For personal data contained in event speech and transcripts, the
organization running the event (the church, conference, or host) is the
controller and we act as its processor under the
Data Processing Addendum. For the
account, billing, and website data we handle to run the service, we are
the controller. For events on live.openchurch.cz that we
host ourselves, we are the controller for those events.
No accounts, no tracking. Listening requires no registration; audience pages set no cookies and we do not use advertising or analytics trackers. Operational metrics (listener counts, connection health) are aggregated and contain no identity. Audience audio is received, translated, and discarded in transit; the service does not store event audio. Transcript text is stored only where archiving is enabled (see below).
We process: contact details from access requests and sign-up (name, e-mail, message); operator account names and credentials (passwords are stored only as salted hashes); linked sender-device names; and usage and billing records (language-minutes, credits, payments via Stripe). Legal basis: performance of the contract with your organization (Art. 6(1)(b)) and our legitimate interest in operating, securing, and billing the service (Art. 6(1)(f)).
Live audio is streamed to our EU servers and forwarded to our translation model provider, Google (Gemini API), for real-time processing. Under our paid-tier API terms, Google does not use this audio or its transcripts to train or improve its models (per Google's Gemini API / Cloud Data Processing terms for paid services). Translation is generated by an automated model; we do not review event content.
Optional archiving stores caption text only (never audio) on our EU
servers. It is off by default for organizations created on
LiveInterpret.AI and must be switched on per organization. The
live.openchurch.cz instance keeps archiving on for its own
events. Archived transcripts are kept for the retention window the organization
configures; if none is set they are retained until the organization deletes
them or closes its account. Because transcripts can contain sensitive content
(see below), we recommend organizations set a retention window (dashboard
→ settings) so old transcripts are purged automatically.
Speech at religious or similar events may reveal beliefs and therefore
special-category data under Art. 9 GDPR. The organization running the event is
responsible for the lawful basis for capturing, translating, and (if enabled)
archiving its event audio — for example the public and voluntary nature of a
worship service, or explicit consent where required. For events we host on
live.openchurch.cz, we are responsible for that basis.
The service is provided to organizations and their events, not directed at children, and audience pages collect no personal data from anyone. We do not knowingly collect personal data from children through account sign-up. Where an event's audience includes minors, the organizing organization is responsible for any notices or consents its own context requires.
Our primary hosting, storage, and payment processing use EU-based infrastructure and entities. Real-time translation uses Google's Gemini API (developer API) on a paid (billed) plan, under which Google does not use the data to train or improve its models. Google processes this data on a global basis, which may include processing outside the EEA, under Google's Gemini API terms. An EEA data-residency option for this translation model is not currently available (the model is not yet offered on Google Vertex AI); we will reassess residency if Google releases it there. Transactional e-mail (Resend) and edge/DNS/CDN services (Cloudflare) may also process limited data outside the EEA under the EU Standard Contractual Clauses (Art. 46 GDPR) in their data processing agreements.
| Provider | Purpose | Region / safeguard |
|---|---|---|
| Google (Gemini API, developer API, paid tier) | real-time speech translation | global processing per Google's Gemini API terms; no training on paid-tier data |
| Hetzner Online GmbH | hosting and compute | Germany (EEA) |
| Cloudflare, Inc. | DNS, TLS, CDN/proxy and bot protection (liveinterpret.app) | global edge; EU SCCs |
| Stripe (Stripe Payments Europe, Ltd.) | payments and tax calculation | EU entity for EU customers |
| Resend | transactional e-mail (sign-in, account) | US; SCCs |
A current subprocessor list is available on request. We announce material changes to organizations in advance (see the DPA).
We use only strictly-necessary cookies:
lt_session (HttpOnly operator-dashboard session),
lt_grant (short-lived, one-time sign-in hand-off), the control-plane
admin session, and — on liveinterpret.app only — Cloudflare's
security/bot-management cookies (e.g. __cf_bm). We set no
analytics, advertising, or cross-site tracking cookies, and audience pages set
no cookies at all, so no consent banner is required.
Billing and invoicing records are kept as required by Czech accounting and tax law. Access requests and sign-up messages are deleted on request once handled. Operator accounts and sender devices are deleted when the organization removes them or closes its account. Transcripts follow the retention rules above. Backups roll off on their own cycle.
You have the GDPR rights of access, rectification, erasure, restriction, portability, and objection. For event/transcript data where your organization is the controller, contact your organization; we will assist it as its processor. Contact us via the request form on the homepage, by e-mail at [email protected], or the postal address in the Legal Notice. You may lodge a complaint with the Czech supervisory authority, the Office for Personal Data Protection (Úřad pro ochranu osobních údajů, ÚOOÚ), Pplk. Sochora 27, 170 00 Praha 7.
TLS on all connections; hashed operator passwords; per-organization isolation; per-device revocable sender credentials; audit logging of control actions; EU-only primary hosting; and access limited to the Operator. See the DPA for the processor security measures.
We may update this policy; material changes are announced to the contact e-mail on file and reflected in the version line above.
Reviewed for accuracy against the live platform on 2026-07-12. This document is prepared by the Operator and is not legal advice; independent Czech/EU counsel should confirm it before general availability.