Voice Sonic Labs - Privacy Policy

Updated
February 6, 2026

This Policy explains how we process personal data when you use VSL.

1. Overview

This Privacy Policy ("Policy") explains how Voice Sonic Labs Ltd ("VSL", "we", "us", "our") processes personal data when individuals use our websites, applications, and APIs (together, the "Services"). It also explains your rights and choices.

This Policy does not apply where we process personal data solely on behalf of an enterprise or business customer under a separate agreement. In those cases, the customer is the controller, and we act as a processor or service provider.

2. Categories of personal data we collect

2.1 Personal data you provide

  • Account and contact details: name, email address, phone number, address, contact preferences, and similar identifiers.
  • Text, audio, and video input: any content you upload or enter into the Services to generate synthetic audio, dubbing, subtitles, or lip-sync output.
  • Voice data: audio recordings and voice characteristics used to create or verify a voice model ("Voice Data"). In some jurisdictions, Voice Data or derived voiceprints may be treated as biometric information.
  • Profile and publishing details (optional): bio, links, and attributes if you choose to publish a voice model in a shared library.
  • Communications and support: messages, tickets, and attachments you send to us.
  • Payment information: billing details handled by our payment processors (we typically receive limited payment metadata, not full card details).
  • Verification and compliance information (if required): ID documents, proof of address, and related KYC or fraud-prevention data.

2.2 Personal data we collect automatically

  • Device and connection data: IP address, browser type, operating system, device identifiers, and similar technical data.
  • Usage data: interactions with features, timestamps, pages viewed, and performance logs.
  • Approximate location: inferred from IP address.
  • Cookies and similar technologies: see Section 9.

2.3 Personal data from third parties

  • Third-party login providers (if you use them): basic profile information, such as name and email address.
  • Service providers that assist with identity verification, fraud prevention, and compliance screening, where applicable.
  • Publicly available sources: we may collect information from publicly available sources for research, safety, and model improvement where permitted by law.

3. How we use personal data and our legal bases

We use personal data for the purposes below. Legal bases may include contract performance, legitimate interests, consent, and legal obligations, depending on context and jurisdiction.

  • Providing and operating the Services, including generating voice models and synthetic audio, dubbing, and lip-sync outputs.
  • Account management, billing, and customer support.
  • Security, fraud prevention, abuse prevention, and enforcing our Terms and policies.
  • Improving the Services, including quality assurance, debugging, and developing new features.
  • Research and development of AI models, including evaluation and safety testing, are subject to your choices and applicable law.
  • Marketing and communications, where permitted, and honouring opt-out preferences.
  • Complying with legal obligations and responding to lawful requests.

4. AI, voice processing, and training choices

4.1 Voice data and identity protection

We process Voice Data to create and operate voice models, to verify voice ownership when required, and to prevent misuse. We may request additional verification recordings or documentation in higher-risk situations (for example, when a user seeks to create a voice model of someone else).

4.2 Use of content for service improvement and training

We may use Content and related metadata to maintain and improve the Services, including training and evaluating models, reducing errors, and improving safety. Where feasible, we use safeguards such as access controls, minimisation, and de-identification or aggregation.

You may have the right to opt out of certain processing for training purposes, depending on your location. You can exercise this choice by contacting privacy@vslabs.ai or through available account controls.

5. How we share personal data

  • Service providers and vendors that help us host, operate, secure, and support the Services (for example, cloud hosting, analytics, communications, and payment processing).
  • Affiliates and contractors working under confidentiality obligations.
  • Other users, only when you choose to make a voice model or profile public or share content.
  • Legal and safety disclosures: to comply with law, protect rights and safety, investigate fraud, or enforce policies.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards.

5.1 Subprocessors (service providers)

We use third-party companies and individuals to help us provide the Services. When these providers process personal data on our behalf, they act as "Subprocessors" and are subject to contractual obligations to protect personal data and process it only on our documented instructions, unless required by law.

We conduct risk-based due diligence on Subprocessors, require confidentiality and security commitments, and limit access to the minimum needed to perform their services.

For enterprise customers where we act as a processor of Customer Content under a data processing addendum (DPA), we will (a) maintain an up-to-date Subprocessor list (Schedule A below), (b) provide advance notice of material Subprocessor changes where required, and (c) allow reasonable objections consistent with the DPA.

Subprocessor change notice and objections:

  • We will update Schedule A when we add or replace a Subprocessor that may process Customer Content.
  • If you have a reasonable objection to a new Subprocessor (for example, based on documented security or compliance concerns), contact privacy@vslabs.ai. We will work with you in good faith to address the concern, including, where commercially reasonable, offering an alternative.
  • If we cannot reasonably resolve an objection and your DPA provides a termination right, you may terminate the affected Services in accordance with the DPA.

6. International data transfers

Our Services may be hosted and supported in multiple countries. Your personal data may be transferred to and processed outside your country of residence. Where required by law, we implement appropriate safeguards, such as contractual protections, to support lawful transfers.

7. Data retention

We retain personal data for as long as necessary to provide the Services, meet legal obligations, resolve disputes, and enforce agreements. As a general rule, we do not retain data we generate about your voice for more than 3 years after your last interaction with us, unless required by law or necessary for safety, dispute resolution, or enforcement purposes.

8. Security

We use reasonable technical and organisational measures designed to protect personal data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

9. Cookies and similar technologies

We use cookies and similar technologies to provide and improve our Services.

Common categories include:

  • Strictly necessary cookies: required for core functionality such as login and security.
  • Performance and analytics cookies: help us understand usage and improve performance.
  • Targeting and marketing cookies: help us measure campaigns and show relevant ads where permitted.

You can control cookies through your browser settings and, where available, consent tools on our site. Some features may not work if you disable certain cookies.

10. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or port your personal data; restrict or object to processing; withdraw consent; and opt out of certain processing, including some training-related uses.

To exercise your rights, contact privacy@vslabs.ai. We may need to verify your identity before we can respond.

Marketing emails: you can opt out using the unsubscribe link in the message or by contacting us.

11. Children’s privacy

The Services are not directed to children under 18. We do not knowingly collect personal data from children. You are not permitted to upload children’s Voice Data to the Services unless it has been verified with consent from a parent or guardian. We take every precaution to protect children from abuse of our Services.

12. Third-party links

The Services may link to third-party sites or services we do not control. This Policy does not apply to third parties. Review their privacy policies before providing any information.

13. Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide notice as required by law.

14. Contact us

Data Protection Officer: privacy@vslabs.ai. Support: support@vslabs.ai. Address: Voice Sonic Labs Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

Schedule A - Subprocessor list

This Schedule lists key Subprocessors that may process personal data or Customer Content to deliver core features. We may use additional Subprocessors for hosting, support, analytics, communications, and security. For the most current list, contact privacy@vslabs.ai.

Subprocessor Service provided Data categories Processing location(s) Safeguards
Google (Google Analytics) Analytics and performance measurement Device and usage data; cookie identifiers As provided on request Cookie controls; data minimisation; contractual terms
Other support providers (on request) Cloud hosting, email delivery, customer support, fraud prevention, security tooling Account data; usage data; support communications; operational logs As provided on request Confidentiality; access controls; least privilege; security review