Aksum
← Back to Aksum

Privacy Policy of Aksum

Last updated: May 07, 2026

This Privacy Policy explains how Aksum (“Aksum”, “we”, “us” or “our”) collects, uses, stores, shares and protects personal information when you use our website, browser-based platform and related services (the “Services”).

Aksum is a B2B internal intelligence platform that helps organizations process, organize and search internal knowledge from interviews, audio recordings, transcripts, documents, notes and related business sources. The platform uses AI and transcription technologies to support features such as transcription, diarization, summarization, source-grounded search, chat-based knowledge retrieval, entity and relationship extraction, report generation and workflow support.

Aksum is designed to assist users with research, sales preparation, editorial workflows, internal knowledge management and business intelligence tasks. Aksum does not make final decisions on behalf of customers or users. Human users remain responsible for reviewing outputs and making final decisions.

This Privacy Policy applies when you:

  • visit our website at aksum.ai or any website of ours that links to this Privacy Policy;
  • request a demo or contact us;
  • create or use an account;
  • access or use the Aksum platform;
  • upload, submit, generate or process Customer Content through the Services;
  • interact with us in relation to sales, pilots, support, events or business communications.

If you have any questions about this Privacy Policy, you can contact us at team@aksum.ai.

1. Who we are and our role

For the purposes of this Privacy Policy, the Services are operated by:

Aksum
Paseo de San Francisco de Sales 29
Madrid, Madrid 28003
Spain
Email: team@aksum.ai

If Aksum’s legal entity details change or are updated, this Privacy Policy may be updated to include the relevant legal name, registration details, tax identification number and any additional legal notice information required by applicable law.

Aksum may act in different roles depending on the type of data and processing activity.

For website, contact, demo request, account, security, administrative, billing and business relationship data, Aksum generally acts as a controller, meaning that we determine why and how such personal information is processed.

Where Aksum processes Customer Content on behalf of a business customer, Aksum generally acts as a processor and the business customer acts as the controller, unless otherwise agreed in writing. Customer Content may include audio recordings, transcripts, documents, notes, interview metadata, chat messages, reports and related materials uploaded, submitted or generated by customers or authorized users.

Where Aksum processes Customer Content containing personal data on behalf of a business customer, such processing is subject to Aksum’s Terms of Use, the applicable customer agreement and, where required by data protection laws, a Data Processing Addendum or equivalent data processing agreement.

If your personal information appears in Customer Content controlled by one of our business customers, we may refer your privacy request to that customer or process it according to that customer’s instructions.

2. Summary of key points

What personal information do we collect?
We collect personal information that you provide to us, information generated through use of the Services, technical and operational data, and Customer Content uploaded or submitted by business customers and authorized users.

Do we process sensitive personal information?
Aksum does not intentionally request special category personal data through its website, demo forms or account registration flows. However, Customer Content uploaded or submitted by business customers may contain sensitive personal information or confidential business information depending on what the customer chooses to submit.

Do we use cookies or analytics?
At the date of this Privacy Policy, Aksum uses a limited number of cookies and similar technologies to operate the website and platform, remember user-requested language preferences, and support authentication and security. Aksum does not currently use analytics cookies, Vercel Analytics, Vercel Speed Insights, advertising cookies, retargeting pixels or third-party marketing trackers. More information is available in our Cookie Policy.

Do we use AI service providers?
Yes. Aksum uses third-party AI and transcription providers, including OpenAI and AssemblyAI, to provide features such as transcription, diarization, summarization, embeddings, extraction, chat responses and report generation.

Do we use Customer Content to train Aksum-owned foundation models?
No. We do not use Customer Content to train Aksum-owned foundation models. Where available, we configure third-party AI and transcription providers so Customer Content is not used for model training or model improvement. Provider-specific data handling may depend on the applicable provider terms, customer agreement and account settings.

Do we sell personal information?
We do not sell Customer Content. We do not currently use personal information for targeted advertising or behavioral advertising.

How long do we keep information?
We retain personal information for as long as necessary to provide the Services, maintain the customer relationship, comply with legal obligations, resolve disputes, enforce agreements and maintain security. Customer Content is generally retained for the duration of the customer relationship or as configured or instructed by the customer, unless deletion is requested or required earlier.

How can you exercise your rights?
You can contact us at team@aksum.ai. If your request relates to Customer Content controlled by one of our business customers, we may refer your request to that customer or process it according to the customer’s instructions.

3. Information we collect

3.1 Personal information you provide to us

We collect personal information that you voluntarily provide when you contact us, request a demo, create or use an account, participate in a paid pilot, use the Services, or otherwise interact with us.

This may include:

  • name;
  • work email address;
  • phone number;
  • company name;
  • job title;
  • role or business function;
  • information submitted in demo requests or contact messages;
  • account profile information, such as full name and avatar URL;
  • project, workspace, role and permission information;
  • authentication information, such as login email, session information, authentication tokens or similar information depending on the authentication method used;
  • support requests, feedback and business communications.

If Aksum uses passwordless login, such as magic link authentication, we do not intentionally collect account passwords from users for that authentication flow.

3.2 Customer Content

Business customers and authorized users may upload, submit, process or generate content through the Services.

Customer Content may include:

  • audio recordings;
  • interviews;
  • meeting recordings;
  • call recordings;
  • transcripts;
  • documents;
  • PDFs;
  • notes;
  • text sources;
  • source metadata;
  • interview metadata;
  • chat messages;
  • reports;
  • internal knowledge;
  • business context;
  • CRM, email, calendar or collaboration tool context if such integrations are enabled in the future;
  • other content submitted by customers or authorized users.

Customer Content may include personal information about employees, customers, prospects, interviewees, stakeholders, executives, public officials, business contacts or other individuals.

Business customers are responsible for ensuring they have the necessary rights, permissions, notices, consents and legal bases to upload, submit and process Customer Content through Aksum.

Where Aksum processes Customer Content containing personal data on behalf of a business customer, such processing is subject to Aksum’s Terms of Use, the applicable customer agreement and, where required by data protection laws, a Data Processing Addendum or equivalent data processing agreement.

3.3 AI-generated and derived information

When customers use the Services, Aksum may generate or store derived information from Customer Content, including:

  • raw transcripts;
  • display transcripts;
  • diarization outputs;
  • reviewed utterances;
  • summaries;
  • topics;
  • sentiment signals;
  • chunks;
  • embeddings;
  • entities;
  • mentions;
  • relationships;
  • content snippets;
  • chat outputs;
  • generated reports;
  • sales, editorial, research or workflow suggestions;
  • processing status and metadata.

Some derived information may contain or relate to personal information if the underlying Customer Content contains personal information.

3.4 Technical, usage and operational information

When you visit, access or use the Services, we may automatically collect technical, usage and operational information.

This may include:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • language preferences;
  • referring URLs;
  • pages or features accessed;
  • date and time of access;
  • actions taken within the Services;
  • authentication events;
  • workspace or project activity;
  • upload activity;
  • processing status;
  • error logs;
  • security logs;
  • audit logs;
  • system activity;
  • diagnostic information.

We use this information to operate, secure, debug, maintain and improve the Services, protect accounts and Customer Content, investigate incidents, maintain access controls and support customers in managing their use of the platform.

3.5 Approximate location information

We may collect approximate location information derived from technical data such as IP address, for example country, region or city-level location.

We do not currently collect precise GPS location through the Services.

3.6 Information from customers, authorized users, integrations and service providers

We may receive personal information from:

  • business customers;
  • authorized users;
  • customer administrators;
  • service providers;
  • integrations configured or authorized by a customer;
  • business communications with you or your organization.

For example, a customer administrator may invite you to a workspace, assign a role, configure permissions or upload Customer Content that contains information about you.

We do not currently collect personal information from data brokers, affiliate programs or third-party advertising networks for targeted advertising.

4. Sensitive personal information and confidential business information

Aksum does not intentionally request special category personal data through its website, demo forms or account registration flows.

However, because business customers and authorized users may upload or submit audio recordings, transcripts, interviews, documents, notes and other business content, Customer Content may contain sensitive personal information or confidential business information depending on what the customer chooses to submit.

This may include, depending on the content submitted:

  • information revealing political opinions;
  • information revealing religious or philosophical beliefs;
  • information revealing race or ethnic origin;
  • information revealing trade union membership;
  • confidential business information;
  • internal documents;
  • commercial context;
  • market intelligence;
  • interview content;
  • strategic information;
  • sales or pipeline context;
  • information about professional roles, organizations, stakeholders, business relationships, entities, mentions and relationships.

Customers are responsible for ensuring that they have the necessary rights, permissions, notices, consents and legal bases to upload and process such information through Aksum.

Unless expressly agreed in writing, Aksum is not designed for processing classified information, payment card data, government identity numbers, protected health information, biometric identification data, children’s data, criminal offence data or other highly regulated categories of data.

5. How we process information

We process personal information for the following purposes:

5.1 To provide and operate the Services

We process information to:

  • provide access to the website and platform;
  • create and manage user accounts;
  • authenticate users;
  • maintain sessions;
  • manage workspaces, projects, roles and permissions;
  • upload, store and process Customer Content;
  • provide transcription, diarization, summarization, retrieval, chat, extraction and reporting features;
  • generate outputs requested by users;
  • provide customer support.

5.2 To manage demo requests, pilots and customer relationships

We process information to:

  • respond to demo requests;
  • communicate with prospects and customers;
  • prepare proposals and order forms;
  • manage paid pilots, subscriptions or customer agreements;
  • provide administrative information;
  • send service-related communications;
  • manage billing, invoicing and business administration where applicable.

5.3 To secure and maintain the Services

We process information to:

  • protect accounts, workspaces and Customer Content;
  • prevent unauthorized access;
  • detect misuse;
  • investigate incidents;
  • maintain security logs and audit records;
  • debug errors;
  • monitor reliability;
  • enforce our Terms of Use and customer agreements.

5.4 To improve the Services

We may use technical metadata, operational records, error information, processing status, usage patterns and user feedback to evaluate and improve the reliability, safety, usability and performance of the Services.

We may also use this information to improve transcription, retrieval, summarization, report generation and other AI-assisted features.

We do not use Customer Content to train Aksum-owned foundation models.

5.5 To communicate with you

We may process contact information to:

  • respond to inquiries;
  • provide support;
  • send administrative or service-related notices;
  • notify users of changes to policies or Services;
  • send business communications about Aksum, product updates or events where permitted by law.

You may opt out of marketing or promotional communications at any time. We may still send non-marketing communications that are necessary for the administration, security or use of the Services.

5.6 To comply with legal obligations and enforce rights

We may process information to:

  • comply with applicable laws;
  • respond to lawful requests from authorities;
  • exercise or defend legal claims;
  • enforce agreements;
  • resolve disputes;
  • prevent fraud or misuse.

6. Legal bases for processing

If you are located in the European Economic Area, the United Kingdom or Switzerland, we rely on the following legal bases where applicable.

6.1 Performance of a contract

We may process personal information where necessary to provide the Services, manage accounts, deliver requested features, perform a customer agreement, manage a paid pilot or take steps at your request before entering into a contract.

6.2 Legitimate interests

We may process personal information where necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms.

These interests may include:

  • operating, maintaining and improving the Services;
  • securing the Services, accounts, workspaces and Customer Content;
  • preventing fraud, misuse and unauthorized access;
  • debugging errors and maintaining reliability;
  • supporting customer administration and access controls;
  • managing business relationships;
  • sending relevant B2B communications where permitted by law;
  • improving the quality, reliability and safety of AI-assisted features while preserving human review and customer control over Customer Content.

6.3 Consent

We may process personal information where you have given consent for a specific purpose.

You can withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing before withdrawal.

6.4 Legal obligation

We may process personal information where necessary to comply with legal obligations, respond to lawful requests, exercise or defend legal claims, or cooperate with regulatory authorities.

6.5 Vital interests

We may process personal information where necessary to protect the vital interests of an individual, such as in situations involving a serious risk to safety.

6.6 Customer Content processed on behalf of customers

Where Aksum processes Customer Content as a processor on behalf of a business customer, the customer is responsible for determining the appropriate legal basis for the processing and for providing any required notices or obtaining any required consents.

Such processing may be subject to a Data Processing Addendum or equivalent data processing agreement, as described in Aksum’s Terms of Use and the applicable customer agreement.

7. AI processing and human review

Aksum provides AI-assisted features, including:

  • audio transcription;
  • speech-to-text;
  • diarization;
  • summarization;
  • search and retrieval;
  • chat-based knowledge retrieval;
  • document analysis;
  • data extraction;
  • classification and tagging;
  • sentiment signals;
  • entity and relationship extraction;
  • report generation;
  • recommendation and workflow assistance.

We provide these features using Aksum systems and third-party service providers, including OpenAI and AssemblyAI.

Customer inputs, retrieved context, transcripts, chunks, metadata and generated outputs may be shared with and processed by AI and transcription providers where necessary to provide the Services.

Aksum does not use Customer Content to train Aksum-owned foundation models. Where available, we configure third-party AI and transcription providers so Customer Content is not used for model training or model improvement. Provider-specific data handling may depend on the applicable provider terms, customer agreement and account settings.

AI-generated outputs may be inaccurate, incomplete, outdated or based on imperfect source material. Aksum is designed to assist human users and does not make final business, legal, financial, employment, credit, healthcare or similarly significant decisions on behalf of customers or users.

Users should review AI-generated outputs before relying on them, publishing them, sharing them externally or using them for important business decisions.

8. Cookies and similar technologies

Aksum uses a limited number of cookies and similar technologies to operate the website and browser-based platform, remember user-requested language preferences, support authentication and security, and provide features requested by users.

At the date of this Privacy Policy, Aksum does not use analytics cookies, Vercel Analytics, Vercel Speed Insights, advertising cookies, retargeting pixels or third-party marketing trackers.

More information is available in our Cookie Policy.

9. When and with whom we share personal information

We may share personal information with service providers, contractors and subprocessors that help us provide, secure, maintain and improve the Services.

These providers may process personal information only as necessary to perform services for us or on behalf of our customers, subject to applicable contractual, confidentiality, data protection and security obligations.

The main categories of providers we use include:

ProviderPurpose
SupabaseDatabase, authentication and storage
OpenAIAI processing, embeddings, extraction, summaries, chat responses and reports
AssemblyAIAudio transcription and diarization
VercelHosting, deployment, infrastructure and technical logs
ResendTransactional email and demo request delivery
Google WorkspaceCompany email and internal administration

We may also share personal information in the following situations:

9.1 Business transfers

We may share or transfer information in connection with a merger, acquisition, financing, restructuring, sale of assets or similar business transaction.

9.2 Legal and security reasons

We may disclose information where necessary to comply with law, respond to lawful requests, protect rights and safety, investigate fraud or misuse, enforce agreements or protect the security of the Services.

9.3 Customer instructions

Where we process Customer Content as a processor, we may share or process Customer Content according to the instructions of the relevant business customer and the applicable customer agreement or data processing agreement.

We do not sell Customer Content.

10. International transfers

Aksum’s primary database and storage environment may be hosted in the European Union through Supabase’s Frankfurt region.

However, some service providers may process personal information in other jurisdictions, including the United States, United Kingdom and other countries.

Where personal information is transferred outside the European Economic Area, United Kingdom or Switzerland, Aksum will rely on appropriate transfer mechanisms where required, such as adequacy decisions, Standard Contractual Clauses, the UK International Data Transfer Addendum or other lawful transfer mechanisms, as applicable.

We use appropriate safeguards where required by applicable law.

11. How long we keep information

We retain personal information for as long as necessary to provide the Services, maintain the customer relationship, comply with legal obligations, resolve disputes, enforce agreements, maintain security and support legitimate operational needs.

Account, contact, commercial and administrative information is retained for as long as necessary to manage the account, customer relationship, paid pilot, subscription, proposal, agreement, legal obligation or business communication.

Customer Content is generally retained for the duration of the customer relationship or as configured or instructed by the customer, unless deletion is requested or required earlier.

After termination, expiration or a verified deletion request, Customer Content may be deleted or anonymized from active production systems within 90 days, unless a different period is agreed in writing or retention is required by law, security, backup, fraud prevention, dispute resolution or other legitimate operational needs.

Customers may request return or export of Customer Content during the period specified in the applicable customer agreement. Unless otherwise agreed, Aksum may provide a reasonable export or return period following termination or expiration.

Backup copies, disaster recovery records, security archives, audit logs and residual copies may be retained for a limited period according to our operational, security and legal requirements.

We may retain aggregated, anonymized or de-identified information that does not identify a customer, user or individual and does not reveal Customer Confidential Information.

12. How we protect information

We use reasonable technical and organizational measures designed to protect personal information and Customer Content.

These measures may include:

  • authentication controls;
  • access controls;
  • role-based permissions;
  • project or workspace-level access restrictions;
  • database access controls;
  • private storage where applicable;
  • security monitoring;
  • error and security logs;
  • human review workflows;
  • operational safeguards.

However, no electronic transmission or storage system can be guaranteed to be 100% secure. We cannot guarantee that unauthorized third parties will never be able to defeat our security measures or improperly collect, access, steal or modify information.

You should only access the Services through a secure environment and are responsible for maintaining the security of your own devices, accounts and access credentials.

13. Children’s privacy

Aksum is a business-to-business platform intended for professional use by individuals acting on behalf of an organization.

The Services are not directed to individuals under 18 years of age, and we do not knowingly collect personal information from minors.

If we become aware that we have collected personal information from a minor without appropriate authorization, we will take reasonable steps to delete it.

14. Your privacy rights

Depending on your location, you may have rights regarding your personal information.

These may include the right to:

  • request access to personal information;
  • request correction of inaccurate personal information;
  • request deletion of personal information;
  • request restriction of processing;
  • object to processing;
  • request portability of personal information;
  • withdraw consent where processing is based on consent;
  • not be subject to a decision based solely on automated processing that produces legal or similarly significant effects, where applicable;
  • lodge a complaint with a data protection authority.

You can exercise your rights by contacting us at team@aksum.ai.

We may need to verify your identity before responding to a request.

If your request relates to Customer Content controlled by one of our business customers, we may refer your request to that customer or process it according to the customer’s instructions.

If you are located in the EEA, you may contact your local data protection authority. If you are located in the UK, you may contact the UK Information Commissioner’s Office. If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

15. Account information

Users may request access to, correction of or deletion of their account information by contacting us at team@aksum.ai.

If you request deletion or termination of your account, we may deactivate or delete your account information from active systems, subject to any retention required for legal, security, fraud prevention, dispute resolution, backup, audit or legitimate operational purposes.

If your account is associated with a business customer workspace, deletion of your individual account may not automatically delete Customer Content controlled by that business customer.

16. Marketing communications

You may opt out of marketing or promotional communications at any time by following the unsubscribe instructions in the relevant communication or by contacting us at team@aksum.ai.

Even if you opt out of marketing communications, we may still send service-related or administrative communications, including messages related to your account, security, support, customer relationship, policy updates or use of the Services.

17. Do Not Track signals

Some browsers include a “Do Not Track” signal or similar setting.

At this time, there is no uniform industry or legal standard for recognizing or responding to Do Not Track signals. For this reason, we do not currently respond to Do Not Track browser signals.

If a standard is adopted that we are required to follow in the future, we will update this Privacy Policy accordingly.

18. United States privacy rights

If you are a resident of certain U.S. states, you may have specific privacy rights under applicable state privacy laws.

These rights may include, depending on your state of residence:

  • the right to know whether we process your personal information;
  • the right to access personal information;
  • the right to correct inaccurate personal information;
  • the right to request deletion of personal information;
  • the right to obtain a copy of personal information you provided;
  • the right to opt out of sale, sharing, targeted advertising or certain profiling;
  • the right to limit the use or disclosure of sensitive personal information, where applicable;
  • the right not to be discriminated against for exercising privacy rights;
  • the right to appeal a decision regarding a privacy request, where applicable.

Aksum does not currently sell personal information or use personal information for targeted advertising.

18.1 Categories of personal information collected

In the past twelve months, Aksum may have collected the following categories of personal information, depending on how users, customers and authorized users interact with the Services.

CategoryExamplesCollected
A. IdentifiersName, email address, phone number, account identifier, IP address, online identifierYes
B. Customer records informationName, contact details, business contact information, account informationYes
C. Protected classification characteristicsInformation such as race, ethnicity, religion or similar information, where included in Customer Content uploaded by a customerYes, only where included in Customer Content
D. Commercial informationBusiness relationship information, paid pilot information, subscription or proposal information, customer communicationsYes
E. Biometric informationVoiceprints or biometric identifiers used to uniquely identify a personNo
F. Internet or electronic network activityDevice information, log data, pages or features accessed, platform activity, security logsYes
G. Geolocation dataApproximate location derived from IP address, such as country, region or city-level locationYes
H. Audio, electronic, visual or similar informationAudio recordings, transcripts or related materials uploaded as Customer ContentYes
I. Professional or employment-related informationJob title, company, role, business function, professional context, stakeholder informationYes
J. Education informationStudent recordsNo
K. InferencesSummaries, topics, sentiment signals, entity records, relationship records, snippets, reports and other derived information generated from Customer ContentYes
L. Sensitive personal informationAccount login information; sensitive information included in Customer Content, such as information revealing race, ethnicity, religion, philosophical beliefs, political opinions or trade union membershipYes, limited to what is necessary or what customers submit through Customer Content

Aksum does not intentionally request sensitive personal information through its website, demo forms or account registration flows. Sensitive personal information may appear in Customer Content depending on what the business customer or authorized user chooses to upload or submit.

We do not collect or process sensitive personal information for the purpose of inferring characteristics about consumers.

18.2 Sources of personal information

We may collect personal information from:

  • you;
  • business customers;
  • authorized users;
  • customer administrators;
  • Customer Content;
  • service providers;
  • integrations configured by customers;
  • your use of the Services.

18.3 Purposes for collection and processing

We collect and process personal information for the purposes described in this Privacy Policy, including to provide, operate, secure, maintain and improve the Services; manage accounts and customer relationships; process Customer Content; support AI-assisted features; comply with legal obligations; and enforce agreements.

18.4 Disclosure of personal information

In the past twelve months, we may have disclosed the categories of personal information listed above to the service providers and subprocessors described in this Privacy Policy for business purposes, including hosting, storage, authentication, transcription, AI processing, email delivery, security, support and business administration.

We do not sell Customer Content.

We have not sold personal information or shared personal information for cross-context behavioral advertising in the preceding twelve months.

18.5 How to exercise U.S. privacy rights

You may exercise applicable U.S. privacy rights by contacting us at team@aksum.ai.

We may need to verify your identity before processing your request. If you submit a request through an authorized agent, we may require proof that the agent is authorized to act on your behalf.

If we deny your request and applicable law gives you a right to appeal, you may appeal by contacting us at team@aksum.ai.

19. California “Shine the Light” law

California Civil Code Section 1798.83 permits California residents to request information about categories of personal information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year.

Aksum does not currently disclose personal information to third parties for their own direct marketing purposes.

If you are a California resident and would like to make a request under this law, you can contact us at team@aksum.ai.

20. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, technologies, legal requirements or business practices.

When we update this Privacy Policy, we will revise the “Last updated” date at the top of this page.

If we make material changes, we may notify you by posting a notice on our website, sending a notification or taking other appropriate steps.

21. Contact us

If you have questions or comments about this Privacy Policy, or if you want to exercise your privacy rights, you may contact us at:

Aksum
Paseo de San Francisco de Sales 29
Madrid, Madrid 28003
Spain
Email: team@aksum.ai