StudyVoice
Menu

Privacy

Pursuant to Article 13 of Regulation (EU) 2016/679 ("GDPR"), this policy explains how personal data is processed when using the StudyVoice website and application.

1. Data Controller

The Data Controller and owner of StudyVoice is NEXTIMELABS S.R.L. ("Controller").

  • NEXTIMELABS S.R.L.
  • Via Campidoglio n. 70, 98076 Sant'Agata di Militello (ME), Italy
  • VAT no. 03681410837
  • Certified email (PEC): nextimelabs@pec.it
  • Phone: +39 3520298060

2. Categories of processed data

  • Account data: Firebase UID, email, name, user type, study preferences.
  • Learning content data: uploaded knowledge-base content, transcripts, and session text.
  • Performance data: scores, study time, progress indicators, simulated exam results.
  • Device data: push tokens (FCM/APNs), platform, device registration metadata.
  • Local app storage data: settings and preferences stored on the user device.
  • Web demo data: anonymous device/browser identifier used to enforce trial limits.

3. Purposes and legal bases

  • Service delivery, authentication, and account management (Art. 6(1)(b) GDPR).
  • Oral practice analysis and personalized learning feedback (Art. 6(1)(b) GDPR).
  • Credits, subscriptions, and premium feature management (Art. 6(1)(b) GDPR).
  • Operational notifications and reminders via push tokens (Art. 6(1)(b)/(f) GDPR).
  • Legal compliance and defense of rights (Art. 6(1)(c)/(f) GDPR).
  • Website analytics subject to consent for non-essential cookies (Art. 6(1)(a) GDPR).

4. Processing methods

Data is processed through IT and telematic tools, using measures proportionate to the stated purposes. Part of the processing is carried out on third-party cloud infrastructure (e.g., Firebase/Google Cloud) acting as processors or sub-processors.

5. Data retention

Data is retained for as long as necessary to provide the service and manage the contractual relationship. Users may request account deletion: the app deletes the user document in Firestore and removes Firebase Auth account data, within technical system constraints.

6. Recipients and transfers

Data is not publicly disclosed. It may be shared with providers supporting cloud services, authentication, push notifications, in-app payments, and analytics, appointed as processors where required. Any transfers outside the EEA are handled in compliance with Articles 44 et seq. GDPR.

7. Data subject rights

Users may exercise rights under Articles 15-22 GDPR (access, rectification, erasure, restriction, objection, portability), and may withdraw analytics-cookie consent at any time.

8. Minors

Minors should use the service under parent/guardian supervision and, in school contexts, in accordance with institutional policies and any agreements in place with the Controller.

By continuing, you acknowledge the Privacy Policy. We use strictly necessary cookies and analytics cookies only with your consent. Privacy · Cookie