Back to Home

Privacy Policy

Last updated: May 12, 2026

1. Introduction

Welcome to ConvoSparr ("we," "our," or "us"). ConvoSparr is a product of Tarsonix Technologies. We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our AI-powered sales conversation practice platform.

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

Account & Profile Information

When you create an account or update your profile, we collect:

  • Full name and email address
  • Password (stored as a secure hash — never in plaintext)
  • If you sign in via Google OAuth: your name, email address, and profile picture as provided by Google
  • Optional profile details you choose to provide: age, gender, phone number, company name, job title, country, and timezone

Practice Session & Usage Data

When you use the practice features, we collect and store:

  • Scenario, persona, call type, and difficulty level selected for each session
  • Session start and end times, and total session duration in seconds
  • Practice credits consumed per session
  • Pitch briefing content — the product description, target audience, and selling points you enter when using pitch-type scenarios
  • AI-inferred role derived from your pitch briefing
  • Performance scores: overall score, letter grade, and skill-level metrics (e.g., active listening, objection handling, rapport, closing)
  • AI-generated session summaries and improvement suggestions
  • Achievements earned, practice streaks, and cumulative score history

Voice & Transcript Data

When you conduct a voice practice session, your microphone audio is streamed in real time for transcription and AI processing. We do not record or store your voice audio. Audio is discarded immediately after transcription. What we do store:

  • Text transcripts of your practice conversations, including speaker labels (you vs. the AI persona) and timestamps
  • AI-generated analysis derived from those transcripts: highlighted moments (positive and areas for improvement), performance metrics, and coaching suggestions

Technical & Diagnostic Information

We automatically collect certain information when you use our platform:

  • Browser type and version
  • Device type and operating system
  • IP address
  • Pages visited and time spent
  • Error reports and crash diagnostics (captured by Sentry, see Section 4)

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account, and authenticate your identity
  • Provide and operate the AI voice practice platform
  • Calculate and track your practice credits (Free plan: 600 lifetime seconds; Pro plan: 30,000 seconds per month)
  • Generate AI-powered performance analysis, scores, and coaching feedback after each session
  • Track your progress metrics, practice streaks, and achievements over time
  • Process payments and manage your subscription via Paddle
  • Send transactional emails such as password resets, email confirmations, and subscription receipts
  • Monitor platform health and diagnose technical errors
  • Detect and prevent fraud or abuse of the Service
  • Improve our AI models and platform using anonymized, aggregated data (see Section 5 of our Terms of Service for details on the anonymization approach)

4. Data Sharing and Disclosure

We do not sell your personal information. We share your data only with the following categories of parties:

Service Providers & Sub-processors

The following third-party services process data on our behalf to operate the platform. Each is bound by appropriate data processing agreements:

  • Supabase (Supabase Inc., USA) — database, authentication, and secure data storage. Your account data, session records, and transcripts are stored on Supabase infrastructure.
  • LiveKit (LiveKit Inc., USA) — real-time WebRTC room management. LiveKit facilitates the audio transport layer for live voice sessions; audio passes through LiveKit servers but is not persisted by them.
  • Deepgram — real-time speech-to-text transcription. Your voice audio is sent to Deepgram during a session to produce text transcripts. Audio is not stored by Deepgram after transcription.
  • Cartesia — text-to-speech voice synthesis. Cartesia generates the spoken responses of the AI personas. Only the AI-generated text (not your speech) is sent to Cartesia.
  • OpenRouter / Meta Llama 4 — large language model (LLM) processing for live AI conversation. Session context and transcript fragments are sent to this provider to generate AI responses during practice.
  • Kimi K2.5 / Google AI — post-session analysis, performance scoring, and feedback generation. Session transcripts are processed by this provider to produce your detailed score report. (We may update this provider periodically; this policy will be updated accordingly.)
  • Sentry — error monitoring and crash diagnostics. Sentry may capture anonymized usage context (e.g., page name, error stack) to help us diagnose technical issues. Sentry is configured to minimize capture of personal data.
  • Paddle (Paddle.com Market Limited, UK) — payment processing and subscription management. Paddle acts as Merchant of Record for all transactions. When you purchase a Pro subscription, your billing information is handled directly by Paddle under their privacy policy. We do not receive or store your full payment card details.

Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

In connection with a merger, acquisition, restructuring, or sale of assets, your data may be transferred to a successor entity. We will notify you before your data becomes subject to a materially different privacy policy.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encrypted connections (TLS/HTTPS) for all data transmitted between your browser and our servers
  • Row-Level Security (RLS) policies enforced at the database layer, ensuring each user can only access their own data
  • Passwords stored exclusively as secure hashes via Supabase Auth — never in plaintext
  • API keys and service credentials stored as environment secrets

No method of transmission over the Internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

6. Your Rights

EU / EEA Users (GDPR)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — request correction of inaccurate or incomplete data
  • Right to erasure ("right to be forgotten") — request deletion of your personal data
  • Right to restriction — request that we limit how we process your data in certain circumstances
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing of your data for certain purposes
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
  • Right to lodge a complaint — with the supervisory authority in your country of residence

California Users (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how it is used
  • Right to delete your personal information
  • Right to opt-out of the sale of personal information (note: we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

All Users

Regardless of your location, you may:

  • Delete your account and all associated data at any time from Settings → Account within the app. This action is irreversible and permanently removes your profile, session transcripts, analytics, and all other personal data.
  • Update your profile information at any time from Settings.
  • Opt out of non-essential communications by following the unsubscribe link.

To exercise rights not available through self-service, contact us at hello@convosparr.com. We will respond within 30 days (or as required by applicable law).

7. Cookies and Tracking

We use a minimal set of cookies on this platform:

  • Authentication session cookies — set by Supabase Auth to keep you logged in across page loads. These are essential for the Service to function.
  • Theme preference cookie — stores your preferred color theme (light, dark, or system default).

We do not use advertising cookies, behavioral tracking pixels, or third-party analytics cookies. Disabling cookies in your browser will prevent you from logging in and using the Service.

8. Data Retention

We retain your data for the following periods:

  • Account and profile data — retained for the lifetime of your account
  • Session transcripts, scores, and analytics — retained indefinitely while your account is active
  • On account deletion — all personal data, session records, transcripts, and analytics are permanently and irreversibly deleted from our systems
  • Billing records — Paddle retains transaction records as required by applicable tax and accounting regulations (typically up to 7 years), independent of account deletion

9. International Data Transfers

ConvoSparr is operated by Tarsonix Technologies, based in India. Our service providers store and process data primarily in the United States and other countries that may have different data protection standards than your country of residence.

For EU/EEA users, we rely on appropriate legal mechanisms for international data transfers, including Standard Contractual Clauses (SCCs) established by the European Commission, where applicable. By using the Service, you consent to the transfer of your data to countries outside your jurisdiction.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies independently.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal information, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page, updating the "Last updated" date, and where required by law, notifying you by email.

13. Contact Us

If you have any questions, requests, or concerns about this Privacy Policy or your personal data, please contact us at:

Company: Tarsonix Technologies

Product: ConvoSparr

Email: hello@convosparr.com