← Back to Home

Privacy Policy

Last updated: December 13, 2025

1. Introduction

Cipher ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our document translation platform ("Service") operated by Translayte.

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, password (hashed), and profile information
  • Team Information: Team names, member lists, roles, and collaboration data
  • Documents: PDFs, images, and other files you upload for translation
  • Translation Data: Source and target languages, translation instructions, revision notes, and edited content
  • Payment Information: Processed securely through Stripe (we do not store full credit card details)
  • Support Communications: Messages, feedback, and support requests

2.2 Automatically Collected Information

When you use the Service, we automatically collect certain information, including:

  • Usage Data: Translation job history, credit transactions, feature usage, and interaction patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, pages viewed, features used, and error logs
  • Cookies and Tracking: Session cookies, authentication tokens, and analytics data

2.3 Third-Party Information

We may receive information from third-party services:

  • Stripe: Payment transaction data and customer information
  • Authentication Providers: If you use social login or OAuth services
  • AI Service Providers: Translation processing metadata (OpenAI, Anthropic)

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process translations, manage teams, handle billing, and deliver features
  • Improve the Service: Analyze usage patterns, fix bugs, and develop new features
  • Communicate with You: Send service updates, support responses, team invitations, and important notices
  • Ensure Security: Detect fraud, prevent abuse, and protect user accounts
  • Comply with Legal Obligations: Meet regulatory requirements and respond to legal requests
  • Personalization: Customize your experience and provide relevant features
  • Analytics: Understand how the Service is used and improve performance

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating the Service:

  • AWS (Amazon Web Services): Cloud storage (S3) and email services (SES) for document storage and delivery
  • Stripe: Payment processing and billing management
  • AI Providers: OpenAI and Anthropic for translation processing (documents are processed but not stored by these providers)
  • ABBYY: OCR processing for document format conversion
  • Hosting Providers: Infrastructure and hosting services

4.2 Team Collaboration

Within teams, information is shared among team members according to their roles:

  • All team members can view translations, credit balances, and team activity
  • Only Owners and Admins can view billing information and manage team settings
  • Team invitations include your email address and team name

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, such as:

  • Court orders, subpoenas, or legal processes
  • Government investigations or regulatory inquiries
  • Protection of rights, property, or safety of users or others
  • Enforcement of our Terms & Conditions

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Data Storage and Security

We implement industry-standard security measures to protect your information:

  • Encryption: Documents and sensitive data are encrypted in transit (TLS/SSL) and at rest
  • Secure Storage: Files are stored on AWS S3 with access controls and signed URLs with expiration
  • Access Controls: Role-based access control ensures only authorized users can access data
  • Authentication: Secure password hashing and optional two-factor authentication (2FA)
  • Regular Audits: Security assessments and monitoring for unauthorized access
  • Data Isolation: Team-scoped data ensures proper separation between organizations

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining the highest standards of data protection.

6. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active and for a reasonable period after account closure
  • Documents and Translations: Retained until you delete them or close your account
  • Transaction Records: Retained for legal and accounting purposes as required by law
  • Log Data: Retained for security and troubleshooting purposes (typically 90 days to 1 year)

You may request deletion of your data at any time by contacting [email protected] or using account deletion features. Some data may be retained for legal compliance or to resolve disputes.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access and Portability

You can access, download, and export your data through the Service dashboard. You may request a copy of your personal information by contacting [email protected].

7.2 Correction and Updates

You can update your account information, profile details, and team settings directly through the Service. You may request corrections to inaccurate data by contacting support.

7.3 Deletion

You can delete individual translations, documents, or your entire account at any time. Account deletion will remove your personal data, subject to legal retention requirements.

7.4 Opt-Out

You can opt out of non-essential communications by adjusting your notification preferences. You cannot opt out of essential service communications (e.g., security alerts, billing updates).

7.5 GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

To exercise these rights, contact [email protected]. We will respond within 30 days.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your session and authentication state
  • Remember your preferences and settings
  • Analyze Service usage and performance
  • Improve user experience

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

We take appropriate safeguards to ensure your information receives an adequate level of protection, including:

  • Standard contractual clauses approved by data protection authorities
  • EU-only data processing options (available upon request)
  • Compliance with applicable data protection frameworks

10. Children's Privacy

The Service is not intended for children under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected], and we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date at the top of this page
  • Sending you an email notification (for significant changes)
  • Displaying a notice in the Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: [email protected]
Service: Cipher by Translayte
Data Protection Officer: Available upon request at [email protected]

For EU users, you also have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your privacy concerns.