Joule
    Sign in

    Privacy Policy

    Last updated: Oct 13, 2025

    This Privacy and Cookies Policy (the “Privacy Policy”) outlines the rules for using data collected when you (“you” or “your”) visit or interact with our website (“Site”) and use our services (collectively, the “Services”) provided by Spoken Empathy Systems, Inc., a Delaware corporation (“Joule”, “we” or “us”). It describes the types of information we may collect from you or that you may provide when you use our Services, and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Privacy Policy should be read in conjunction with our Terms of Service.

    Unless otherwise defined in this Privacy Policy, terms used have the same meaning as in the Terms of Service.

    This Privacy Policy was last modified on the last updated date above and may be updated at any time to reflect changes in legislation and our data protection practices. You can always find the most recent version on our Site. If we make substantial changes, we will try to provide at least a 30-day notice prior to any changes taking effect. What constitutes a substantial change will be determined at our sole discretion. By continuing to access or use our Services after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, please stop using the Services.

    The Privacy Policy only covers data processing carried out by us. The Privacy Policy does not address, and we are not responsible for, the privacy practices of any other parties.

    We process your personal information in accordance with applicable U.S. and EU privacy laws, including the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (“CCPA/CPRA”), and the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).

    We do not knowingly collect or ask for information from people under the age of 18. If you are such a person, please do not use our Services or send us your information. We delete information that we learn is collected from a person under the age of 18 without verified parental consent.

    To learn more about personal data management or if you have any other questions, you’re welcome to contact us at support@joule.app or by post to:

    Spoken Empathy Systems, Inc.
    Mailbox nr. #5133, 1401 Pennsylvania Ave. Unit 105, Wilmington, DE 19806, US
    EU Representative: [TBC]

    Types of Personal Information We Collect

    We may collect the following types of information about you:

    User Content

    We may collect and process information, files, documents, or workflows that you upload to or generate within the Services (“User Content”), which may include personal data if you or your organization chooses to include such information. We process User Content data solely to provide, maintain and improve the Services, in accordance with our Terms of Service and this Privacy Policy.

    Credit and Payment Metadata

    Information about your purchases, credits usage, subscription status, billing details, and transaction metadata processed by our payment processors.

    Information from Third-Party Providers

    When you connect the Services to third-party platforms such as Slack, Notion, Gmail, or other productivity and communication tools (collectively, “Third-Party Integrations”), we may access and process certain data from those platforms. The specific categories of data accessed depend on the scope of permissions you grant when authorizing the integration. You are solely responsible for reviewing and managing these permissions. We process data obtained through Third-Party Integrations solely to provide, maintain, and improve the Services in accordance with this Privacy Policy.

    When you sign up for the Services using a third-party login provider (such as Google), we collect basic account information made available by that provider, including your name, email address, and profile picture. This information is used to create and manage your Joule account.

    Communication Information

    We may also collect other information that you provide through your interactions with us, for example, if you request information about our Services, interact with our sales team or contact customer support, complete a survey, provide feedback, register for an event or participate in marketing activities. We may keep a record of your communications with us and other information you share during these communications.

    Technical Information

    We and/or our authorised external service providers (as stated in this Privacy Policy) may automatically collect technical data when you visit or interact with our Services. Technical data may include, in particular, the URL of the website you visited before using our Service, the time and date of user visits, surfing habits, IP address, the browser name, the type of computer or device accessing our Services, time spent on the Site and other similar technical information.

    Cookies

    To make our Services work properly, we sometimes place small data files called cookies and similar technologies on your device. We use our session-based and permanent functional cookies, which enable the Site to remember your actions and preferences (e.g., to remember that you are logged in) so you don’t have to keep re-entering them whenever you come back to the Site or browse from one page to another. We inform you about the use of cookies on your device when you visit our Site for the first time and, if applicable, we ask for your consent to use cookies. Cookies will not be used for any purposes other than the ones stated above. Later, you may choose to accept or refuse cookies by selecting the appropriate settings on our Site/in your browser. To learn more about cookies, visit www.aboutcookies.org.

    With your consent, we use analytical cookies for the improvement of our Site. We may collect data such as device data, browsing data and interactions with the Site. You can withdraw your consent to analytical cookies at any time through your browser settings.

    With your consent, we use marketing cookies, including social pixels, for retargeting you on other websites. You can opt out or withdraw your consent to marketing cookies at any time through your browser settings.

    As mentioned above, in some cases, we may also use cookies provided by third parties (service providers), including:

    [_hjSessionUser_{site_id}, Hotjar, This cookie is set by Hotjar when a user first visits a page, ensuring data from future visits to the same site are attributed to the same user ID. Hotjar does not track users across different sites.]

    Why We Collect Your Information and Legal Grounds for Processing

    We process your personal information in order to:

    Carry out the agreement existing between us

    Based on your decision to use our Services, including:

    • providing the core functionalities of our Services;
    • informing you about updates and new features of our Services;
    • creating and providing your account from the personal information you provide upon registration;
    • notifying you about updates to our Terms of Service and this Privacy Policy;
    • responding to you in relation to any queries you may have with respect to our Services;
    • resolving potential agreement-related troubleshooting problems and disputes.

    We process the personal data provided by you voluntarily when you use our Services. The legal basis for such processing is the performance of a contract.

    Market our Services

    We may market current or future Services to you if you subscribe to our newsletter or consent to marketing cookies described above.

    The legal basis for such processing is your consent or legitimate interest to promote our Services (if you have an existing relationship with us).

    You can stop direct marketing communications from us by clicking the “Unsubscribe” link in any email communication that we send you or withdrawing your consent through our email support@joule.app.

    Improve our Services

    This purpose includes the following processing activities using technical information:

    • to improve current and future Services;
    • to prevent and detect security flaws and user interface issues.

    We process technical information under the following legal basis: legitimate interest.

    By default, we do not retain User Content for the purpose of training or improving our machine learning models. We may, however, generate and use aggregated and irreversibly anonymized data derived from User Content for purposes such as training machine learning models and enhancing the Services. We will not use User Content for AI training or model improvement in a way that could identify you or any individual, unless we have obtained your explicit consent in advance.

    Comply with a legal obligation

    We may share your personal information with third parties if we have a good-faith belief that access to and use of your personal information is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of us, our users or the public as far as in accordance with the law. When possible, we will inform you about such processing.

    Recipients of Your Personal Information

    To provide our Services, we work with external service providers (sub-processors). When sub-processors need access to your personal information to provide our Services to you, we have taken the appropriate contractual and organisational measures to ensure that your personal information is processed in accordance with all applicable laws and regulations, through confidentiality agreements, security practices and measures and agreements.

    To provide our Services, we work with the following sub-processors:

    • Cloud service providers on whom we rely for data storage and processing, including Amazon Web Services.
    • AI service providers that provide support for our AI features, including OpenAI, Anthropic, and Google.
    • Analytics service providers who help us analyse the usage of our Services, including Google.
    • Payment processors, including Stripe.

    The list of external sub-processors we use may change from time to time as we add or remove some of the providers listed above to assist us in providing the Services.

    We may also need to share your personal information in the following situations:

    Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of our company assets, financing, or acquisition of all or a portion of our business to another company.

    Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to abide by this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.

    Is Your Information Transferred Internationally?

    Our servers and primary processing facilities are located in the United States. If you access our Services from outside the United States, please be aware that your personal information may be transferred to, stored in, and processed by us and our third-party service providers in the United States and other countries where data protection laws may differ from those in your jurisdiction.

    For residents of the European Union or European Economic Area, such transfers are conducted in accordance with applicable data protection laws, including through the use of Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms that ensure an adequate level of protection for your personal information.

    Data Retention Period

    We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including to provide the Services, comply with legal, regulatory, accounting, or reporting obligations, establish or defend legal claims, and prevent fraud or abuse.

    When we have no ongoing legitimate business need or other legal basis to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

    Data Security

    Our security measures include technical and organizational measures for CCPA and GDPR compliance. We have implemented steps to protect your personal information from accidental loss and unauthorized access, use, alteration, and disclosure. All information you provide is stored on our secure servers behind firewalls. Any payment transactions will be encrypted. However, no security measures are perfect or impenetrable. Therefore, we cannot guarantee the security of your information.

    The safety and security of your information also depend on you. If we have given you (or you have chosen) a password to access certain parts of our Services, it is your responsibility to keep this password confidential. Please do not share your password with anyone.

    Should, despite the security measures, a security breach occur that is likely to have negative effects on your privacy, we will inform you about the breach as soon as reasonably possible. If you have any questions, feel free to contact us at support@joule.app.

    Your Privacy Rights

    U.S. Residents

    Certain U.S. state laws give their residents specific rights regarding personal information. Depending on your state of residence, you may have the following rights:

    • Right to know, confirm and access. You may request confirmation that we process your personal information and obtain access to the categories and, where required, the specific pieces of personal information we hold about you, including the categories of sources, purposes of use, and categories of third parties to whom the personal information was disclosed.
    • Right to portability. You have the right to request a copy of your personal information in a portable format.
    • Right to request deletion. You may request that we delete personal information we collected from you, subject to statutory exemptions (e.g., security, fraud prevention, compliance, recordkeeping).
    • Right to correct. You may request correction of inaccurate personal information that we hold about you.
    • Right to opt-out. Where required by law, you may opt out of: (i) sale or sharing of personal information; (ii) targeted advertising (cross-context behavioral advertising); and (iii) profiling in furtherance of decisions producing legal or similarly significant effects.

    We do not sell personal information for monetary or other valuable consideration. We do not knowingly sell or share the personal information of consumers under sixteen (16) years of age. Some of the cookies we use involve sharing information with analytics and advertising partners, which may be considered a “sale” or “sharing” of personal information under certain U.S. state privacy laws. You may opt out of this sharing at any time by clicking the “Do Not Sell or Share My Personal Information” link in the footer of our Site or by enabling a browser-based opt-out signal such as the Global Privacy Control (GPC).

    We do not profile in furtherance of decisions that produce legal or similarly significant effects. We may use cookies and analytics partners as described in Section 1.6, which could be considered targeted advertising. If you wish, you may opt out as described above.

    • Right to limit the use of sensitive personal information. We do not use or disclose sensitive personal information for purposes to which the right to limit use and disclosure applies under CCPA.
    • Right to non-discrimination. You have the right not to receive discriminatory treatment for exercising your privacy rights.

    Shine the Light Law. California residents may request us once per calendar year to provide them with (i) a list of certain categories of personal information that we have disclosed to other parties, including affiliates, for their direct marketing purposes during the immediately preceding calendar year, and (ii) the identity of those other parties. We do not disclose personal information to third parties for their own direct marketing purposes.

    EU/EEA Residents

    If you are a resident of the EU/EEA, you may have the following rights under the GDPR:

    • Right of access. You can contact us and request from us a confirmation whether or not your personal information are being processed and if so, you have the right to request access to your data, which we will provide to you in the form of a so-called “registry” (stating, in particular, purposes, categories of personal data, categories of recipients of personal data, storage periods or criteria for determining storage periods).
    • Right to rectification. You have the right to have inaccurate personal information we have stored about you rectified.
    • Right to erasure. You may also ask us to erase your personal information from our systems. We will comply with such requests unless we have a legitimate ground not to delete your personal information.
    • Right to restriction of processing. You may request us to restrict certain processing of your personal information. If you restrict certain processing of your personal information, this may lead to fewer possibilities to use our Services and Site.
    • Right to data portability. You have the right to receive your personal information from us in a structured, commonly used and machine-readable format in order to transmit the personal information to another controller.
    • Right to object. You have the right to object to the processing of your personal information where we process it based on our legitimate interest or for direct marketing purposes. If we do not demonstrate that there is a compelling, legitimate reason for the processing which overrides your interests or rights and freedoms, we will terminate the processing without undue delay on the basis of the objection. If the objection is made in the case of processing related to direct marketing, then we will terminate the processing without undue delay.
    • Right to withdraw consent. If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time.
    • Automated individual decision-making, including profiling. You have the right not to be subject to any decision based solely on automated processing, including profiling, which would have legal effects on you or affect you in a similarly significant way. We do not carry out automated decision-making without the influence of human judgment with legal effects on you.
    • Right to lodge a complaint. In case you consider our processing activities of your personal information to be inconsistent with the applicable data protection laws, you may lodge a complaint with the local supervisory authority for data protection.

    You may exercise your rights above, free of charge, by contacting us at support@joule.app or by mail to Spoken Empathy Systems, Inc., Mailbox nr. #5133, 1401 Pennsylvania Ave. Unit 105, Wilmington, DE 19806, US. We may require confirmation of your identity depending on your request. If you use an authorized agent to submit a request (where permitted by law), we may require proof of the agent’s authority and may ask you to verify your identity directly, as permitted by law. If we deny your request, you may appeal by contacting us at support@joule.app. We will respond within the period required by applicable law and provide information on how to escalate the matter to your state regulator if you remain unsatisfied.