Privacy Policy

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

ASAP Studio OG
Josefstädter Straße 75–77/20
1080 Vienna,
Austria Commercial register no. FN 343138 s,
VAT ID ATU66524567
E-Mail: office@asap-studio.com
Phone: +43 699 190 78 778

Authorized representatives: Mr Pavel Nikolov and Ms Irma Yordanova (each individually authorized to represent the company).

We take the protection of your personal data seriously and treat your data confidentially and in accordance with statutory data protection regulations and this privacy policy.

2. General Information on Data Processing

2.1 Scope of processing of personal data

We collect and use personal data of our users only insofar as this is necessary to provide a functional website and our content and services. Data is generally collected on the basis of your consent or another legal basis pursuant to Article 6 GDPR.

2.2 Legal bases for processing

  • Art. 6 (1) (a) GDPR – consent
  • Art. 6 (1) (b) GDPR – pre-contractual measures and contract performance
  • Art. 6 (1) (c) GDPR – legal obligation
  • Art. 6 (1) (f) GDPR – legitimate interest

3. Provision of the Website and Server Log Files

Each time our website is accessed, our hosting provider automatically collects data and information from the computer system of the accessing device (server log files).

The following data is collected:

  • IP address (truncated / anonymized after 7 days)
  • Date and time of access
  • Requested URL and HTTP status code
  • Amount of data transferred
  • Referrer URL (previously visited page)
  • Browser type and version, operating system used

Legal basis: Art. 6 (1) (f) GDPR. Our legitimate interest lies in ensuring the stable operation of the website, error analysis and the prevention of attacks.

Storage period: Log files are automatically deleted after 7 days, unless security-relevant incidents require longer storage.

4. Hosting

This website is hosted by an external service provider. Personal data collected on this website is stored on the servers of this hoster.

A data processing agreement pursuant to Art. 28 GDPR exists with the hosting provider.

5. Cookies

5.1 Strictly necessary cookies

Our website only uses strictly necessary cookies (e.g. for session management in WordPress, for CSRF protection of forms). These cookies are essential for the functionality of the website.

Legal basis: Art. 6 (1) (f) GDPR and § 165 (3) of the Austrian Telecommunications Act 2021 (no consent requirement for purely technically necessary cookies).

5.2 Cookies set by Google reCAPTCHA

When a form is submitted, Google reCAPTCHA v3 is executed (see section 8). Technical cookies are set in this process.

5.3 Cookie Consent Management („Complianz“)

We use the cookie consent solution Complianz by Complianz B.V., ’s-Heerenberg, Netherlands, to obtain, store and manage your consent for cookies that require consent.

When you visit the website, a consent banner is displayed. As soon as you make a selection, the following data is stored:

  • Date and time of consent
  • Anonymized/hashed IP address
  • Browser information (user agent)
  • Selected cookie categories (statistics, marketing, etc.)
  • Unique consent ID

Purpose: Fulfilment of the obligation to demonstrate consent pursuant to Art. 7 (1) GDPR. Legal basis: Art. 6 (1) (c) GDPR (legal obligation to document consent) and Art. 6 (1) (f) GDPR (legitimate interest in compliance documentation). Storage period: 12 months from the date consent is given; consent is then requested again. Provider’s location: Netherlands (EU/EEA) – no data transfer to third countries. Withdrawal: You can withdraw or modify your consent at any time via the „Cookie settings“ link in the footer.

6. Contact Form „Send us a Message“

If you contact us via the contact form in the „Headquarters“ section, the following information is processed:

  • Name
  • E-mail address
  • Content of your message („Your Message“)
  • Date and time of submission

Purpose: Processing of your enquiry and any subsequent communication. Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures) and Art. 6 (1) (f) GDPR (responding to general enquiries). Storage period: We store this data until the purpose for storage no longer applies – usually until your enquiry has been finally processed. Statutory retention periods remain unaffected.


7. Voice Bank Form („Send us your selection“) and Voice Talents Form

Through the Voice Bank search and the Talents form available on individual language pages, you can submit a specific voice selection to us. The following data is processed:

  • Name
  • E-mail address
  • Project type
  • Project description
  • Selected language
  • Selected voice talents (names)
  • Date and time of submission

The data is stored in a dedicated database table (wp_asap_voice_leads) on our server and additionally transmitted by e-mail to our responsible team.

Purpose: Preparation of an individual quotation, selection and booking of voice talents, pre-contractual communication. Legal basis: Art. 6 (1) (b) GDPR (pre-contractual measures). Consent: Before submitting the form, you confirm via an active checkbox that you agree to this privacy policy. Storage period: Until completion of the enquiry or the resulting contract. Data subject to statutory retention obligations under commercial law will be stored for the legally prescribed period (generally 7 years pursuant to §§ 132, 212 of the Austrian Federal Fiscal Code (BAO) and § 190 UGB).


8. Spam Protection with Google reCAPTCHA v3

To protect our forms against automated entries (bots), we use Google reCAPTCHA v3 provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

reCAPTCHA checks whether data is being entered by a human or by a bot. To do this, reCAPTCHA analyses the behaviour of the website visitor on the basis of various characteristics (e.g. IP address, mouse movements, browser information, time spent on the page). The analysis starts automatically as soon as you access pages that contain a form. Data is only transmitted to Google when a form is submitted.

Legal basis: Art. 6 (1) (f) GDPR. Our legitimate interest lies in protecting our website against abusive automated use and spam. Data transfer to the USA: Google participates in the EU-US Data Privacy Framework (DPF). An adequacy decision of the EU Commission is in place. Further information: https://policies.google.com/privacy


9. Embedded Third-Party Services

9.1 weatherwidget.io

On the individual language detail pages (e.g. /voice-language/arabic/), a weather widget provided by weatherwidget.io is embedded to display current weather data for the respective region. When you access the corresponding page, your IP address may be transmitted to weatherwidget.io.

Purpose: Display of current, context-specific weather data. Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in an attractive presentation of the language pages).

9.2 Audio streaming of voice demos

Voice demos are delivered directly from our server or from a contractually bound storage solution. There is no third-party tracking.

9.3 Google Analytics 4 (via „Site Kit by Google“)

We use Google Analytics 4 („GA4“) provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, to statistically analyse the use of our website and to optimise our online presence. Technical integration is implemented via the WordPress plugin „Site Kit by Google“.

GA4 processes usage data in pseudonymised form to generate statistics on reach, time spent, interactions and devices. The IP address is truncated before storage; no direct identification of individuals takes place.

The following cookies are set (only after consent is given):

  • _ga (storage period: 24 months) – distinguishes individual users
  • _ga_<container-id> (storage period: 24 months) – persistent session ID

Purpose: Web analytics, audience measurement, content optimisation. Legal basis: Art. 6 (1) (a) GDPR (consent). Consent is obtained via the cookie consent banner (see 5.3) and may be withdrawn at any time with effect for the future. Data transfer to the USA: Google participates in the EU-US Data Privacy Framework (DPF). An adequacy decision of the EU Commission is in place. Opt-out: You can additionally opt out via the browser add-on at https://tools.google.com/dlpage/gaoptout. Further information: https://policies.google.com/privacy

9.4 Google Search Console (via „Site Kit by Google“)

Through the same plugin („Site Kit by Google“) we use Google Search Console to monitor the visibility of our website in Google search results. Search Console does not directly process personal data of our website visitors; it only provides us with aggregated statistics on clicks, impressions, average position and search queries.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in the discoverability of our website in search engines).


10. No Automated Decision-Making

There is no fully automated decision-making within the meaning of Art. 22 GDPR.


11. Recipients of Personal Data

Personal data is only passed on to the following categories of recipients:

  • Hosting provider (data processor under Art. 28 GDPR)
  • Google Ireland Limited (for reCAPTCHA, GA4 and Search Console, see sections 8 and 9.3/9.4)
  • weatherwidget.io (for the display of the weather widget)
  • Complianz B.V., Netherlands (cookie consent management, see section 5.3)
  • Tax advisors, lawyers and authorities, where legally required
  • Internally to employees who need access to process your enquiry (Vienna office and APAC office in Singapore)


12. Data Transfer to Third Countries

Personal data is transferred to third countries (outside the EU/EEA) in the following cases:

  • to the USA to Google (reCAPTCHA, GA4, Search Console), based on the adequacy decision EU-US Data Privacy Framework
  • to Singapore to our APAC branch, where required for order processing (based on Art. 49 (1) (b) GDPR – performance of a contract with the data subject – or on appropriate safeguards under Art. 46 GDPR).


13. Your Rights as a Data Subject

You have the following rights with regard to the personal data concerning you:

  • Right of access (Art. 15 GDPR)
  • Right to rectification of inaccurate data (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 (3) GDPR) with effect for the future

To exercise these rights, an informal notification to office@asap-studio.com is sufficient.

Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data. The competent authority in Austria is:

Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40–42
1030 Vienna
Phone: +43 1 52 152-0
E-Mail: dsb@dsb.gv.at
Web: https://www.dsb.gv.at


14. Data Security

We use TLS/SSL encryption (HTTPS) on our website. Sensitive transmissions such as form entries are thus protected against interception by third parties. We additionally use nonce-based CSRF protection (WordPress) and reCAPTCHA v3 to defend against automated entries.


15. Validity and Changes to this Privacy Policy

This privacy policy is currently valid and was last updated in May 2026. Due to the further development of our website or due to changes in legal or regulatory requirements, it may become necessary to amend this privacy policy. The current privacy policy can be retrieved at any time on this page.