GDPR Policy (EU & UK Users)

Effective Date: 25/12/2025 | Last Updated: 25/12/2025

This GDPR Policy explains how Beyondt Consultancy and Services ("Beyondt", "we", "us", or "our") complies with the General Data Protection Regulation (GDPR) when processing personal data of individuals located in the European Union (EU) and United Kingdom (UK).

This policy should be read alongside our Privacy Policy, Terms of Service, and Cookie Policy.

1. Our Role Under GDPR

  • Beyondt acts as a Data Controller for platform users.
  • Beyondt acts as a Data Processor for speakers whose data is collected on behalf of users.
  • Third-party service providers may act as sub-processors.

2. Personal Data We Process

Under GDPR, we may process the following categories of personal data:

Platform Users

  • Account and contact information
  • Billing-related information (excluding card details)
  • Usage and log data

Speakers (No Account Required)

  • Voice recordings
  • Audio transcriptions
  • AI-generated sentiment and emotion analysis
  • IP address and device/browser metadata
  • Consent confirmation details

Speaker details such as name, email, company, or designation may be provided by the inviting user.

3. Special Category Data (Biometric)

Voice recordings may be considered biometric data under GDPR.

We process such data:

  • Only after explicit consent
  • Solely for testimonial, analysis, and related purposes
  • Using automated AI systems

4. Legal Basis for Processing (Article 6 & 9)

We process personal data under the following lawful bases:

  • Explicit consent (Article 6(1)(a), Article 9(2)(a))
  • Contractual necessity (Article 6(1)(b))
  • Legitimate interests (Article 6(1)(f))
  • Legal obligation (Article 6(1)(c))

Consent is obtained before any audio recording begins and is logged with timestamp and IP address.

5. Automated Decision-Making & Profiling

  • All transcription and analysis is fully automated
  • No decisions producing legal or similarly significant effects are made
  • AI outputs are indicative and probabilistic

The platform must not be used for employment, medical, psychological, or legal decision-making.

6. Data Retention

  • Personal data is retained until deleted by the platform user
  • No backups are retained after deletion
  • Retention may be extended only if required by law

7. Data Sharing & Sub-Processors

We may share data with the following categories of sub-processors:

  • AI analysis providers
  • Cloud infrastructure providers
  • Analytics providers
  • Payment processors

Some AI providers may store and use data to improve their models, which is explicitly disclosed to users and speakers.

8. International Data Transfers

Personal data may be transferred outside the EU/UK, including to:

  • United States
  • India

Safeguards include:

  • Standard Contractual Clauses (SCCs) where applicable
  • Industry-standard encryption
  • Contractual data protection obligations

9. Data Subject Rights

EU and UK data subjects have the right to:

  • Access their personal data (Article 15)
  • Rectify inaccurate data (Article 16)
  • Erase data ("Right to be Forgotten") (Article 17)
  • Restrict processing (Article 18)
  • Data portability (Article 20)
  • Object to processing (Article 21)
  • Withdraw consent at any time (Article 7)

Requests can be made by emailing: hello@beyondt.in

We aim to respond within 30 days.

10. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority in your EU/UK country of residence if you believe your data protection rights have been violated.

11. Security Measures

We implement appropriate technical and organizational safeguards, including:

  • Encryption in transit (TLS 1.2+)
  • Encryption at rest (AES-256)
  • Access controls and least-privilege policies
  • Secure secrets and key management
  • Monitoring, logging, and incident response procedures

12. Data Protection Officer (DPO)

At this time, Beyondt has not appointed a dedicated Data Protection Officer, as it is not legally required based on the nature and scale of processing.

Privacy-related inquiries may be directed to: hello@beyondt.in

13. Children's Data

The platform is not intended for individuals under 18 years of age.

We do not knowingly process personal data of children.

14. Changes to This GDPR Policy

We may update this GDPR Policy from time to time.

Any changes will be published on this page with an updated effective date.

15. Contact

For GDPR-related questions or requests, contact:

Email: hello@beyondt.in

Back to Home