Last Updated: July 19, 2025
WhereTheyTalk is operated by Perjan Professional Product Partners FlexKapG, an Austrian company registered at Heiligenstädter Lände 29/2. OG, 1190 Vienna, Austria. We serve as the data controller for all personal data processed through our B2B conversation discovery platform.
For data protection inquiries, contact us at privacy@wheretheytalk.com or at our registered address above. Under Austrian law, you also have the constitutional Right to Secrecy regarding your personal data beyond standard GDPR protections.
We collect business contact information when you register for our service, including your email address, name, and organization details. This information is necessary to provide our SaaS platform and authenticate your access.
Our service aggregates publicly available content from third-party platforms including Reddit and Hacker News through automated web scraping. We collect this content to identify discussions relevant to your specified search criteria. We respect technical restrictions such as robots.txt files and platform rate limits.
We use analytics tools to collect technical information about your platform usage, including pages viewed, features accessed, and interaction patterns. This data helps us improve our service performance and user experience.
When you communicate with us for support or join our waitlist, we collect the information you provide, including any details you share in your messages or requests.
We process your account information based on our contract with you to provide the WhereTheyTalk service. This includes authentication, service delivery, and essential communications about your account.
For business communications, service improvements, and analytics, we rely on our legitimate business interests. Our legitimate interest assessment demonstrates that these activities support our service quality while presenting minimal privacy impact to professional users.
We process publicly available content from third-party platforms based on legitimate interests in providing conversation discovery services. This processing includes AI-powered analysis to match content with your search criteria and generate insights.
For legal compliance requirements, such as tax record-keeping or responding to lawful requests, we process data based on legal obligations under Austrian and EU law.
Our platform uses artificial intelligence to analyze content and generate insights about conversation relevance. These AI systems process text to identify topics, sentiment, and matching criteria you specify. All AI-generated outputs are clearly marked as automated analysis and should supplement, not replace, your professional judgment.
You have the right to request human review of any automated decision that significantly affects your use of our service. We maintain appropriate human oversight of our AI systems to ensure accuracy and fairness.
We work with trusted service providers who process data on our behalf under strict contractual obligations. These include cloud hosting providers, authentication services, email delivery services, and analytics platforms. All processors are bound by data protection agreements ensuring GDPR compliance.
We use Supabase for database hosting and authentication, PostHog for analytics, and Mailjet for email communications. These services may process data in the United States under Standard Contractual Clauses ensuring adequate protection equivalent to EU standards.
We do not sell, rent, or trade your personal data to third parties for their own purposes. We only share data when required by law or with your explicit consent.
Some of our service providers operate from the United States and other countries outside the European Economic Area. When we transfer personal data internationally, we implement appropriate safeguards including Standard Contractual Clauses approved by the European Commission.
For processors located in the United States, we ensure compliance with adequacy decisions where applicable or rely on contractual safeguards. All international transfers maintain protection equivalent to EU data protection standards.
We retain your account information for the duration of your subscription plus three years to fulfill contractual obligations and resolve any disputes. Marketing communications data is retained until you unsubscribe or request deletion.
Content aggregated from third-party platforms is processed immediately for matching your criteria. We retain aggregated insights in anonymized form for service improvement. Raw scraped content is not stored longer than necessary for processing, typically less than 30 days.
Analytics data is retained for twelve months in identifiable form, after which it may be retained in aggregated, non-identifiable form for trend analysis. Security logs and audit trails are maintained for six months unless required longer for investigation purposes.
When you request account deletion, we remove your personal data within 30 days except where retention is required for legal compliance, such as tax records which we maintain for seven years as required by Austrian law.
Under GDPR and Austrian data protection law, you have comprehensive rights regarding your personal data. You may request access to all personal data we hold about you, including how we obtained it and how we use it.
You can request correction of inaccurate information or completion of incomplete data at any time. You may also request deletion of your personal data when it is no longer necessary for our legitimate purposes or when you withdraw consent.
You have the right to restrict our processing of your data in certain circumstances, such as when you contest its accuracy or object to processing based on legitimate interests. You may also request data portability to transfer your information to another service provider.
For processing based on legitimate interests, you have the right to object, and we will cease processing unless we demonstrate compelling legitimate grounds that override your interests. You have an absolute right to object to any direct marketing use of your data.
You may withdraw consent at any time for processing activities that require your consent, such as optional analytics or marketing communications. Withdrawal does not affect the lawfulness of processing before withdrawal.
To exercise any of these rights, contact us at privacy@wheretheytalk.com. We will respond within one month and may request verification of your identity to protect your personal data from unauthorized access.
If you believe we have violated your data protection rights, you may lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) at dsb@dsb.gv.at or www.dsb.gv.at.
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption in transit and at rest, access controls, and regular security assessments.
All our employees and contractors with access to personal data are bound by confidentiality obligations that continue after their engagement ends, as required by Austrian data protection law.
We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of material changes by email or prominent notice on our platform before they become effective. Your continued use of WhereTheyTalk after updates indicates your acceptance of the revised policy.
For questions about this privacy policy or your personal data, contact us at:
Email: privacy@wheretheytalk.com
Address: Perjan Professional Product Partners FlexKapG, Heiligenstädter Lände 29/2. OG, 1190 Vienna, Austria
We are committed to addressing your inquiries promptly and transparently in accordance with Austrian and European data protection standards.