Privacy Policy

Last updated: December 5, 2025

Quick Links:Cookie Policy |Terms of Service |Contact DPO

1. Introduction

At SpeechMirror ("we," "our," or "us"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, which provides public speaking resources, tools directory, classic speeches, and learning materials.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access our website.

2. Information We Collect

2.1 Personal Data

We collect personal information that you voluntarily provide to us when you:

  • Subscribe to our newsletter
  • Submit a contact form
  • Request customer support
  • Participate in surveys or feedback forms
  • Create an account (if applicable)

This information may include:

  • Name and email address
  • Usage data and preferences
  • Communication records with our support team
  • Device identifiers and technical information

2.2 Usage Data and Analytics

We automatically collect certain information when you visit, use, or navigate our website through cookies and similar technologies. For detailed information about our use of cookies, please see our Cookie Policy.

  • Device and browser information
  • IP address and general location data
  • Pages visited and features used
  • Time spent on pages and interaction patterns
  • Referral sources and search terms
  • Error logs and performance metrics

2.3 Third-Party Service Providers

We work with the following third-party service providers who may process your data on our behalf:

Data Processors:

  • Supabase Inc. - Database and hosting services (US-based)
  • Cloudflare Inc. - Content delivery network and security services (US-based)
  • Vercel Inc. - Website hosting and deployment (US-based)
  • Google LLC - Analytics services via Google Analytics (US-based)

Each of these service providers has been selected based on their commitment to data protection and compliance with applicable privacy laws. We have data processing agreements in place with all processors that handle personal data on our behalf.

3. How We Use Your Information and Legal Basis

We process your personal data based on the following legal grounds:

3.1 Contract Performance

We process your data to fulfill our obligations when you:

  • Subscribe to our newsletter
  • Access our resources and content
  • Provide customer support

3.2 Legitimate Interests

We process your data for our legitimate business interests, including:

  • Improving and personalizing your experience
  • Analyzing usage patterns to enhance our services
  • Preventing fraud and ensuring security
  • Marketing our services (with opt-out options)

3.3 Consent

With your explicit consent, we may:

  • Send you marketing communications
  • Use cookies for analytics and personalization
  • Process sensitive data for specific features

3.4 Legal Compliance

We may process your data to comply with legal obligations, including:

  • Responding to legal requests and court orders
  • Complying with tax and accounting requirements
  • Meeting regulatory obligations

4. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Specific retention periods include:

Retention Periods:

  • Newsletter subscriptions: Until unsubscribe + 30 days
  • Contact form submissions: 3 years from submission
  • Support communications: 3 years from last interaction
  • Analytics data: 26 months (Google Analytics default)
  • Security logs: 12 months
  • Marketing consent records: 3 years from withdrawal of consent

When we no longer need your data, we will securely delete or anonymize it using industry-standard methods. Some data may be retained in anonymized form for statistical analysis and service improvement purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. Our security measures include:

Technical Safeguards:

  • End-to-end encryption for data transmission (TLS 1.3)
  • Encryption at rest for stored data (AES-256)
  • Multi-factor authentication for administrative access
  • Regular security audits and vulnerability assessments
  • Automated backup systems with encryption
  • Network firewalls and intrusion detection systems

Organizational Measures:

  • Staff training on data protection and privacy
  • Access controls and principle of least privilege
  • Data processing agreements with all third parties
  • Incident response and breach notification procedures
  • Regular review and update of security policies

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security. In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by applicable law.

6. Your Rights

Depending on your location, you may have certain rights regarding your personal data:

6.1 GDPR Rights (EU/EEA/UK Residents)

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

6.2 CCPA Rights (California Residents)

  • Right to Know: Request information about data collection and use
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices

6.3 How to Exercise Your Rights

To exercise these rights, you can:

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

7. International Transfers

Your information may be transferred to and processed in countries other than your country of residence, particularly the United States and other countries where our service providers operate.

7.1 Transfer Safeguards

When transferring data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs): EU-approved contract terms for data transfers
  • Adequacy Decisions: Transfers to countries with adequate data protection (UK, Canada)
  • Data Processing Agreements: Contractual protections with all processors
  • Technical Safeguards: Encryption and security measures during transfer

7.2 Data Locations

Your data may be processed in the following locations:

  • Primary servers: United States (Vercel, Supabase)
  • CDN and caching: Global (Cloudflare network)
  • Analytics: United States (Google Analytics)
  • Company operations: China (SpeechMirror)

8. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

10. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours
  • Inform affected users without undue delay
  • Provide clear information about the nature of the breach
  • Explain the likely consequences and mitigation measures
  • Describe the measures taken to address the breach

11. Contact Us

If you have questions or concerns about this Privacy Policy or our practices, please contact us at:

General Privacy Inquiries:
Email: privacy@speechmirror.space

Data Protection Officer:
Email: dpo@speechmirror.space

Legal Department:
Email: legal@speechmirror.space

Postal Address:
SpeechMirror
Room A2001, Venture Capital Building
Yuehai Street, Nanshan District
Shenzhen, Guangdong Province, China

EU Representative

For EU-related privacy matters, you may also contact our EU representative:

(EU representative contact information to be updated when appointed)

← Back to Home