SUPERSONIK
Privacy Policy
Introduction
Supersonik is dedicated to safeguarding personal information. This policy details how the company collects, uses, discloses, and protects data submitted through its websites and job applications. The policy aligns with the EU General Data Protection Regulation (GDPR) and applicable data privacy laws.
Key Definitions:
- "Supersonik" refers to Supersonik, Inc. and its affiliates/subsidiaries
- "Controller" means Supersonik under GDPR and related data protection laws
- "Personal Information" encompasses any data identifying an individual, including names, identification numbers, location data, IP addresses, and factors relating to physical, physiological, genetic, mental, economic, cultural, or social identity
Core Principles
1. Limited Data Sharing
Supersonik shares personal information only for:
- User requests
- Processing transactions authorized by the user
- Legal disclosure requirements
- Assistance from marketing, recruiting, and service companies
- Professional advisory services
2. Processing Purpose and Legal Basis
| Personal Information | Purpose | Legal Basis |
|---|---|---|
| Website visitor data, contact details, IP address | Website provision and request responses | Contract performance or legitimate interests |
| Transaction and communication records | Processing authorized transactions | Contract performance |
| Contact information | Periodic product/service updates | User consent |
| Server diagnostic data | Website administration | Legitimate interests |
| Job application materials | Recruitment administration | Pre-contract steps or legitimate interests |
| All data types | Legal/regulatory compliance | Legal obligation |
3. Security Safeguards
Supersonik restricts information access to employees requiring it for job duties. The company maintains physical, electronic, and procedural safeguards complying with industry standards. Information systems and websites undergo routine testing to prevent unauthorized access.
4. Data Retention
Retention periods depend on:
- Query-related data: reasonable period after relationship concludes
- Contract/service data: duration of service delivery plus reasonable query period
- Claims-related data: applicable legal claim period
- Regulatory requirements: as mandated by law
- Job applications: limited talent pool retention
5. International Data Transfers
Supersonik operates globally with services hosted in France. Personal information may transfer internationally to affiliate locations and service providers.
Transfer Recipients:
| Category | Countries | Purpose | Data Types |
|---|---|---|---|
| Customer support | Spain | Service and technical support | Contact details |
| Cloud providers (AWS) | France | Storage and security | Name, voice data, account details, user history |
| Payment processors (Stripe) | US | Payment processing | Name, credit card details, billing address |
| Marketing analytics (Google Analytics) | Europe & US | User analytics | IP address, device info, browsing history |
EEA, UK, Gibraltar, and Swiss Residents
Supersonik transfers personal data from these regions to the US and other countries using:
- Adequacy Decisions per GDPR Article 45
- Standard Contractual Clauses (SCCs) and UK Information Commissioner's Office International Data Transfer Addendum (IDTA)
- Data Privacy Framework Compliance: Supersonik certifies adherence to the EU-US DPF, UK Extension to EU-US DPF, and Swiss-US DPF frameworks
The company performs transfer impact assessments and continuously monitors transfers to maintain equivalent protection levels.
DPF Dispute Resolution: EU, UK, Gibraltar, and Swiss individuals with DPF inquiries should contact Joaquin Lecha Soler, Data Protection Officer, at dpo@supersonik.ai. The company investigates complaints within 45 days.
Third-Party Responsibility: Supersonik acknowledges responsibility for third-party processing of personal information covered by this policy and remains liable under DPF Principles unless demonstrating non-responsibility for damages.
6. B2B Commercial Level
Services target B2B commercial use exclusively. Consumers or those seeking non-commercial use should not register or submit personal information. Mistaken personal data collection will be deleted upon contact.
User Rights and Additional Information
Feedback and Complaints
Contact: legal@supersonik.ai or written correspondence to Supersonik's address.
Users may lodge complaints with their country's Data Protection Authority if they believe Supersonik violates data protection obligations.
Policy Modifications
Changes to this policy will be posted on the website with notification via contact email, including impact explanations. Users are encouraged to review updates periodically.
Key Rights
Data Provision Notice: Submitted personal information is necessary for service provision. Failure to provide data may prevent service access. Supersonik does not employ automatic decision-making or profiling.
Individual Rights (as applicable by jurisdiction):
- Access to held personal information
- Correction of inaccurate data
- Processing restriction or objection
- Erasure when retention is unnecessary
- Data portability in machine-readable formats
- Automated decision-making objection
- Consent withdrawal
Marketing Communications
With consent, Supersonik retains names, addresses, and contact details for product/service awareness and industry updates. Recipients may object or revoke consent via unsubscribe options or by contacting the company.
Security Statement
Supersonik implements appropriate technical and organizational measures including pseudonymization, encryption, system confidentiality protection, incident recovery capability, and regular security testing. While email communications may lack security, the company maintains physical, electronic, and procedural safeguards. Only employees needing specific information access it, and all staff receive ongoing security training.
Cookies and Analytics
Supersonik uses cookies and analytics tools (detailed in the Cookie Policy). Depending on location, users may provide consent for non-essential cookies.
Third-Party Websites
The policy does not cover third-party websites linked from Supersonik platforms. Users bear responsibility for third-party data use and should review their privacy policies independently.
Last Updated: 2025