GDPR Policy

GDPR compliance policy for Rekam AI
Jan 24, 2026

Effective Date

January 24, 2026

1. Data Controller Information

Rekam AI ("we," "our," or "the Company") is the data controller of your personal data. If you have any questions about the processing of your personal data, please contact us at:

2. Data We Collect

We may collect the following types of personal data:

  • Identity information (name, username)
  • Contact information (email address)
  • Technical data (IP address, browser type, device information)
  • Usage data (how you use our services, features accessed, generation history)
  • Payment information (processed through secure third-party payment processors like Stripe, PayPal, and Creem)
  • Voice data (audio recordings provided for voice cloning and speech-to-text services)
  • Content data (text inputs, audio files, and other content you upload or generate)

We process your personal data on the following legal grounds:

  • Performance of our contract with you: To provide our AI voice services, manage your account, and process payments
  • Compliance with legal obligations: To comply with applicable laws, regulations, and legal processes
  • Our legitimate interests: To improve our services, ensure security, and prevent fraud
  • Your consent: For marketing communications and certain data processing activities

4. Your Rights

Under GDPR, you have the following rights:

  • Right of access - obtain a copy of your personal data
  • Right to rectification - request correction of inaccurate data
  • Right to erasure ("right to be forgotten") - request deletion of your data in certain circumstances
  • Right to restrict processing - limit how we use your data
  • Right to data portability - receive your data in a structured format
  • Right to object - object to certain types of processing
  • Right to withdraw consent - withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at support@rekam.ai. We will respond to your request within one month, as required by GDPR.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal requirements. Specifically:

  • Account information: Retained until you delete your account
  • Generated content: Stored according to your account settings and service plan
  • Voice clones: Retained until you delete them or close your account
  • Usage logs: Typically retained for 12-24 months for analytics and security purposes
  • Payment records: Retained as required by tax and accounting regulations

When data is no longer needed, it is securely deleted or anonymized.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and audits
  • Secure data storage with backup systems

7. International Data Transfers

When we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions
  • Binding corporate rules where applicable

We use cookies and similar technologies to improve user experience, remember your preferences, and analyze usage patterns. You can control cookies through your browser settings.

Types of cookies we use:

  • Essential cookies: Required for basic website functionality
  • Analytics cookies: Help us understand how you use our services
  • Preference cookies: Remember your settings and preferences

For more information, please see our Cookie Policy section in our Privacy Policy.

9. Contact and Complaints

If you have any questions or complaints about how we handle your personal data, please contact us first. We are committed to resolving any concerns you may have.

You also have the right to lodge a complaint with your local data protection authority in the EU if you believe your rights under GDPR have been violated.

10. Policy Updates

We may update this GDPR Policy from time to time. Any significant changes will be notified to you via email or website notification. Your continued use of our services constitutes acceptance of the updated policy.

Last updated: January 24, 2026. We reserve the right to modify this policy at any time.