Platform Privacy Policy

Our Platform Privacy Policy

Dated: 16 June 2023

PLEASE READ THIS POLICY CAREFULLY

Protecting your personal information is very important to Trint Limited (“Trint Limited” “our”, “us” or “we”).

This policy sets out the basis on which any personal data about you will be processed and applies to the processing of personal data in connection with our software-as-a-service transcription platform known as ‘Trint’ (“Platform”). This policy does not cover: (i) activities on or through our publicly available website, https://trint.com/ (“Website”); and (ii) our direct marketing activities. Please refer to our Website and Marketing Privacy Policy for details of how we process your personal data in this respect. The most up-to-date version of our Website and Marketing Privacy Policy can be found at: https://trint.com/docs/privacy-policy.

Our Platform may contain links to third party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third-party websites.


Identity and contact information of the Data Controller

For the purposes of data protection legislation in the European Union, the data controller (i.e. the person that determines the purposes and manner in which your personal data are processed) is:

  • Trint Limited, in connection with: (i) Identity Data; (ii) Contact Data; (iii) Transaction Data; (iv) Technical Data; (v) Profile Data; and (vi) Usage Data. Trint Limited is a company incorporated and registered in England and Wales (company number 09225083) with its registered office at C/O Mishcon de Reya, Africa House, 70 Kingsway, London, England, WC2B 6AH, United Kingdom.
  • The Platform account holder, in connection with Content Data. Trint Limited is the data processor and merely processes personal data in accordance with the instructions given to us by the account holder.

For the purposes of data protection legislation in the United Kingdom, the data controller (i.e. the person that determines the purposes and manner in which your personal data are processed) is:

  • Trint Limited, in connection with: (i) Identity Data; (ii) Contact Data; (iii) Transaction Data; (iv) Technical Data; (v) Profile Data; and (vi) Usage Data. Trint Limited is a company incorporated and registered in England and Wales (company number 09225083) with its registered office at C/O Mishcon de Reya, Africa House, 70 Kingsway, London, England, WC2B 6AH, United Kingdom.
  • The Platform account holder, in connection with Content Data. Trint Limited is the data processor and merely processes personal data in accordance with the instructions given to us by the account holder.

Questions, comments and requests regarding this privacy policy are welcome and should be addressed to support@trint.com.

Personal information we may process about you

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data, which includes your first name, last name, social media profile, user ID, company name, job position and company department.
  • Contact Data, which includes your email address and postal address.
  • Content Data, any personal data which is contained within the audio or video file that you ask us to transcribe.
  • Transaction Data, which includes details about payments to and from you and other details of services you have purchased from us.
  • Technical Data, which includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location you use to access the Platform.
  • Profile Data, which includes your password, subscriptions purchased by you, your preferences, feedback and survey responses.
  • Usage Data, which includes information about how you use our Platform.

A breakdown of the personal data we may process is set out in the table below. Please note that third parties may collect personal data from you directly. For example, payment processors collect financial data (such as your payment card details) when you make payment to us on the Platform.

Why are personal data processed? Personal data Legal basis for processing Period for which your data will be stored Will your personal data be shared with third parties? Transfers outside the European Economic Area
1. To register you as a new customer. Identity Data, Contact Data and Profile Data. Performance of a contract with you. Until such time as you delete your account. We share this data with organizations that run services critical to our Platform to help store user account information. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
2. To process users’ access to the Platform, including ensuring secure access to the Platform. Identity Data, Contact Data and Profile Data. Performance of a contract with you. Necessary to comply with a legal obligation. Until such time as you delete your account. We share this data with organizations that run services critical to our Platform to ensure secure access to the Platform. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
3. To manage payments, fees / charges and to collect / recover money owed to us. Identity Data, Contact Data and Transaction Data. Performance of a contract with you. Processing is necessary for our legitimate interests (i.e. to recover debts due to us). For as long as debts remain outstanding. We will share your email address with our payment processor so that payment receipts can be sent to you by email. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
4. To transcribe audio or video files. Content Data. Performance of a contract with you. Necessary to comply with a legal obligation. Until such time as you delete the transcription or your account. We share this data with organizations that run services critical to our Platform to help us store transcriptions. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
5. To manage our relationship with users which will include notifying users about changes to our terms or privacy policy. Identity Data, Contact Data, Technical Data and Profile Data. Performance of a contract with you. Necessary to comply with a legal obligation. Until such time as you delete your account. We may use third-party CRM providers to manage our sales and marketing activities. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
6. To administer and protect our business and the Platform (e.g. making users aware of new features or system issues, troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). Identity Data, Contact Data and Technical Data. Necessary for our legitimate interests (i.e. for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise). Necessary to comply with a legal obligation. Until such time as you delete your account and a reasonable period thereafter. We share this data with organizations that run services critical to our Platform to identify web application crashes that affect a given user, to provide user behaviour tracking and in-app messaging, and to provide user session debugging. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
7. To use data analytics to improve our Platform, services, marketing, customer relationships and experiences. Technical Data and Usage Data. Necessary for our legitimate interests (i.e. to define types of customers for our services, to keep our Platform updated and relevant, to develop our business and to inform our marketing strategy). As there is an annual seasonality in our business, we will retain data for analytics purposes for 3 years. We share this data with organizations that run services critical to our Platform for analytics and error tracking purposes. This helps us improve our Platform. This data is stored in the USA. To ensure this transfer is lawful, we rely on the fact that we have a contract in place (i.e. the Standard Contractual Clauses) which is approved by the European Commission and gives personal data the same protection it has in Europe.
8. Asking you to leave a review or take a survey. Identity Data, Contact Data, Technical Data and Profile Data. Processing is necessary for our legitimate interests (i.e. to understand the requirements of our clients). For as long as we are using such data to improve our services and for a reasonable period afterwards. We may use third parties to help us conduct surveys. We may use services which store your personal information in the USA or elsewhere. Where we do so, we will ensure that the transfer is lawful.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.


We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.


We may obtain personal data about you in two main ways:

  • Direct interactions. You may, for example, provide us with your personal data by filling in forms on our Website. This included personal data provided to us when an account is created or you subscribe to use our Platform.
  • Automated technologies. Personal data may be collected automatically (such as the automatic recognition of your IP address or placement of cookies on your device).

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our Platform). In this case, we may have to cancel the service you have with us but we will notify you if this is the case at the time.

Where we store your personal information. The personal data that we collect from you will be transferred to and stored at a destination outside of the European Economic Area (“EEA”). This data may also be processed by staff operating outside of the EEA who work for us or for one of our business partners or service providers. Further information is provided in the table above. Please contact us at support@trint.com if you would like further details on the specific safeguards applied to the export of your personal data outside the EEA.

Disclosure of your information We may also disclose your personal information to third parties in the following circumstances:

Purpose of disclosure and third party(s) to which disclosure might be made Use justification
If you request we do so You have provided your consent
If Trint Limited or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets. Legitimate interests (i.e. to dispose of our business).
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of Trint Limited, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection. Processing is necessary for compliance with a legal obligation, or processing is necessary in order to protect the vital interests of a natural person.
We may disclose your personal information to third parties, the courts and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where we are compelled or believe it is reasonable to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime. Processing is necessary for compliance with a legal obligation, or processing is necessary in order to protect the vital interests of a natural person. Alternatively, legitimate interests (i.e. to cooperate with law enforcement and regulatory authorities).

Your rights

Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at support@trint.com.

You have the following rights in relation to your personal data:

Rights Details
Rights of Access You have the right to obtain from us confirmation as to whether your personal data are being processed, and, where that is the case, access to such personal data.
Right to Rectification We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete.
Right to erasure / ‘Right to be forgotten’ Asking us to delete all of your personal data will result in us deleting your personal data without undue delay (unless there is a legitimate and legal reason why we are unable to delete certain of your personal data, in which case we will inform you of this in writing).
Right to restriction of processing You have the right to ask us to stop processing your personal data at any time. However, this may require us to close your account.
Right to data portability You have the right to request that we provide you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so.
Right to complain You have the right to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the UK (see www.ico.org.uk). Although we encourage our customers to engage with us in the event they have any concerns or complaints.

We will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.


Where you request us to rectify or erase your personal data or restrict any processing of such personal data, we may notify third parties to whom such personal data has been disclosed of such request. However, such third parties may have the right to retain and continue to process such personal data in its own right, for example to comply with its legal obligations.

Sub-processors

Trint collects and processes various data for the purpose of providing, monitoring and maintaining the service. Where necessary Trint will share this data with third parties used to provide the service.

Name Location Personal data Legal Basis for Processing / Transfer Purpose
Debounce.io Germany Email address Legitimate Interests Email Verification
Note: Used to prevent sign-up with non-existent or disposable email addresses. You have the right to obtain from us confirmation as to whether your personal data are being processed, and, where that is the case, access to such personal data.
Stripe USA Email, First name, Last name, Address, Card details Performance of a Contract Payment processing
Note: Enterprise customer payments are processed in another system. The “owner” of the enterprise account will exist in Stripe to satisfy business logic, but will not have payment details attached unless an earlier card based subscription existed.
Xero New Zealand Email, First name, Last name, Address Accounting Accounting
US Tenant
Atlas
(mongodb.com)
USA PII (Trint customers and employees: email, first name, last name)
Customer data: Transcript/media metadata
Contract Hosts our production and development databases.
Auth0 USA Required PII: Email, First name, Last name
Optional: For social sign-on any gravatar made available on the user’s profile.
For SSO integrations, any data sent by the customer’s IdP in a security assertion. The minimum required data are those mentioned above.
Other information such as IP address and browser type/version are also captured.
Contract User Authentication and Registration
AWS USA Uploaded media Contract Cloud Platform
Coralogix Sweden First Name, Last Name, Email, IP Address, Transcription metadata Legitimate Interests Full stack observability platform
Filestack USA Uploaded media Contract Cloud Platform
Fivetran USA Pseudo-anonymised User Activity Legitimate Interests Internal Data Analysis
Google Analytics USA Pseudo-anonymised User Activity Legitimate Interests Product Analytics
Honeycomb.io USA Pseudo-anonymised User Activity Legitimate Interests Platform Monitoring
Hubspot USA and Germany User Activity
Email Address
First Name
Last Name
IP Addresses
Legitimate Interests Product Analytics
UserPilot USA Pseudo-anonymised User Activity Legitimate Interests Customer Engagement
Mailchimp/Mandrill USA Email, First name, Last name Contract Email
Mixpanel USA Email, Firstname, Last Name, IP, Browser data Legitimate Interests Product Analytics
Quaderno Holland Email, First name, Last name, Address Contract Tax Calculation
Sentry USA Pseudo anonymised data, IP address. browser/device meta data Contract Error Logging
Snowflake USA Pseudo-anonymised User Activity Legitimate Interests Internal Data Analysis
EU Tenant
Auth0 Frankfurt and Ireland Required PII: email address, first name, last name
Optional: For social sign-on any gravatar made available on the user’s profile.
For SSO integrations, any data sent by the customer’s IdP in a security assertion. The minimum required data are those mentioned above.
Other information such as IP address and browser type/version are also captured.
Provides user authentication and registration services.
https://auth0.com/privacy
Atlas Ireland Email address, first name, last name Information required for the functioning of the platform.
Connecting billing information with the account.
Amazon Web Services (AWS) AWS eu-west-1 (Ireland) Uploaded media Providing the Trint service
Filestack Uploaded media, Uploaded media filenames Provides the file picker in the webapp. Allows optimised uploading of media from the local machine, or from 3rd party sources such as DropBox, Google Drive, etc.
Media uploaded directly from the users web browser is not shared with Filestack.
Media uploaded via the Trint upload API is not shared with Filestack.
https://www.filestack.com/privacy/


Children under the age of 16

The Platform is not aimed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use our services or provide any information to us through the Platform. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at support@trint.com.

Changes to this policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, we will notify you, by email, or by means of a notice on our home page. Your continued use of the Platform will be deemed acceptance by you of the privacy policy. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you and for periodically visiting this privacy policy to check for any changes.