United Kingdom, you have the following rights:

• Right of access (Art. 15): Request a copy of the personal data we hold about you.
• Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
• Right to erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
• Right to restrict processing (Art. 18): Request limitation of processing in certain circumstances.
• Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent (Art. 7(3)): Withdraw consent at any time where processing is based on consent.
• Right to lodge a complaint: You have the right to file a complaint with your local supervisory authority (for the UK: the Information Commissioner's Office at ico.org.uk).

To exercise any of these rights, please contact us at privacy@podcastpilot.pro. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest.
• Secure authentication via Supabase Auth with bcrypt password hashing.
• Row Level Security (RLS) policies on all database tables.
• Regular security reviews and access controls.
• Payment data handled exclusively by PCI DSS-compliant Stripe.

11. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

For any questions about this Privacy Policy or to exercise your data protection rights:

AIONIQS
Email: privacy@podcastpilot.pro