← Back to Home

Privacy Policy

Effective Date: 19th December 2025

1. Introduction

Firmus Technology Ltd ("we", "us", "our", or "Open Word") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Open Word real-time translation service ("Service").

We are the data controller for the personal information we collect about you as a user of our Service. For personal data processed through the Service on behalf of our customers (such as churches or conference organisers), we act as a data processor. Please refer to our Data Processing Agreement for details on that processing.

By using the Service, you consent to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you voluntarily provide when you:

• Register for an account: Name, email address, organisation name, and password
• Set up your profile: Organisation details, contact information, and preferences
• Subscribe to our Service: Billing information and payment details (processed by our payment provider)
• Contact us: Any information you include in your communications with us

2.2 Information Collected Automatically

When you use the Service, we automatically collect certain information, including:

• Usage data: Features used, session duration, frequency of use, and interactions with the Service
• Device information: Device type, operating system, browser type, and screen resolution
• Log data: IP address, access times, pages viewed, and referring URLs
• Cookies and similar technologies: Session cookies to maintain your login state and preferences

2.3 Audio and Transcription Data

When you use the transcription and translation features:

• Audio data: Audio from your events is streamed to our third-party speech recognition provider (Deepgram) for real-time transcription. We do not store raw audio data.
• Transcription data: Text transcriptions are processed transiently and are not stored unless you enable recording features.
• Translation data: Translated text is processed through Google Translate and displayed in real-time.

If you enable recording or transcript storage features, this data will be stored in accordance with your configured retention settings.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information (confirmations, invoices)
• Create and manage your account
• Send you technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyse usage patterns and trends to improve user experience
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Comply with legal obligations

4. Legal Basis for Processing (UK GDPR)

We process your personal data on the following legal bases:

Purpose	Legal Basis
Providing the Service	Performance of contract
Account management	Performance of contract
Payment processing	Performance of contract
Service communications	Legitimate interests (providing customer service)
Security and fraud prevention	Legitimate interests (protecting our Service and users)
Analytics and improvement	Legitimate interests (improving our Service)
Legal compliance	Legal obligation
Marketing (where applicable)	Consent

5. How We Share Your Information

We may share your information with:

5.1 Service Providers

We use third-party service providers to help us operate the Service:

Provider	Purpose	Location
Deepgram Inc.	Speech-to-text transcription	United States
Google LLC	Translation services	United States / EU
Supabase Inc.	Database and authentication	United States
Render Services Inc.	Hosting	United States
Stripe Inc.	Payment processing	United States

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

6. International Data Transfers

Your information may be transferred to, and processed in, countries other than the United Kingdom, including the United States. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data outside the UK, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the UK Information Commissioner
• UK-US Data Bridge certification (where applicable)
• Other appropriate safeguards recognised under UK data protection law

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including:

• Account information: Retained while your account is active and for 2 years after account closure
• Billing information: Retained for 7 years for tax and legal compliance
• Usage logs: Retained for 12 months
• Transcription/translation data: Processed transiently unless recording is enabled; stored recordings are retained according to your configured settings

When data is no longer needed, we securely delete or anonymise it.

8. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data in certain circumstances
• Right to restriction: Request that we limit how we use your data
• Right to data portability: Request your data in a structured, commonly used format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at privacy@openword.live. We will respond to your request within one month.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit using TLS 1.2 or higher
• Encryption of data at rest using AES-256
• Secure authentication with password hashing
• Regular security assessments and updates
• Access controls limiting who can access personal data
• Staff training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Keep you logged in to your account
• Remember your preferences
• Understand how you use the Service
• Improve the Service based on usage patterns

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of the Service.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Firmus Technology Ltd
37 Movilla Street
Newtownards
County Down
Northern Ireland
BT23 7JQ

Email: privacy@openword.live
General enquiries: hello@openword.live

14. Complaints

If you are not satisfied with our response to any privacy concern, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Website: ico.org.uk
Helpline: 0303 123 1113