translason

Privacy Policy

Last Updated: November 1, 2024

1. Introduction

At Translason (“we,” “our,” “us,” “Service”), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our JSON translation service, website (translason.com), and API (collectively, the “Service”).

Please read this Privacy Policy carefully. By using the Service, you agree to the practices described in this policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Data Categories

2.1.1 Account Information

  • Email address
  • API token identifiers
  • Account preferences
  • Usage tier information
  • Billing information (for paid tiers)

2.1.2 Technical Information

  • IP addresses
  • Browser type and version
  • Operating system
  • Device information
  • Access timestamps
  • Geographic location (derived from IP)

2.1.3 Usage Information

  • API requests and responses
  • Request timestamps
  • Character counts
  • Language pairs used
  • Error logs
  • Performance metrics
  • Rate limiting data

2.1.4 Translation Content

  • JSON data submitted for translation
  • Source and target languages
  • Translation outputs
  • Request metadata

2.1.5 Payment Information

  • Payment method details
  • Transaction records
  • Billing addresses
  • Payment processor tokens
  • Usage history

2.2 Collection Methods

2.2.1 Direct Collection

  • Information you provide during registration
  • Content submitted for translation
  • Communications with our support team
  • Payment information
  • Account settings

2.2.2 Automatic Collection

  • Log files
  • API usage metrics
  • Error tracking
  • Performance monitoring
  • Security logs

2.2.3 Third-Party Sources

  • Payment processors
  • Analytics providers
  • Security services
  • Infrastructure providers

3. Use of Information

3.1 Service Provision

  • Processing translation requests
  • Authentication and authorization
  • Rate limiting enforcement
  • Error handling and debugging
  • Performance optimization
  • Security monitoring

3.2 Service Improvement

  • Analyzing usage patterns
  • Identifying performance issues
  • Optimizing translation algorithms
  • Improving error detection
  • Enhancing security measures

3.3 Communication

  • Service updates and announcements
  • Security alerts
  • Technical notifications
  • Support responses
  • Billing information
  • Fraud prevention
  • Security investigations
  • Legal obligations
  • Law enforcement requests
  • Regulatory requirements

4. Data Processing and Storage

4.1 Translation Processing

  • Content is processed only for translation
  • No persistent storage of translated content
  • Temporary caching during processing only
  • No training of AI models on your content
  • No human review unless explicitly requested

4.2 Data Retention

  • Account information: Duration of account plus 30 days
  • Payment records: As required by law (typically 7 years)
  • Usage logs: 90 days
  • Security logs: 1 year
  • Error logs: 30 days
  • Analytics data: 2 years in aggregate form

4.3 Data Security

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for stored data
  • Regular security audits
  • Automated vulnerability scanning
  • Access controls and audit logging
  • Employee security training
  • Incident response procedures

5. Data Sharing and Disclosure

5.1 Service Providers

We may share information with:

  • Cloud infrastructure providers
  • Payment processors
  • Analytics services
  • Security monitoring services
  • Customer support platforms

We may disclose information:

  • In response to legal requests
  • To protect our rights
  • To prevent fraud
  • To ensure service security
  • To comply with law

5.3 Business Transfers

Information may be transferred in connection with:

  • Merger or acquisition
  • Sale of company assets
  • Bankruptcy proceedings
  • Corporate reorganization

6. User Rights and Choices

6.1 Access Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request data deletion
  • Export your data
  • Object to processing
  • Withdraw consent

6.2 Data Controls

You can:

  • Modify account settings
  • Delete API tokens
  • Control email preferences
  • Limit data collection
  • Request data removal

6.3 Request Process

To exercise your rights:

  • Email: [email protected]
  • Response time: Within 30 days
  • Verification required
  • No fee (unless excessive)

7. International Data Transfers

7.1 Data Locations

  • Primary processing: USA
  • CDN locations: Global

7.2 Transfer Safeguards

  • Standard contractual clauses
  • Data processing agreements
  • Privacy Shield compliance
  • Regional data residency (Enterprise)

8. Children’s Privacy

  • Service not intended for under 18
  • We don’t knowingly collect children’s data
  • We will delete any identified children’s data
  • Parents can contact [email protected]

9.1 Essential Cookies

  • Authentication
  • Security
  • Load balancing
  • User preferences

9.2 Analytics Cookies

  • Usage patterns
  • Performance monitoring
  • Error tracking
  • Feature optimization
  • Browser settings
  • Do Not Track support
  • Cookie preferences center
  • Third-party opt-outs

10. Data Protection Measures

10.1 Technical Security

  • Encryption at rest and in transit
  • Access controls
  • Monitoring systems
  • Intrusion detection
  • Regular backups
  • Disaster recovery
  • Security patching

10.2 Organizational Security

  • Employee training
  • Access reviews
  • Security policies
  • Incident response
  • Vendor assessment
  • Regular audits

10.3 Compliance

  • GDPR compliance
  • CCPA compliance
  • SOC 2 Type II
  • ISO 27001
  • Regular assessments

11. Data Breach Procedures

11.1 Response Plan

  • Immediate investigation
  • Impact assessment
  • Containment measures
  • User notification
  • Authority notification
  • Recovery actions

11.2 Notification Process

We will notify affected users:

  • Without undue delay
  • Within legal timeframes
  • With incident details
  • With remediation steps
  • With protection recommendations

12. Changes to Privacy Policy

12.1 Updates

  • We may update this policy
  • Notice via email/website
  • 30 days notice for material changes
  • Continued use implies acceptance

12.2 Version Control

  • Change log maintained
  • Previous versions available
  • Update notifications
  • User acknowledgment required

13. Special Jurisdictions

13.1 European Union (GDPR)

  • Legal basis for processing
  • Data protection rights
  • Cross-border transfers
  • Representative details
  • Supervisory authority

13.2 California (CCPA)

  • Personal information categories
  • Consumer rights
  • Do not sell provision
  • Verification procedures
  • Annual disclosures

13.3 Other Regions

  • Canada (PIPEDA)
  • Australia (Privacy Act)
  • Brazil (LGPD)
  • Regional compliance

14. Contact Information

Privacy related inquiries:

Response timeframes:

  • General inquiries: 2 business days
  • Rights requests: 30 days
  • Urgent matters: 24 hours
  • Security incidents: Immediate

We process data based on:

  • Contract performance
  • Legal obligations
  • Legitimate interests
  • User consent
  • Public interest
  • Clear consent mechanisms
  • Right to withdraw
  • Consent records
  • Preference center
  • Regular reviews

16. Policy Enforcement

16.1 Compliance

  • Regular audits
  • Employee training
  • Vendor oversight
  • Documentation
  • Risk assessments

16.2 Violations

  • Investigation procedures
  • Corrective actions
  • Disciplinary measures
  • Reporting obligations
  • Continuous improvement

This Privacy Policy demonstrates our commitment to protecting your privacy and complying with applicable data protection laws. For questions about this Privacy Policy, please contact [email protected].

Last Updated: November 1, 2024