Privacy Policy

PRIVACY POLICY

Last Updated: March 18, 2026

This privacy notice for Podbean Inc. (doing business as Podbean) ("we," "us," or "our"), a company incorporated in the State of Nevada, with a registered address at 5940 S Rainbow Blvd Ste 400 #56077, Las Vegas, NV, 89118 describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"). Whenever you engage with the services provided by Podbean Inc., our role depends on how you use the platform:

1. For Podcasters: If you are a Podcaster using our hosting, distribution, or live streaming services to publish content, you acknowledge that Podbean acts as a Data Processor with respect to your podcast content and listener logs. In this capacity, you are the Data Controller. Your use of these services is governed by our Data Processing Addendum (DPA). Podbean acts as a Data Controller only for your specific account billing data.

2. For Advertisers: If you are an Advertiser using our Ads Marketplace, Podbean acts as a Data Controller for your account registration and billing information. With respect to ad targeting, delivery, and measurement data, both parties act as Independent Data Controllers subject to the terms of our Advertiser Agreement.

3. For Listeners & Visitors: If you are a Listener (including users of the 'Podbean App') or a visitor to our website, Podbean Inc. is the Data Controller responsible for processing your personal information as outlined in this Policy.

For residents of the European Economic Area (EEA) that are engaging with services provided by Podbean, Inc., please note that IT Governance Europe Limited has been appointed as our EU representative in accordance with Article 27 of the General Data Protection Regulation ("GDPR").

If you wish to exercise your rights under the EU General Data Protection Regulation (GDPR), or have any queries in relation to your rights or privacy matters generally please email our Representative at eurep@itgovernance.eu or post your request or query to:

EU Representative, IT Governance Europe, The Mill Enterprise Hub, Stagreenan, Drogheda, Co. Louth, A92 CD3D, Ireland.

When contacting our Representative, please ensure you include our company name in any correspondence.

This Policy applies to:

  • Listeners of podcasts hosted by Podbean, including those accessing podcasts through our website, mobile application, or third-party podcast platforms such as Apple Podcasts, Spotify, or similar services ('Listeners').
  • Podcasters (individuals or representatives of entities) who use our podcast hosting, distribution, or monetization services, including any user registered under a Podcaster account ("Podcasters").
  • Advertisers (individuals or representatives of entities) who purchase our advertising products or services, including agencies ("Advertisers").

Our Services include interactions such as when you:

  • Visit our website at https://www.podbean.com, or any other Podbean website that links to this Privacy Policy.
  • Download and use our mobile application (Podbean Podcast App), or any other application of ours that links to this privacy notice.
  • Engage with us in other related ways, including any sales, marketing, events or customer support.
  • Access our Services through third-party integrations, APIs, embeddable players, or syndicated RSS feeds.
  • Use our AI-powered features, including audio optimization, AI-generated titles and show notes, script generation, and text-to-audio conversion.

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@podbean.com.

TABLE OF CONTENTS

1. What Information Do We Collect?
2. How and Why Do We Process Your Information?
3. When and With Whom Do We Share Your Personal Information?
4. What Is Our Stance on Third-Party Websites?
5. How Do We Handle Your Social Logins?
6. Is Your Information Transferred Internationally?
7. How Long Do We Keep Your Information?
8. How Do We Keep Your Information Safe?
9. Do We Collect Information from Minors?
10. What Are Your Privacy Rights?
11. Controls for Tracking Technologies and Do-Not-Track Features
12. Do California Residents Have Specific Privacy Rights?
13. Do Virginia Residents Have Specific Privacy Rights?
14. Additional U.S. State Privacy Rights
15. AI-Powered Features and Services
16. Data Breach Notification
17. Data Minimization and Purpose Limitation
18. Nevada Privacy Rights
19. Do We Make Updates to This Notice?
20. How Can You Contact Us About This Notice?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us or to a group company

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • email addresses
  • usernames
  • passwords
  • billing addresses
  • display names and profile images
  • podcast titles, descriptions, and RSS feed metadata
  • advertising campaign details and creative assets
  • audio files, transcripts, and text content submitted to AI-powered features, including podcast episodes, scripts, blog posts, and other text inputs
  • AI feature usage data, including which AI features were used, frequency of use, and user preferences
  • AI-generated outputs (titles, show notes, scripts, audio files) associated with your account

Sensitive Information. We do not intentionally collect or process special categories of personal data (as defined in GDPR Article 9). However, in rare cases, information pertaining to these categories of data may be inferred from user-generated content. Where that occurs, we rely either on your explicit consent or on the need to perform a contract for such processing, and we make efforts to limit or delete any sensitive information that is inadvertently collected and for which we have no basis for processing.

Voice and Audio Data. When you use our AI audio optimization or text-to-audio features, your audio files are processed by third-party AI service providers. We do not use these features to create voiceprints, biometric identifiers, or biometric templates. Our AI service providers are contractually prohibited from extracting biometric data from audio content processed through our platform. For more information about how AI features process your data, see Section 15 (AI-Powered Features and Services).

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is stored by Stripe and PayPal. You may find their privacy notice link(s) here: stripe.com/privacy and paypal.com/privacy-center.

Social Media Login Data. We may provide you with the option to register with us using your existing social media account details, like your Facebook, Twitter, or other social media account. If you choose to register in this way, we will collect the information described in the section called "HOW DO WE HANDLE YOUR SOCIAL LOGINS?" below.

User-Generated Content

When you create, upload, or publish podcast episodes, comments, reviews, or other content through our Services, we process that content to provide the Services. You are responsible for ensuring that any content you upload does not violate third-party rights or applicable laws. We do not claim ownership of your content, but you grant us a license to host, distribute, and display it as necessary to provide the Services as described in our Terms of Service.

Application Data. If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:

  • Mobile Device Access. We may request access or permission to certain features from your mobile device, including your mobile device's bluetooth, calendar, microphone, social media accounts, storage, and other features. If you wish to change our access or permissions, you may do so in your device's settings.
  • Mobile Device Data. We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server).
  • Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.

This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Notice: podbean.com/cookies.

The information we collect includes:

  • Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files.
  • Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services.
  • Location Data. We collect location data such as information about your device's location, which can be either precise or imprecise.

Podcast Download and Streaming Analytics

We collect data related to podcast consumption, including download counts, streaming duration, episode completion rates, subscriber counts, geographic distribution of listeners (at city/region level based on IP address), listening platform or app used, and time-of-day patterns. This data is used to provide analytics dashboards to Podcasters, to measure advertising campaign performance, and to improve our Services. Where this data is associated with an identifiable individual, it is treated as personal information subject to this Policy.

2. HOW AND WHY DO WE PROCESS YOUR INFORMATION?

In Short: We process your personal information to provide, improve, and secure our Services, communicate with you and comply with legal obligations. We only do so when we have a valid legal basis, such as your consent, fulfilling a contract, complying with the law, protecting your rights, or pursuing our legitimate interests.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To facilitate account creation and authentication and otherwise manage user accounts. (Lawful basis: Performance of a contract)
  • To deliver and facilitate the delivery of services to the user. (Lawful basis: Performance of a contract; Legitimate interest)
  • To respond to user inquiries/offer support to users. (Lawful basis: Legitimate interest; Performance of a contract)
  • To send administrative information to you. (Lawful basis: Legal obligation; Legitimate interest)
  • To fulfil and manage your orders. (Lawful basis: Performance of a contract; Legal obligation)
  • To enable user-to-user communications. (Lawful basis: Performance of a contract; Legitimate interest)
  • For advertisement, data analytics and to provide recommendations. (Lawful basis: Consent for targeted advertising; Legitimate interest for analytics)
  • To comply with internal and external policies, guidelines, rules and legislation. (Lawful basis: Legal obligation)
  • To detect, prevent, and address fraud, abuse, and security threats. (Lawful basis: Legitimate interest; Legal obligation)
  • To enforce our Terms of Service, Acceptable Use Policy, and other agreements. (Lawful basis: Legitimate interest; Performance of a contract)
  • To conduct aggregated and anonymized analytics for service improvement. (Lawful basis: Legitimate interest)
  • To comply with lawful requests from law enforcement and regulatory authorities. (Lawful basis: Legal obligation; Legitimate interest)
  • To provide AI-powered content creation, optimization, and generation features at your request, including audio optimization, title and show notes generation, script generation, and text-to-audio conversion. (Lawful basis: Performance of a contract; Consent where required by applicable law)
  • To improve AI feature quality and accuracy through aggregated, anonymized analytics (no personal data is used for AI model training). (Lawful basis: Legitimate interest)

3. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following categories of third parties.

Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information.

The categories of third parties we may share personal information with are as follows:

  • Advertising Partners
  • Cloud Computing Services
  • Communication & Collaboration Tools
  • Data Analytics Services
  • Data Storage Service Providers
  • Payment Processors
  • Performance Monitoring Tools
  • Product Engineering & Design Tools
  • Sales & Marketing Tools
  • Social Networks
  • Retargeting Platforms
  • User Account Registration & Authentication Services
  • Website Hosting Service Providers
  • Affiliate Marketing Programs
  • Order Fulfillment Service Providers
  • Finance & Accounting Tools
  • Testing Tools
  • Content Delivery Networks (CDNs)
  • Legal and Compliance Advisors
  • AI and Machine Learning Service Providers — We share content you submit to AI features (audio files, text inputs, metadata) with our AI service providers solely for the purpose of delivering the requested AI feature. These providers are bound by data processing agreements that prohibit them from using your content for model training or any purpose other than providing the service. Current AI service providers are listed in our sub-processor list at podbean.com/sub-processors.

Sub-Processor List. A current list of our sub-processors, including their names, locations, and the services they provide, is maintained at podbean.com/sub-processors and is updated at least quarterly. Where we act as a Data Processor on behalf of Podcasters, we will notify Podcasters of any material changes to our sub-processor list at least thirty (30) days before such changes take effect, in accordance with our DPA.

We also may need to share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy notice.
  • Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions.
  • Other Users. When you share personal information (for example, by posting comments, contributions, or other content to the Services) or otherwise interact with public areas of the Services, such personal information may be viewed by all users and may be publicly made available outside the Services in perpetuity.
  • Law Enforcement and Legal Proceedings. We may disclose your personal information if required to do so by law or in response to valid legal process, including subpoenas, court orders, or government requests. We will attempt to notify you of such requests unless prohibited by law or court order.
  • Protection of Rights. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.

Private Podcasts and Data Access by Podcast Owners

If you are added as a private podcast listener by an organization that uses Podbean's private podcast services, please note that the administrator of that private podcast (the "Podcast Owner") may have access to certain personal information associated with your account. This may include your email address, podcast play activity (such as timestamps, listening duration, and completion rate), and subscription status.

The purpose of this data sharing is to allow the Podcast Owner to monitor engagement, ensure effective internal communication, and manage access rights to their private podcast content.

Sharing for Advertising Purposes

Certain applicable data protection laws include specific obligations for businesses that sell or trade personal information, or businesses that share personal information for targeted advertising purposes.

We may sell, trade, or otherwise share your personal information for purposes outlined in Section 1 above. You can opt out of targeted advertising from participating members of the following advertising industry associations:

4. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

In Short: We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with, our Services.

The Services may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this privacy notice.

5. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, friends list, and profile picture.

We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you on the relevant Services.

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

If you are located outside the United States, please be aware that your personal information is being collected directly by a US-based company, and processing occurs mainly in the United States of America. Your data may also be subsequently transferred to, stored in, and processed in countries that may not offer the same level of data protection as your home jurisdiction.

For users in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, such transfers may involve countries that are not subject to an adequacy decision by the European Commission. To ensure an appropriate level of protection for your data, we use safeguards such as:

  • The European Commission's Standard Contractual Clauses (SCCs), supplemented where necessary with additional technical and organizational measures.
  • Where applicable, transfers may also rely on the EU-U.S. Data Privacy Framework, whenever the recipient in the United States is certified under that framework.
  • The UK International Data Transfer Addendum to the EU SCCs, where UK personal data is in scope.
  • Transfer Impact Assessments conducted for transfers to countries without adequacy decisions, assessing the legal framework in the recipient country and any supplementary measures needed.

AI Service Provider Transfers. When you use our AI-powered features, your content may be transferred to third-party AI service providers located in the United States or other countries. Such transfers are covered by the same safeguards described above, including Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework. We require all AI service providers to implement encryption in transit (TLS 1.2 or higher) for all data transfers.

7. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will retain your personal information only for as long as is necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements. The retention periods below apply unless a longer period is required by applicable law:

  • Account data: Retained for the duration of your account plus 6 months after deletion.
  • Payment and billing data: Retained for the duration of your account or at least 7 years (for tax and legal purposes), whichever is longer.
  • Marketing and communication preferences: Retained for the duration of your account or until consent is withdrawn.
  • Usage analytics and logs: Retained for the duration of your account plus 6 months after deletion.
  • Podcast content and metadata: Retained for the duration of the Podcaster's account; deleted within 30 days of account termination unless subject to a legal hold.
  • Advertising campaign data: Retained for 3 years after the conclusion of the campaign for measurement and audit purposes.
  • Data subject request records: Retained for 3 years to demonstrate compliance.
  • Security and fraud prevention logs: Retained for up to 2 years.
  • Cookie consent records: Retained for the duration of consent validity plus 1 year.
  • Content submitted to AI features: Deleted from AI provider systems within 30 days of processing; retained in your account for as long as you maintain the associated content.
  • AI-generated outputs (titles, show notes, scripts, audio): Retained as part of your account content until you delete them or your account is terminated.
  • AI feature usage logs: Retained for up to 12 months for service improvement and troubleshooting.

Deletion Procedures

When personal data reaches the end of its retention period, it will be securely deleted or anonymized within 30 days. Where deletion is technically impracticable (e.g., data stored in backup archives), we will isolate the data from further processing until deletion is possible.

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. These include:

  • A dedicated cybersecurity team responsible for the design, implementation, and oversight of our security program;
  • Use of specialized tools such as host-based security software, network monitoring systems, and intrusion detection systems;
  • Security testing and vulnerability scanning prior to deployment and on an ongoing basis;
  • Internal and external audits and reviews of our systems and services;
  • Continuous infrastructure monitoring to identify potential intrusions or weaknesses;
  • Access controls that authenticate and authorize system access;
  • Encryption of data in transit, where appropriate;
  • Ongoing staff training and updates to security practices based on emerging risks and technological developments;
  • Encryption of personal data at rest using industry-standard encryption algorithms (AES-256 or equivalent);
  • Multi-factor authentication for administrative and privileged system access;
  • Regular penetration testing by independent third-party security firms;
  • Incident response plan with defined roles, escalation procedures, and communication protocols;
  • Encryption of all data transmitted to and from AI service providers using TLS 1.2 or higher;
  • Contractual requirements that AI service providers do not retain, log, or cache user content beyond the processing window.

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

9. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@podbean.com.

COPPA Compliance

To the extent our Services are directed at or knowingly collect personal information from children under 13 in the United States, we comply with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect, use, or disclose personal information from children under 13 without verifiable parental consent. If you believe we have collected such information, please contact us immediately at privacy@podbean.com and we will take steps to delete the information promptly.

AI Features and Minors

AI-powered features are not intended for use by individuals under 18 years of age. If we determine that a user of AI features may be a minor, we will restrict access to AI features for that account. Content submitted by minors will not be processed through third-party AI services.

10. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your location, you may have rights that allow you greater access to and control over your personal information. You can review, update, or terminate your account at any time.

Depending on where you are located, applicable data protection laws may grant you certain rights regarding your personal information. These rights vary by region, and we outline them below.

General Rights (All Users)

  • Right to Know/Access: Request details about the personal information we hold about you, including a copy.
  • Right to Correct: Request updates to inaccurate or incomplete personal information.
  • Right to Delete: Request deletion of your personal information, subject to exceptions such as legal obligations, fraud prevention, or ongoing service needs.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
  • Right to Opt Out of AI Processing: You may choose not to use any AI-powered feature.
  • How to Submit a Request:
  • Email: privacy@podbean.com
  • Form: podbean.com/data-request

We'll respond within 45 days, extendable by law if needed. To process your request, we may require identity verification.

EEA-Specific Rights (GDPR)

If you are located in the European Economic Area (EEA), the GDPR grants you additional rights:

  • Right of access: Request a copy of your personal data.
  • Right to rectification: Request corrections to inaccurate or incomplete personal data.
  • Right to erasure: Request deletion of your data where no legitimate reason for retention exists.
  • Right to restrict processing: Request temporary suspension of processing under certain conditions.
  • Right to data portability: Request a machine-readable copy of your data for transfer to another controller.
  • Right to object: Object to processing based on our legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Withdraw any consent given at any time without affecting prior processing.
  • Right not to be subject to automated decision-making: Ask for human review of significant decisions made solely by automated means.
  • Right to lodge a complaint: You can file a complaint with your local data protection authority.

U.S. State-Specific Rights

If you reside in certain U.S. states with privacy laws (e.g., California, Colorado, Connecticut, Florida, Montana, Oregon, Texas, Utah, Virginia), you may have these additional rights:

  • Right to Opt-Out: Opt out of the sale or sharing of your personal information for targeted advertising. Email privacy@podbean.com to exercise this right.
  • Right to Limit (California Only): Limit the use or disclosure of sensitive personal information as defined by the CCPA.
  • Right to Appeal: If we decline your privacy request, you may appeal our decision by emailing privacy@podbean.com with the subject line "Privacy Appeal." We will respond to your appeal within the timeframe required by applicable law. If your appeal is denied, you may contact your state attorney general.

We do not knowingly sell or share data of users under 16. We won't discriminate against you for exercising your rights.

11. CONTROLS FOR TRACKING TECHNOLOGIES AND DO-NOT-TRACK FEATURES

Most web browsers, mobile operating systems, and applications offer tools to help you control how your information is tracked online.

Cookies and Similar Technologies

  • Browser Settings: Most web browsers accept cookies by default. You can configure your browser to remove or reject cookies.
  • Opting Out of Interest-Based Advertising: You can opt out of interest-based advertising. For more details, see our Cookie Notice at podbean.com/cookies.

For visitors from the EEA, we will only place non-essential cookies if you have given prior consent through our Cookie Banner.

Do-Not-Track (DNT) Features

Some browsers and devices include a Do-Not-Track ("DNT") feature. Currently, no uniform standard for recognizing and implementing DNT signals has been finalized. As a result, we do not respond to DNT signals.

12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes.

CCPA Privacy Notice

If the definition of "resident" under the California Code of Regulations applies to you, we must adhere to certain rights and obligations regarding your personal information.

We have collected the following categories of personal information in the past twelve (12) months:

CategoryCollected
A. Identifiers (contact details, email address, IP address, account name)YES
B. Personal information per California Customer Records statuteYES
C. Protected classification characteristicsNO
D. Commercial informationNO
E. Biometric informationNO
F. Internet or similar network activityYES
G. Geolocation dataYES
H. Audio, electronic, visual, thermal, olfactory, or similar informationYES
I. Professional or employment-related informationNO
J. Education InformationNO
L. Sensitive Personal InformationNO

13. DO VIRGINIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a resident of Virginia, you may be granted specific rights regarding access to and use of your personal information.

Under the Virginia Consumer Data Protection Act (CDPA), Virginia consumers have rights to access, correct, delete, obtain a copy of, and opt out of targeted advertising and data sales. If we decline to take action regarding your request, you may appeal our decision by emailing privacy@podbean.com. Within sixty (60) days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response.

14. ADDITIONAL U.S. STATE PRIVACY RIGHTS

As of the effective date of this Policy, comprehensive consumer data privacy laws have been enacted in numerous U.S. states, including but not limited to Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, and Utah. If you are a resident of one of these states, you may have rights similar to those described in Sections 10, 12, and 13, including:

  • The right to confirm whether we are processing your personal data;
  • The right to access, correct, and delete your personal data;
  • The right to obtain a portable copy of your personal data;
  • The right to opt out of targeted advertising, the sale of personal data, and profiling;
  • The right to appeal a denial of your privacy request to us, and thereafter to your state attorney general.

The specific rights, thresholds, and timelines vary by state. We will process your request in accordance with the laws of your state of residence. To exercise any of these rights, contact us at privacy@podbean.com or visit podbean.com/data-request.

15. AI-POWERED FEATURES AND SERVICES

We offer certain AI-powered features within our Services that utilize third-party artificial intelligence and machine learning technologies. This section describes how these features work, what data they process, and your choices regarding their use.

AI Features We Offer

The following AI-powered features are available to users of our Services:

(a) Audio Optimization

This feature uses AI to enhance the quality of audio files you upload, including noise reduction, volume normalization, and clarity improvements. When you use this feature, your audio file is transmitted to our third-party AI service provider for processing. The processed audio is returned to you, and the original and processed files are retained only as long as necessary to complete the optimization (typically deleted from the AI provider's systems within 24 hours of processing). We contractually prohibit our AI providers from using your audio content to train their AI models.

(b) AI-Generated Episode Titles and Show Notes

This feature uses AI to generate suggested titles and descriptive show notes for your podcast episodes based on your audio content, transcripts, or metadata you provide. Your content is sent to a third-party AI service provider for analysis. The AI-generated suggestions are provided to you for review and editing before publication. We do not automatically publish AI-generated content without your approval. We recommend that you review and customize all AI-generated titles and descriptions before publishing.

(c) Audio Script Generation from Text

This feature uses AI to transform text input you provide (such as a blog post, article, or topic description) into a podcast-ready script. The text you provide is sent to a third-party AI service provider for processing. You retain full editorial control over the generated script and may modify it before use. If your input text contains personal information of third parties, you are responsible for ensuring you have the legal right to process that information.

(d) Text-to-Audio Conversion

This feature uses AI to convert written text into synthetic spoken audio. The text you provide is sent to a third-party text-to-speech (TTS) service provider. The resulting audio is synthetically generated and does not replicate any specific individual's voice unless you have separately provided and authorized the use of a voice profile.

IMPORTANT: Audio content generated by this feature is synthetically produced using AI. Under applicable laws, including the EU AI Act (Article 50), you are required to clearly disclose that any publicly distributed audio produced by this feature is AI-generated. We recommend including a disclosure such as "This audio was generated using AI text-to-speech technology" in your episode description or show notes.

Data Processing by AI Providers

When you use any AI-powered feature, the following applies:

  • Your content is transmitted to our third-party AI service providers solely for the purpose of providing the requested feature. A current list of AI service providers is included in our sub-processor list at podbean.com/sub-processors.
  • We contractually require all AI service providers to: (i) process your content only for the purpose of providing the requested service; (ii) not use your content to train, improve, or develop their AI models; (iii) delete your content from their systems within 30 days of processing (or sooner where technically feasible); and (iv) implement appropriate technical and organizational security measures.
  • Your content may be transferred to countries outside the EEA/UK for AI processing. Such transfers are subject to appropriate safeguards as described in Section 6 of this Policy.
  • We do not use AI features to create voiceprints, biometric identifiers, or biometric templates from your audio content. Our AI service providers are contractually prohibited from extracting biometric data from content processed through these features.

Your Choices Regarding AI Features

All AI-powered features are optional. You may choose not to use any AI feature.

Where you are a Podcaster acting as a Data Controller, you are responsible for deciding whether to use AI features in connection with your podcast content. By activating an AI feature, you instruct us to process the relevant content using our AI sub-processors as described in this section and in our Data Processing Addendum.

AI-Generated Content Labeling

In compliance with the EU AI Act (effective August 2, 2026) and emerging transparency requirements in other jurisdictions, we implement the following measures:

  • Audio produced by our text-to-audio feature is tagged with metadata identifying it as AI-generated where technically feasible;
  • We provide in-app notices reminding users of their obligation to disclose AI-generated content to their audiences;
  • Episode pages on our platform will display an AI-generated content indicator where the podcaster has used our TTS feature to produce the episode audio.

16. DATA BREACH NOTIFICATION

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will:

  • Notify the relevant supervisory authority without undue delay, and where feasible, within 72 hours of becoming aware of the breach (GDPR requirement);
  • Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms;
  • Comply with all applicable U.S. state breach notification laws, which may require notification to state attorneys general and affected individuals within specified timeframes;
  • Document the nature of the breach, the categories and approximate number of individuals and records concerned, the likely consequences, and the measures taken or proposed to address the breach;
  • Where we act as a Data Processor, notify the relevant Data Controller without undue delay upon becoming aware of a breach.

17. DATA MINIMIZATION AND PURPOSE LIMITATION

We are committed to collecting only the personal data that is reasonably necessary and proportionate to provide the specific Services you have requested. We do not collect personal data for purposes unrelated to those disclosed in this Policy.

We implement technical and organizational measures to enforce purpose limitation, including access controls that restrict employee and contractor access to personal data on a need-to-know basis, and data classification procedures that categorize personal data by sensitivity and purpose.

We periodically review the personal data we hold to ensure it remains necessary for the purposes for which it was collected. Data that is no longer needed is securely deleted or anonymized in accordance with Section 7.

18. NEVADA PRIVACY RIGHTS

As a company incorporated in Nevada, we comply with Nevada Revised Statutes Chapter 603A, which grants Nevada consumers the right to opt out of the sale of certain covered information that we may collect. If you are a Nevada resident and wish to submit such a request, please email us at privacy@podbean.com with the subject line "Nevada Opt-Out."

19. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

For material changes that affect how we process your personal data, we will provide at least thirty (30) days' advance notice before the changes take effect. Where required by applicable law, we will obtain your consent to material changes. A version history of this Policy is available at podbean.com/privacy-history.

20. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at privacy@podbean.com or contact us by post at:

Podbean Inc.
5940 S Rainbow Blvd Ste 400 #56077
Las Vegas, NV 89118
United States

Data Protection Officer

For privacy-related inquiries, you may also contact our Data Protection Officer at dpo@podbean.com. Our DPO is responsible for overseeing our data protection strategy and implementation to ensure compliance with applicable data protection laws.