Privacy Policy

Last updated July 2026

This policy explains what personal data Bylio handles and how. Bylio, the provider of the service, can be reached at hello@bylio.io. We aim to collect only what the service needs to work.

Our two roles

For account and usage data (the details of the people who run a Bylio organization, and how they use the app), Bylio is the data controller and this policy describes our handling. For the content you create in Bylio (interviews, drafts, and the personal data they may contain about your experts), Bylio is a data processor acting on your instructions, and your own organization is the controller. Our processing on your behalf is governed by our Data Processing Agreement.

What we collect

  • Account data: the name and email of the people in your organization, and their login credentials.
  • Customer content: the interview transcripts and drafts you create, and the expert name and email you enter to run an interview.
  • Usage and technical data: basic logs and activity needed to run, secure, and support the service.
  • Billing data: handled by our payment provider, Paddle. We receive a record of your plan and status, not your full card details.

How we use it, and our legal bases

We use personal data to provide the service (to run interviews, generate drafts, and let your team review and approve them), to secure and support it, and to communicate with you about your account. Our legal bases are performance of our contract with you, our legitimate interests in running and improving a secure service, and consent where required. We do not sell personal data.

Sub-processors

We use a small set of trusted service providers to run Bylio, including providers for AI generation, voice, email delivery, database hosting, application hosting, and payments. The current list, and what each one handles, is on our Sub-processors page.

International transfers

Some of our providers are based outside the EEA, including in the United States. Where personal data is transferred outside the EEA, we rely on an adequacy decision or on Standard Contractual Clauses to protect it.

Retention

Interview transcripts are kept for 90 days after an interview completes, then deleted. Drafts and their approval history are kept for as long as your organization keeps its account. Account data is kept while your account is active and for a reasonable period afterwards, unless a longer period is required by law.

Experts you interview

When your organization interviews an expert, that expert's personal data is processed on your instructions and under your control. Requests from an expert about their data should be directed to the organization that invited them; we will support that organization in responding.

Security

We use organizational and technical measures to protect personal data, including access controls and separation of each organization's data from every other. No service can guarantee perfect security, but we work to reduce risk and to respond quickly if an incident occurs.

Cookies

We use cookies that are necessary to sign you in and keep your session secure. We do not use them to track you across other websites.

Your rights

Depending on where you are, you may have rights to access, correct, delete, or port your personal data, or to object to or restrict certain processing. Contact us at hello@bylio.io and we will help. If you are in the EEA and have a concern we cannot resolve, you can complain to your local data protection authority; in Norway this is Datatilsynet.