PRIVACY POLICY

Last Updated: July 7, 2025

1. INTRODUCTION

Welcome to AudienceOut's AI Coaching Service ("Service", "Platform", "we", "us", "our"). We understand that your privacy is important, and we're committed to protecting your personal information in accordance with the Privacy Act 2020 of New Zealand and other applicable privacy laws.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered coaching platform. By using our Service, you agree to the collection and use of information in accordance with this policy.

If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

Account Information

  • Full name

  • Email address

  • Password (encrypted)

  • Contact preferences

  • Billing information (processed securely through third-party payment processors)

Profile and Preferences

  • Coaching goals and objectives

  • Preferred coaching personas

  • Language preferences

  • Time zone

  • Professional background (optional)

User-Generated Content

  • Speech recordings and transcriptions

  • Written responses and notes

  • Feedback and ratings

  • Support tickets and correspondence

2.2 Information Collected During Coaching Sessions

Speech and Performance Data

  • Voice recordings (temporarily processed, not stored unless you opt-in)

  • Real-time transcriptions

  • Speech metrics: pace, tone, volume, clarity

  • Linguistic patterns: filler words, pauses, sentence structure

  • Non-verbal indicators: hesitations, emphasis patterns

Session Analytics

  • Session duration and frequency

  • Coaching modes selected

  • Progress tracking metrics

  • Performance improvements over time

  • Feature usage patterns

2.3 Information Collected Automatically

Technical Information

  • IP address

  • Browser type and version

  • Operating system

  • Device identifiers

  • Screen resolution

  • Time zone settings

Usage Information

  • Pages visited

  • Features accessed

  • Click patterns

  • Error logs

  • System performance data

Location Information

  • Approximate location (city/country level) derived from IP address

  • We do not collect precise geolocation data

2.4 Information We Do Not Collect

We do not knowingly collect:

  • Biometric identifiers (facial recognition, fingerprints)

  • Genetic information

  • Health or medical data (unless voluntarily provided in coaching context)

  • Political affiliations or religious beliefs

  • Sexual orientation or gender identity (unless voluntarily provided)

3. HOW WE USE YOUR INFORMATION

3.1 To Provide and Improve Our Service

  • Deliver real-time coaching feedback

  • Personalise your coaching experience

  • Track and display your progress

  • Provide technical support

  • Process transactions

  • Send service-related communications

3.2 For Research and Development

We use anonymised and aggregated data to:

  • Improve AI coaching algorithms

  • Develop new features

  • Enhance speech recognition accuracy

  • Refine feedback mechanisms

  • Conduct academic research (with explicit consent)

3.3 For Communication

  • Account notifications

  • Security alerts

  • Service updates

  • Educational content (opt-in)

  • Marketing communications (opt-in only)

3.4 For Legal and Safety Purposes

  • Comply with legal obligations

  • Enforce our Terms of Service

  • Protect against fraud and abuse

  • Ensure platform security

  • Respond to legal requests

4. LEGAL BASIS FOR PROCESSING

Under New Zealand's Privacy Act 2020, we process your personal information based on:

  • Consent: For optional features and marketing

  • Contract: To provide the services you've requested

  • Legitimate interests: For fraud prevention and security

  • Legal obligation: When required by law

5. DATA SHARING AND DISCLOSURE

5.1 Service Providers

We share data with carefully selected third parties who assist us in operating our Service:

Infrastructure Providers

  • Cloud hosting (AWS/Azure/GCP) - data centres in Australia/New Zealand where possible

  • Content delivery networks

  • Database management

Functional Service Providers

  • Payment processors (Stripe, PayPal)

  • Email service providers

  • Customer support platforms

  • Analytics providers (anonymised data only)

AI and Speech Processing

  • Speech-to-text services (Deepgram, Google Cloud Speech)

  • Natural language processing APIs

  • Machine learning platforms

5.2 Business Transfers

If we're involved in a merger, acquisition, or sale of assets, your information may be transferred. We'll notify you before your information becomes subject to a different privacy policy.

5.3 Legal Requirements

We may disclose your information when required by law, including:

  • Court orders or subpoenas

  • Government requests

  • Law enforcement investigations

  • To protect our legal rights

5.4 Aggregated Information

We may share anonymised, aggregated data that cannot identify you personally for research, marketing, or business purposes.

5.5 We Never Sell Your Data

We do not and will never sell, rent, or lease your personal information to third parties for their marketing purposes.

6. DATA SECURITY

We implement appropriate technical and organisational measures to protect your personal information:

6.1 Technical Safeguards

  • End-to-end encryption for data transmission (TLS 1.3+)

  • Encryption at rest for stored data

  • Regular security audits and penetration testing

  • Web application firewall (WAF)

  • DDoS protection

  • Regular security patches and updates

6.2 Organisational Safeguards

  • Role-based access controls

  • Employee confidentiality agreements

  • Security awareness training

  • Incident response procedures

  • Business continuity planning

  • Multi-factor authentication for administrative access

6.3 Data Breach Response

In the event of a data breach that poses a risk to your privacy:

  • We'll notify affected users within 72 hours

  • We'll notify the Privacy Commissioner as required

  • We'll provide information about the breach and our response

  • We'll offer support and remediation where appropriate

7. YOUR PRIVACY RIGHTS

Under New Zealand's Privacy Act 2020, you have the following rights:

7.1 Right to Access (Principle 6)

Request a copy of the personal information we hold about you.

7.2 Right to Correction (Principle 7)

Request corrections to inaccurate or incomplete information.

7.3 Right to Deletion

Request deletion of your personal information, subject to legal requirements.

7.4 Right to Object

Object to certain uses of your information, including marketing.

7.5 Right to Data Portability

Receive your data in a structured, commonly used format.

7.6 Right to Withdraw Consent

Withdraw consent for processing where consent is the legal basis.

7.7 How to Exercise Your Rights

To exercise any of these rights:

  • Email: privacy@genexr.com

  • Use the privacy settings in your account

  • Submit a request through our support portal

We'll respond within 20 working days as required by law.

8. DATA RETENTION

We retain your information only as long as necessary:

  • Account information: Duration of account + 12 months (Justification: Service provision, legal compliance)

  • Session recordings: 30 days (unless saved by user) (Justification: Performance review, quality assurance)

  • Transcriptions: 6 months (Justification: Progress tracking, improvement metrics)

  • Analytics data: 3 years (anonymised) (Justification: Service improvement, research)

  • Financial records: 7 years (Justification: Tax and accounting requirements)

  • Legal records: 7 years (Justification: Compliance with NZ law)


You can request early deletion, except where we're legally required to retain data.

9. INTERNATIONAL DATA TRANSFERS

9.1 Data Localisation

We prioritise storing New Zealand user data within New Zealand or Australia where possible.

9.2 International Transfers

When data is transferred internationally:

  • We ensure adequate privacy protections

  • We use standard contractual clauses

  • We verify compliance with Privacy Act 2020 standards

  • We maintain transparency about data locations

9.3 Your Rights Regarding Transfers

You can:

  • Request information about where your data is processed

  • Object to certain international transfers

  • Request data localisation (fees may apply)

10. CHILDRENS PRIVACY

10.1 Age Requirements

Our Service is intended for users aged 16 and above. Users under 16 require parental/guardian consent.

10.2 Educational Use

For educational institutions:

  • Schools must obtain appropriate consents

  • We offer special educational privacy settings

  • We limit data collection for student accounts

  • We provide tools for educator oversight

10.3 Parental Rights

Parents/guardians of users under 16 can:

  • Access their child's information

  • Request corrections or deletions

  • Withdraw consent

  • Limit data collection

11. COOKIE POLICY

11.1 Essential Cookies

Required for Service functionality:

  • Session management

  • Security tokens

  • User preferences

11.2 Analytics Cookies

Help us understand usage (opt-out available):

  • Google Analytics (anonymised)

  • Performance monitoring

  • Feature usage tracking

11.3 Managing Cookies

You can:

  • Adjust browser settings to refuse cookies

  • Use our cookie preference centre

  • Opt out of analytics cookies

12. THIRD-PARTY LINKS

Our Service may contain links to third-party websites. We're not responsible for their privacy practices. Please review their privacy policies before providing information.

13. CHANGES TO THIS POLICY

13.1 Notification of Changes

We'll notify you of material changes via:

  • Email notification

  • In-app notification

  • Website banner

13.2 Effective Date

Changes take effect 30 days after notification unless otherwise stated.

13.3 Acceptance

Continued use after changes constitutes acceptance of the updated policy.

14. CONTACT INFORMATION

14.1 Privacy Inquiries

For privacy-related questions or requests:

Privacy Officer

11 Enterprise St, Birkenhead

Auckland, 0626

New Zealand

Email: privacy@genexr.com

Phone: +64 21 537726

Response time: Within 20 working days

14.2 Complaints

If you're unsatisfied with our response:

Office of the Privacy Commissioner

PO Box 10094

Wellington 6143

New Zealand

Website: https://www.privacy.org.nz

Phone: 0800 803 909

Email: enquiries@privacy.org.nz

15. ADDITIONAL PROVISIONS FOR INTERNATIONAL USERS

15.1 European Union (GDPR)

EU users have additional rights including:

  • Right to restriction of processing

  • Right to object to automated decision-making

  • Right to lodge complaints with supervisory authorities

15.2 California (CCPA/CPRA)

California residents have additional rights including:

  • Right to know categories of information collected

  • Right to opt-out of data sales (we don't sell data)

  • Right to non-discrimination

15.3 Australia (Privacy Act 1988)

Australian users are protected under the Australian Privacy Principles (APPs).

16. ACCESSIBILITY

This Privacy Policy is available in:

  • Alternative formats upon request

  • Multiple languages (coming soon)

  • Easy-read version

17. DEFINITIONS

Personal Information: Information about an identifiable individual

Processing: Any operation performed on personal information

Data Controller: Entity that determines purposes and means of processing

Service Provider: Third party that processes data on our behalf

18. SEVERABILITY

If any provision of this Privacy Policy is deemed invalid, the remaining provisions continue in full force.


---


Last Review Date: July 7, 2025

Next Review Date: January 7, 2026