This Privacy Policy explains how Spenat Labs Inc. (d/b/a Walk and Code) (“Walk and Code,” “Company,” “we,” “us,” or “our”) collects, uses, stores, shares, and otherwise processes personal information and other data in connection with walkandcode.com, our web application, and any related software, voice features, integrations, APIs, plugins, extensions, desktop or mobile applications, future products, and related services (collectively, the “Service”).

This Privacy Policy is intended to be read together with our Terms and Conditions. By accessing or using the Service, you acknowledge the practices described in this Privacy Policy.

1. Scope

This Privacy Policy applies to information we collect:

• when you visit our website;
• when you create an account or use the Service;
• when you use voice or microphone-enabled features;
• when you connect repositories, coding tools, third-party accounts, or integrations;
• when you communicate with us;
• when we receive information from vendors, service providers, analytics providers, payment processors, or third-party integrations; and
• when we otherwise collect information in connection with operating, improving, protecting, and developing the Service.

This Privacy Policy does not apply to third-party websites, products, services, or integrations that are subject to their own privacy policies and terms.

2. Information We Collect

We may collect, receive, generate, infer, store, and process the following categories of information.

2.1 Account and Contact Information

This may include:

• your name;
• email address;
• account credentials or authentication-related information;
• account preferences and settings;
• billing contact information; and
• any information you provide when contacting us.

2.2 Payment and Transaction Information

If you purchase a subscription or otherwise pay for the Service, we and our payment providers may process billing and transaction information, such as:

• billing address;
• subscription plan details;
• payment status;
• invoices, receipts, and transaction history; and
• limited payment-related metadata.

We generally rely on third-party payment processors to handle payment card and related payment information.

2.3 Voice, Audio, and Recording Information

When you use voice-enabled functionality, we may collect and process:

• microphone audio;
• voice recordings;
• transcripts;
• timing, session, and interaction metadata;
• annotations and quality review data; and
• derivative data generated from recordings or transcripts.

After onboarding and acceptance of our Terms, microphone audio may be recorded during active sessions.

2.4 Inputs, Prompts, Code, Repositories, and User Content

We may collect and process information you submit to or connect with the Service, including:

• prompts, instructions, chats, and requests;
• source code, files, folders, repositories, snippets, commits, diffs, configurations, logs, terminals, outputs, and related materials;
• project information, settings, and metadata;
• content you upload, paste, dictate, type, connect, sync, or otherwise make available; and
• data associated with connected development tools, repositories, cloud environments, coding agents, and related systems.

2.5 Device, Technical, and Usage Information

We may automatically collect information such as:

• IP address;
• browser type and version;
• device type and identifiers;
• operating system;
• language and time zone settings;
• log data;
• pages viewed and features used;
• timestamps, session information, clicks, navigation paths, and interaction data;
• crash reports, diagnostics, debugging data, and performance metrics; and
• approximate location inferred from IP address.

2.6 Cookies and Similar Technologies

We may use cookies, pixels, SDKs, local storage, and similar technologies to operate the Service, remember preferences, authenticate users, analyze usage, secure the Service, and improve performance.

2.7 Information from Third Parties

We may receive information from:

• third-party coding tools and agents;
• model providers and voice providers;
• repository providers and cloud platforms;
• authentication providers;
• analytics providers;
• payment processors;
• customer support tools;
• contractors and service providers; and
• other third parties you connect to or use with the Service.

2.8 Inferred and Derived Information

We may create or infer additional information from the data we collect, including:

• usage patterns;
• behavioral analytics;
• performance metrics;
• preferences and product interest signals;
• transcripts, summaries, annotations, classifications, embeddings, vectors, or other machine-generated representations;
• service integrity and fraud signals; and
• product improvement and research data.

3. How We Use Information

We may use personal information and other data for any lawful purpose, including to:

• provide, operate, maintain, host, support, and administer the Service;
• authenticate users and manage accounts;
• process subscriptions, payments, overages, and billing-related activities;
• process prompts, instructions, code, repositories, voice input, and other content to generate outputs and perform requested actions;
• record, transcribe, analyze, and review microphone audio during active sessions;
• enable connected tools, integrations, repositories, development environments, automations, and third-party services;
• improve, debug, monitor, evaluate, secure, and develop the Service and related products;
• develop new features, workflows, models, tools, and technologies;
• conduct analytics, research, testing, quality assurance, product improvement, and internal business operations;
• train, tune, evaluate, improve, and develop machine learning models, AI systems, speech systems, automation systems, and related technologies, whether by us or with vendors acting on our behalf;
• detect, investigate, prevent, and address fraud, abuse, security incidents, misuse, harmful activity, technical problems, and policy violations;
• enforce our Terms and other policies;
• communicate with you about the Service, updates, notices, billing, security, support, and administrative matters;
• send service-related messages and, where permitted by law, marketing or promotional communications;
• comply with legal obligations, lawful requests, court orders, and regulatory requirements; and
• protect the rights, property, safety, and interests of Walk and Code, our users, vendors, service providers, and others.

4. Legal Bases for Processing

To the extent applicable under laws such as the GDPR or UK GDPR, we may process personal data on the following legal bases:

• performance of a contract;
• compliance with legal obligations;
• our legitimate interests, including operating, securing, improving, and developing the Service and our business;
• consent, where required or obtained; and
• other lawful bases available under applicable law.

Where we rely on consent, you may withdraw it where permitted by law, but this will not affect processing already undertaken and may affect your ability to use parts of the Service.

5. Voice Recording and Microphone Data

The Service includes voice-enabled features. By using voice-enabled features after onboarding and acceptance of our Terms, you acknowledge that microphone audio may be recorded during active sessions.

We may:

• collect and store microphone recordings;
• create and store transcripts;
• review recordings and transcripts using automated systems and human reviewers;
• use recordings, transcripts, metadata, and derivative data for service operation, support, analytics, quality assurance, training, product improvement, research, abuse prevention, safety, and business purposes; and
• share or store such data with third-party service providers, cloud vendors, infrastructure providers, model providers, contractors, and analytics providers.

Recordings, transcripts, metadata, and related derivative data may be retained indefinitely unless and until you explicitly request deletion by emailing hello@walkandcode.com, subject to our right to retain information for legal, security, operational, backup, compliance, dispute, fraud prevention, product integrity, and business purposes.

You are solely responsible for ensuring that your use of the Service, including any recording of your microphone audio, complies with applicable law and any obligations you may owe to others.

6. How We Share Information

6.1 Affiliates and Corporate Group Members

We may share information with our affiliates, subsidiaries, parent entities, successors, or related companies.

6.2 Service Providers and Vendors

We may share information with vendors, contractors, consultants, cloud providers, hosting providers, model providers, speech and transcription providers, repository and tooling providers, analytics providers, payment processors, customer support providers, security providers, communications providers, and other service providers that help us operate, improve, secure, or develop the Service.

6.3 Third-Party Integrations and Connected Services

If you connect third-party accounts, repositories, tools, environments, or services, information may be shared with and received from those third parties as necessary to enable the Service.

6.4 Legal, Compliance, and Protection Purposes

We may disclose information where we believe it is necessary or appropriate to:

• comply with applicable law, regulation, court order, subpoena, legal process, or governmental request;
• enforce our Terms or other policies;
• detect, investigate, or prevent fraud, abuse, security incidents, illegal activity, or policy violations;
• protect the rights, property, safety, and interests of Walk and Code, our users, vendors, service providers, or others; or
• establish, exercise, or defend legal claims.

6.5 Corporate Transactions

We may disclose or transfer information in connection with an actual or proposed merger, acquisition, financing, asset sale, bankruptcy, reorganization, dissolution, or similar transaction.

6.6 With Your Direction or Consent

We may share information where you direct us to do so or otherwise consent.

7. Data Retention

We retain personal information and other data for as long as we determine is necessary or appropriate for the purposes described in this Privacy Policy, including to provide the Service, maintain accounts, improve products, develop technologies, maintain backups, satisfy legal obligations, resolve disputes, prevent fraud and abuse, enforce our agreements, and protect our business.

Some categories of data, including recordings, transcripts, logs, account history, code, chats, prompts, metadata, analytics, and derivative data, may be retained indefinitely unless we decide otherwise or you submit a deletion request that we choose to honor to the extent required by law or our policies.

Even if you request deletion or close your account, we may retain information as permitted or required by law, for security, legal, tax, accounting, backup, operational, compliance, dispute resolution, fraud prevention, abuse prevention, model integrity, product improvement, and business continuity purposes.

8. Data Deletion Requests

You may request deletion of certain data by emailing hello@walkandcode.com.

We may require verification before processing a request. We may deny, limit, or delay a request where permitted by law, where we cannot verify the request, where deletion is technically infeasible, or where retention is necessary or appropriate for legal, security, operational, backup, fraud prevention, abuse prevention, dispute, compliance, product integrity, or business purposes.

Deletion from active systems may not result in immediate deletion from backups, logs, archives, caches, derived datasets, or systems maintained by our vendors.

9. Cookies and Similar Technologies

We may use cookies and similar technologies for authentication, security, fraud prevention, session management, preferences, analytics, diagnostics, measurement, performance, and product improvement.

You may be able to manage certain cookie settings through your browser or device settings, but disabling cookies may affect functionality.

We may publish a separate Cookie Policy in the future. If we do, it will supplement this Privacy Policy.

10. Analytics and Tracking

We may use third-party analytics and related tools to understand how users interact with the Service, improve the Service, monitor performance, detect issues, and support marketing or product decisions.

These tools may collect information such as IP address, device information, browser information, pages viewed, user actions, session duration, referral information, and identifiers.

11. Security

We use administrative, technical, organizational, and physical measures designed to help protect information. However, no method of transmission, storage, or processing is completely secure, and we do not guarantee the security, confidentiality, or integrity of any information.

You use the Service and transmit information at your own risk.

12. International Data Transfers

We and our vendors may process, store, and transfer information in the United States and in other countries where we or our service providers operate.

Those jurisdictions may have data protection laws that differ from those of your jurisdiction. By using the Service, you acknowledge that your information may be transferred to, stored in, and processed in jurisdictions outside your place of residence.

Where required by applicable law, we may rely on lawful transfer mechanisms.

13. Children’s Privacy

The Service is not intended for children, and we do not intend for anyone under 18 to use the Service. If we learn that we have collected personal information from a person under 18 in violation of applicable law, we may delete that information and terminate the associated account.

14. Your Privacy Rights

Depending on where you live, you may have certain rights under applicable privacy laws, which may include the right to:

• request access to certain personal information;
• request correction of inaccurate information;
• request deletion of certain information;
• object to or restrict certain processing;
• withdraw consent where processing is based on consent;
• request portability of certain information; and
• appeal certain privacy decisions, where applicable.

These rights are not absolute and may be limited by law. To exercise rights, email hello@walkandcode.com. We may need to verify your identity before responding.

We will not discriminate against you for exercising rights granted by applicable law, except as permitted by law.

15. California Privacy Disclosures

If you are a California resident, this section provides additional disclosures under applicable California privacy laws.

15.1 Categories of Personal Information We Collect

In the preceding 12 months, we may have collected the following categories of personal information:

• identifiers;
• customer records information;
• commercial information;
• internet or other electronic network activity information;
• audio information;
• professional or employment-related information if you choose to provide it;
• inferences drawn from personal information; and
• other information that relates to or is reasonably capable of being associated with you.

15.2 Sources of Personal Information

We collect personal information from:

• you directly;
• your devices and browsers;
• your use of the Service;
• third-party integrations and connected services;
• vendors and service providers; and
• analytics, payment, authentication, and support providers.

15.3 Purposes for Collection, Use, and Disclosure

We collect, use, disclose, and otherwise process personal information for the purposes described in this Privacy Policy, including operating the Service, processing voice and code inputs, improving products, model training and development, analytics, research, fraud prevention, support, billing, legal compliance, and enforcement.

15.4 Sharing and Disclosure

We may disclose personal information to service providers, contractors, affiliates, analytics providers, cloud vendors, model providers, payment processors, support providers, legal authorities, and others as described in this Privacy Policy.

We do not sell personal information for money in the traditional sense. However, some privacy laws define “sale,” “share,” or similar terms broadly. To the extent applicable law characterizes certain analytics, advertising, or related disclosures as a sale or sharing, you may contact us at hello@walkandcode.com regarding your applicable rights.

15.5 Sensitive Information

We may collect and process audio recordings, transcripts, account credentials, payment-related information, precise codebase content, repository information, and other potentially sensitive information as necessary to operate, improve, secure, and develop the Service.

We do not use or disclose sensitive personal information for purposes other than those permitted by applicable law and the business purposes described in this Privacy Policy, except where you direct us to do so or where otherwise permitted by law.

16. Do Not Track

Some browsers transmit “Do Not Track” signals. Because there is no universally accepted standard for responding to such signals, we do not currently respond to them.

17. Third-Party Services

The Service may contain links to, connect with, or interoperate with third-party services. We are not responsible for the privacy, security, or data practices of those third parties. Your use of third-party services is governed by their own terms and policies.

18. Changes to This Privacy Policy

We may update this Privacy Policy at any time in our sole discretion. The updated version becomes effective when posted, unless we state otherwise. Your continued use of the Service after an updated Privacy Policy becomes effective means you acknowledge the updated Privacy Policy.

19. Contact Us

If you have questions or requests regarding this Privacy Policy, contact:

Spenat Labs Inc. (d/b/a Walk and Code)
Email: hello@walkandcode.com