Skip to main content

Privacy Policy

Data Controller

This website and the Podhoc service are operated by Nexo Apex SL (“Podhoc”, “we”, “our”, or “us”), acting as data controller for the personal data described in this policy.

Company details

  • Company: Nexo Apex SL
  • Address: Edificio Cami Reial c/ Cami Reial, 13-17, 3a planta, 43700 El Vendrell, Tarragona, Spain
  • Email: hi@podhoc.com
  • Website: nexoapex.com

Scope

This Privacy Policy explains how we process personal data when you:

  • visit the Podhoc website,
  • create and use a Podhoc account,
  • submit sources and generate podcasts,
  • contact support or communicate with us.

By registering, creating an account, or signing up in Podhoc, you acknowledge and consent to the processing described in this Privacy Policy, together with the applicable Terms and policies.

Data We Process

We apply data minimization and process only what is necessary to operate, secure, and improve Podhoc.

1) Data you provide

  • Account data: email address, authentication details, and profile preferences.
  • Generation input data: URLs, text, and uploaded files (for example PDF, DOCX, TXT) used to create podcasts.
  • Support data: information included in support requests and communications.
  • Billing and subscription data: plan, credits, invoices, and payment status (full card data is processed by Stripe, not stored by Podhoc).

2) Data generated during service use

  • Service metadata: timestamps, status events, language, generation settings, and technical processing events.
  • Security and operational logs: anonymized or pseudonymized logs used for reliability, abuse prevention, and troubleshooting.
  • Essential cookies: required for basic functionality and security.
  • Analytics cookies: used only for aggregate analytics and enabled only if you explicitly allow them through the cookie banner/preferences.

User Responsibility for Submitted Content

You are solely responsible for any information or materials you submit to Podhoc for AI generation, including URLs, text, documents, and files.

By using Podhoc, you confirm that:

  • you have the legal right to submit and process that content,
  • your submissions comply with applicable law,
  • you will not submit unlawful, sensitive, or third-party data without a valid legal basis.

Nexo Apex SL does not pre-validate all dynamic user-submitted content and is not responsible for illegal, sensitive, infringing, or unauthorized data provided by users.

This includes, without limitation, copyright-protected material uploaded or processed without required permissions.

Podhoc reserves the right to suspend or restrict accounts if anomalies are detected in usage behavior or in the nature of submitted content, including signals of abuse, illegal activity, or policy non-compliance.

How We Use Data

We process data to:

  • provide account access and authentication,
  • run podcast generation workflows and deliver outputs,
  • manage subscriptions, credits, and transactions,
  • maintain security, prevent abuse, and monitor reliability,
  • provide support and respond to legal requests,
  • improve product quality using anonymized/aggregated metrics.

Where GDPR applies, our legal bases are:

  • Contract performance: to provide Podhoc features you request.
  • Legitimate interest: service security, fraud prevention, quality, and reliability.
  • Consent: non-essential analytics cookies and similar optional tracking.
  • Legal obligation: accounting, compliance, and lawful disclosure obligations.

Data Sharing

We do not sell personal data.

We may share data with processors and vendors strictly to provide Podhoc, including:

  • Infrastructure and hosting: AWS
  • Authentication providers: Google and Apple (when you choose SSO)
  • Payments: Stripe
  • AI processing providers: providers used to generate scripts/audio
  • Operational communications: email/support tooling
  • Analytics tooling: only when analytics consent is enabled

These providers process data under contractual obligations and applicable data protection laws.

International Transfers

Some providers may process data outside your country. When required, we use appropriate safeguards (for example, contractual safeguards and equivalent protections under applicable law).

Retention

We keep data only for as long as needed for the purposes above, including legal and security obligations. Retention periods vary by data type (account, billing, logs, generated assets, support records). When data is no longer required, it is deleted or irreversibly anonymized.

Security

We implement technical and organizational safeguards including encrypted transport, controlled access, log sanitization, and monitoring. No system is absolutely risk-free, but we continuously improve our protections.

Your Rights

Depending on applicable law, you may have the right to:

  • access your personal data,
  • correct inaccurate data,
  • request deletion,
  • object to or restrict certain processing,
  • request portability,
  • withdraw consent for analytics cookies at any time.

To exercise your rights, contact us at hi@podhoc.com with subject “Podhoc Privacy Request”.

Children

Podhoc is not intended for children under the minimum age required by applicable law. If you believe a minor has provided data unlawfully, contact us and we will review and act promptly.

Policy Updates

We may update this Privacy Policy to reflect legal, technical, or operational changes. The latest version is always published on this page with the updated date.

If you have legal questions about this policy or your obligations when submitting content, contact legal@podhoc.com.

Last Updated: March 12, 2026