Privacy Policy | Talaera Inc.

Last Updated: May 13, 2026

1. Introduction

This Privacy Policy describes how Talaera Inc. (“Talaera”, “we”, “us”, or “our”) collects, uses, shares, and protects personal information when you use our website at talaera.com (the “Site”), our learning platform, application, and related services (together with the Site, the “Services”).

Talaera provides English language and professional communications training to working professionals. We take the privacy of our users seriously and have designed our Services to handle personal information responsibly.

If you have any questions about this Privacy Policy or our privacy practices, please contact us at privacy@talaera.com.

2. Who Controls Your Data

Your data may be handled in two different ways depending on how you access the Services:

If you signed up directly with Talaera

If you created your account directly through talaera.com (for example, by purchasing an individual subscription or trial), Talaera is the “controller” of your personal information. We decide how and why we process your data, and you can exercise your privacy rights directly with us.

If you access Talaera through your employer

If your employer (or another organization) has provided you access to the Services as part of an enterprise relationship with Talaera, your employer is generally the “controller” of your personal information related to your use of the Services, and Talaera processes that information on your employer’s behalf as a “processor.” In that case:

  • Your employer determines the purposes and methods by which your data is processed within the Services.
  • Talaera processes your data in accordance with the contract between Talaera and your employer (which includes our Data Processing Agreement).
  • To exercise privacy rights regarding your use of the Services, you should typically contact your employer first. We will assist your employer in responding to your request.
  • Personal information that Talaera processes for its own independent purposes — such as security, fraud prevention, legal compliance, billing, website analytics, and service administration — is handled by Talaera as a controller.

This Privacy Policy applies in both cases. Where the practices differ between direct users and enterprise users, we say so explicitly. Otherwise, the same practices apply.

3. Information We Collect

We collect the following categories of personal information:

Information you provide to us

  • Account information: name, email address, password (stored in hashed form), and where applicable, employee or organizational identifier provided by your employer.
  • Profile and preferences: job title, department, native language, target language proficiency level, learning goals, time zone, profile photo (if you choose to upload one), and other information you choose to provide.
  • Learning content: written exercises and assignments, lesson notes, homework submissions, messages exchanged with teachers, and other content you submit through the Services.
  • Voice and audio data: audio recordings of practice sessions and conversations with our AI coaching tools, retained on a limited and ephemeral basis as described in Section 7.
  • Communications: information you provide when contacting us for support, responding to surveys, or signing up for our newsletter.
  • Payment information: if you purchase a subscription directly, payment information is collected and processed by our payment provider, Stripe. Talaera does not store your full payment card details.

Information generated by your use of the Services

  • Activity and usage data: records of features you access, content you view, time spent in the Services, and learning progress and engagement metrics.
  • AI interaction data: the inputs you submit to our AI coaching tools and the outputs returned to you, used to deliver the AI features and stored as part of your learning history.
  • Teacher feedback and assessments: notes, feedback, scores, and evaluations created by your teachers in connection with your lessons.
  • Technical data: IP address, browser and device information, operating system, session identifiers, language and locale settings.

Information from third parties

If you sign in using single sign-on (SSO) provided by your employer or a third-party authentication provider, we receive the information necessary to authenticate you (such as your name and email address). If your employer has provisioned an account for you, we receive the information your employer has chosen to share with us.

4. How We Use Your Information

We use personal information for the following purposes:

  • To provide the Services. We use your information to deliver English language training, facilitate lessons with teachers, operate AI coaching tools, track your learning progress, and provide customer support.
  • To communicate with you. We send you transactional and lifecycle emails relating to your use of the Services (such as lesson reminders, account notices, and progress updates). If you have opted in, we may also send you marketing communications, which you can unsubscribe from at any time.
  • To improve the Services. We use de-identified and aggregated data to understand how the Services are used, identify common needs, develop new features, and improve our content. As described in Section 6, we do not use your data to train AI models.
  • To secure the Services. We use your information to detect and prevent fraud, abuse, and security threats, to investigate suspected violations of our Terms of Service, and to maintain the integrity and reliability of the Services.
  • To comply with legal obligations. We use your information to comply with applicable laws, respond to lawful requests from authorities, and enforce our agreements.

5. How We Share Your Information

We share personal information only as described below.

With your employer (for enterprise users)

If you access the Services through your employer, we share information with your employer in accordance with our agreement with them. The information shared with your employer typically includes the learning plan and goals associated with your course, attendance for scheduled sessions (including missed sessions), engagement metrics, and aggregate progress reporting. Your employer does not have access to the content of your individual lessons, including session transcripts, teacher feedback, written assignments, or AI conversation history.

With service providers (sub-processors)

We engage trusted service providers to help us operate the Services. These sub-processors process personal information on our behalf and are contractually bound to data protection obligations. The current list of our sub-processors, including their location and purpose, is published and maintained at https://www.talaera.com/sub-processors. As of the date of this Privacy Policy, the published list includes service providers in the following categories:

  • Cloud hosting and infrastructure (Amazon Web Services)
  • AI services for coaching and language analysis features (OpenAI, Anthropic, Google)
  • Customer relationship management and engagement tracking (HubSpot)
  • Customer support and outsourced support services (Intercom, WOW24-7)
  • Payment processing (Stripe)
  • Application monitoring and analytics (Sentry, Datadog, Amplitude)
  • Email and business communications (Google Workspace)
  • Customer satisfaction and feedback (Typeform)
  • Advertising and marketing measurement (website only — Google, LinkedIn, Meta and similar advertising partners)

With teachers

Teachers engaged by Talaera receive the information necessary to provide instruction to you, including your name, learning goals, profile information, learning history, and content you submit. Teachers are independent contractors bound by written confidentiality agreements with Talaera and may not use your information for any purpose other than providing the Services.

For legal reasons

We may disclose personal information if we believe in good faith that disclosure is necessary to (i) comply with applicable law or valid legal process, (ii) protect the rights, property, or safety of Talaera, our users, or others, (iii) enforce our agreements, or (iv) prevent or investigate fraud, security, or technical issues.

In a business transaction

If Talaera is involved in a merger, acquisition, financing, or sale of all or part of our business, personal information may be transferred as part of that transaction. We will notify users of any such transfer that materially affects how their personal information is handled.

Advertising and analytics partners

We may share limited information (such as cookie identifiers, device information, IP address, and pages viewed) with advertising and analytics partners to measure the effectiveness of our marketing, deliver advertisements about our Services on other websites, and understand how visitors interact with our Site. This may include sharing information that qualifies as “sharing” or “selling” for purposes of the California Consumer Privacy Act and similar U.S. state privacy laws, in the form of cross-context behavioral advertising. We share this information only with respect to website visitors and only where permitted by your cookie preferences and applicable law.

We do not sell personal information of users of our Services

Information that you provide to us as a registered user or that we collect through your use of our Services (such as your account information, learning content, and lesson activity) is not sold or shared for cross-context behavioral advertising. This Section 5 governs all sharing of that information.

6. Artificial Intelligence and Your Data

The Services include features powered by artificial intelligence, such as AI coaching tools, language assessment, and feedback generation. We want to be clear about how we handle your data in connection with these features.

We do not use your data to train AI models

Talaera does not use your personal information, the inputs you submit to AI tools, or the outputs you receive to train, fine-tune, or otherwise develop any AI model, whether our own or operated by a third party. The third-party AI providers we use (OpenAI, Anthropic, and Google) are contractually prohibited from using your data to train or improve their models.

How AI features process your data

When you use an AI feature, the relevant input (your message, voice recording, or written content) is sent to a third-party AI provider through their commercial API to generate a response. The provider returns the response to us, which we deliver to you within the Services. Your data flows to AI providers solely to deliver the AI feature you are using.

Transparency

Where the Services involve direct interaction between you and an AI system (such as conversational AI coaching), we will inform you that you are interacting with an AI and not a human. AI-generated outputs (such as feedback or scores) are clearly identified as such.

De-identified analytics

We may use de-identified and aggregated data derived from how the Services are used to improve our products. De-identified data does not identify, and cannot reasonably be used to identify, you or any other individual. We do not attempt to re-identify de-identified data.

Limitations of AI outputs

AI-generated outputs are formative learning aids and may contain inaccuracies, errors, or biases. They are not intended to be, and should not be relied upon as, professional advice (legal, medical, financial, tax, or otherwise) or as the basis for employment-related decisions.

7. Data Retention

We retain personal information for as long as necessary to provide the Services and to fulfill the purposes described in this Privacy Policy. Specific retention practices include:

  • Account and Profile Data: retained for as long as your account is active. When your account is deleted, we de-identify your personal information within thirty (30) days, retaining only what is necessary for legitimate business purposes such as financial recordkeeping, defense of legal claims, and the integrity of business records.
  • Learning History and Content: retained for as long as your account is active so you can review your learning history. De-identified along with account deletion.
  • Voice Recordings: retained on a limited and ephemeral basis for no longer than thirty (30) days, except as needed for security investigation, abuse review, or as required by law.
  • Operational Logs and Technical Data: retained for the period necessary to operate, secure, and improve the Services, in accordance with our retention practices and our service providers’ policies.
  • Backup Data: personal information may persist in routine backup systems for an additional period in accordance with our standard backup retention practices, after which it is deleted. Backed-up data is not actively used and remains subject to the same security controls as production data.

If you are an enterprise user, your employer’s contract with Talaera may specify additional retention or deletion requirements that supersede the above for the data your employer controls.

8. Your Privacy Rights

You have rights regarding your personal information. The specific rights available to you depend on the laws of your jurisdiction, but generally include:

  • Right to access. You can request a copy of the personal information we hold about you.
  • Right to correct. You can request that we correct inaccurate or incomplete personal information.
  • Right to delete. You can request that we delete your personal information, subject to certain legal exceptions.
  • Right to data portability. You can request a copy of your personal information in a structured, machine-readable format.
  • Right to object or restrict processing. You can object to certain processing of your personal information or request that we restrict it.
  • Right to withdraw consent. Where we rely on your consent, you can withdraw it at any time.
  • Right to opt out of marketing. You can unsubscribe from marketing communications at any time using the link in any marketing email or by contacting us.
  • Right to non-discrimination. We will not discriminate against you for exercising your privacy rights.

How to exercise your rights

Many of these rights can be exercised directly within the Services:

  • You can review and update most of your account information through your account settings.
  • You can delete your account at any time through your account settings, which will trigger de-identification of your personal information as described in Section 7.
  • You can adjust your cookie and tracking preferences on our website at any time through the “Your Privacy Choices” link in the website footer.

To exercise other rights, or if you cannot use the self-service tools, contact us at privacy@talaera.com from the email address associated with your account, or respond to a verification email if requested. We may need to verify your identity before fulfilling your request to protect against unauthorized access to your data. We will respond to your request within the timeframe required by applicable law (generally 30 days, extendable by an additional 60 days for complex requests).

If you access the Services through your employer, you should contact your employer first to exercise rights related to data your employer controls. Your employer may direct you to contact us, in which case we will assist your employer in responding to your request.

Right to lodge a complaint

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with a privacy regulator, you have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can address your concerns directly.

9. U.S. State Privacy Rights

If you are a resident of a U.S. state with comprehensive privacy legislation, you have the rights described in Section 8, and the additional rights described in this Section.

Categories of personal information

In the past twelve (12) months, we have collected the categories of personal information described in Section 3, from the sources described in Section 3, for the purposes described in Section 4, and have shared them with the categories of recipients described in Section 5.

Sale and sharing of personal information

We do not sell personal information of users of our Services for monetary consideration. We may share limited website visitor information with advertising partners for purposes that may qualify as “sharing” for cross-context behavioral advertising under the CCPA and similar U.S. state privacy laws. You can opt out of such sharing at any time through the “Your Privacy Choices” link in our website footer or by adjusting your cookie preferences. We honor Global Privacy Control (GPC) signals as a valid opt-out request, as described below.

Sensitive personal information

We do not use or disclose sensitive personal information for purposes that would require us to offer a right to limit such use under applicable law.

Global Privacy Control

We honor Global Privacy Control (GPC) signals as a valid request to opt out of any sale or sharing of your personal information under applicable state laws. If your browser sends a GPC signal when you visit our Site, we will treat that signal as an opt-out request from that browser and device.

Authorized agents

You may authorize another person to submit a request on your behalf. We may require the authorized agent to provide proof of authorization and may require you to verify your identity directly with us before fulfilling the request.

California-specific disclosures

California’s Shine the Light law (Civil Code § 1798.83) permits California residents to request information regarding our disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

10. International Data Transfers

Talaera is based in the United States, and our Services are operated from the United States. If you are accessing the Services from outside the United States, please be aware that your personal information will be transferred to, stored in, and processed in the United States.

For users in the European Economic Area, the United Kingdom, or other jurisdictions with data transfer restrictions, we rely on the following safeguards for international transfers:

  • Standard Contractual Clauses approved by the European Commission for transfers from the EEA;
  • the UK International Data Transfer Addendum for transfers from the United Kingdom;
  • for enterprise customers, additional contractual safeguards as set out in our Data Processing Agreement.

By using the Services or providing personal information to us, you acknowledge that your information may be transferred to the United States and other countries where we and our service providers operate.

11. Security

We maintain administrative, technical, and physical safeguards designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These safeguards include:

  • Encryption of data in transit (TLS 1.2 or higher) and at rest (AES-256 via cloud-managed encryption);
  • Hashing of account passwords using bcrypt;
  • Role-based access controls and multi-factor authentication for personnel;
  • Network segmentation, intrusion detection, and security monitoring;
  • Periodic vulnerability scanning and third-party penetration testing;
  • Confidentiality obligations on personnel and service providers.

More information about our security practices is available at https://www.talaera.com/security. No method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

12. Children’s Privacy

The Services are intended for individuals who are at least eighteen (18) years of age and are not directed to children under 18. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected personal information from a person under 18, we will delete that information promptly. If you believe a child under 18 has provided personal information to us, please contact us at privacy@talaera.com.

13. Cookies and Similar Technologies

We use cookies and similar tracking technologies on the Site and within the Services for purposes including providing and securing the Services, remembering your preferences, analyzing how the Services are used, and (on our website only) measuring marketing effectiveness and delivering advertisements about Talaera on other websites you visit. For detailed information about the cookies we use, the categories they fall into, and your choices, please see our Cookie Policy at https://www.talaera.com/cookies. You can manage your cookie preferences at any time through the “Your Privacy Choices” link in our website footer.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (where you have provided one) or by prominent notice on the Site, and we will update the “Last Updated” date at the top. Your continued use of the Services after the effective date of the updated Privacy Policy means the updated Privacy Policy applies to your use of the Services.

Prior versions of this Privacy Policy are available on request.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Talaera Inc.

Attn: Privacy Team

28 Liberty Street, 6th Floor

New York, NY 10005

United StatesEmail: privacy@talaera.com