Legal

Privacy Policy

Last updated: June 1, 2026

This policy explains what data Speka collects when you use our website and platform, how we use it, and the choices you have. We keep it short and plain — no dark patterns.

01 Overview

Speka ("we", "us") provides a no-code platform for adding voice and text AI agents to websites. This policy covers two groups: our customers (people with a Speka account) and end users (visitors who interact with an agent on a customer's website).

We don't sell your personal data, and we never will.

02 What we collect

Account information

When you create an account we collect your name, email address, and authentication details. If you subscribe to a paid plan, our payment processor collects billing information — we never store full card numbers.

Usage data

We collect standard product analytics: pages visited, features used, session and minute counts, and device/browser information, so we can improve the product and keep it reliable.

Content you provide

  • Knowledge base material you upload (URLs, documents, text).
  • Agent configuration — persona, voice selection, tools, and embed settings.

03 How we use it

  • To provide, maintain, and improve the platform and your agents.
  • To process payments and manage your subscription.
  • To send service updates and, if you opt in, occasional product news.
  • To detect abuse and keep the service secure.

04 Conversation data

When an end user talks or types to an agent, we process that conversation to generate a response and, where the customer has enabled it, store transcripts and recordings in the customer's dashboard for analytics and quality.

Customers control retention of their conversation data and act as the data controller for their end users. End users should refer to the privacy policy of the website operating the agent.

05 Sharing & processors

We share data only with vetted infrastructure providers who process it on our behalf (hosting, storage, payment processing, and email delivery), under contracts that require appropriate safeguards. We may disclose information if required by law.

06 Security

Data is encrypted in transit and at rest. Access is restricted on a need-to-know basis and protected by authentication and audit controls. No system is perfectly secure, but we work continuously to protect your data.

07 Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise any of these, email us and we'll respond promptly.

08 Retention

We keep account data for as long as your account is active. When you delete your account, we delete or anonymize your personal data within a reasonable period, except where we're required to retain it for legal or accounting reasons.

09 Contact

Questions about this policy or your data? We're happy to help.

Privacy questions? Reach our team at privacy@speka.online

Contact us →

Key takeaways

  • We don't sell your data — and we never will.
  • Encrypted in transit and at rest, with need-to-know access and audit controls.
  • You're in control: access, export, or delete your data anytime at privacy@speka.online.
  • Conversation storage is optional — customers decide if transcripts/recordings are kept and for how long.
  • Clear roles: for end-user chats, the website operator is the data controller; Speka is the processor.

Is your data private with Speka?

Is your data private with Speka? Yes. Speka does not sell your personal data — ever. Conversations are encrypted in transit and at rest, access is restricted on a need-to-know basis, and customers control whether transcripts are stored and for how long. For visitors who interact with an agent, the website operating that agent is the data controller; Speka acts only as a processor.

Do you need your own privacy policy?

If you embed a Speka agent on your site, you are the data controller for your visitors. That means you should tell your visitors, in your own privacy policy, that an AI agent may process their messages or voice to answer questions. Speka acts as your processor: we process conversations on your behalf under our contract, and you control whether transcripts and recordings are stored. See our How It Works page for the data flow, or contact us if you need a data-processing addendum (DPA).

Sharing & sub-processors

We share data only with vetted sub-processors under contracts requiring appropriate safeguards (e.g., GDPR-compliant data-processing agreements and, where applicable, Standard Contractual Clauses for international transfers). Categories of sub-processors: cloud hosting, object storage, payment processing, and transactional email.

These protections sit alongside data-subject rights provided under regulations such as the EU/UK GDPR and the California CCPA/CPRA. We do not sell or "share" personal information as those terms are defined under the CCPA. Read the GDPR official text or the California Privacy Protection Agency, and see our Terms of Service.

Last updated: June 2026

Frequently asked questions

Does Speka sell or share my personal data?
No. Speka does not sell personal data and commits to never doing so. Data is shared only with vetted sub-processors — cloud hosting, object storage, payment processing, and email delivery — under contracts that require appropriate safeguards, or when disclosure is required by law.
Are website AI chatbot conversations safe with Speka?
Yes. Conversation data is encrypted in transit and at rest, and access is restricted on a need-to-know basis with authentication and audit controls. Storing transcripts and recordings is optional and entirely controlled by the customer who operates the agent.
Who owns and controls end-user conversation data?
The customer running the agent on their website is the data controller for their visitors, and Speka acts as the processor. If you’re an end user chatting with an agent, refer to the privacy policy of the website you’re using.
How do I delete my data or exercise my privacy rights?
Email privacy@speka.online. Depending on where you live, you can access, correct, export, or delete your personal data, and object to or restrict certain processing. When you delete your account, Speka deletes or anonymizes your data within a reasonable period, except where law requires retention.
Do I need my own privacy policy if I add a Speka agent to my site?
Generally yes. Because you’re the data controller for your visitors, you should disclose in your own privacy policy that an AI agent may process their messages or voice. Speka processes those conversations on your behalf as your processor — contact us if you need a data-processing addendum.