Política de Privacidad y Términos – AKI Voice
Effective date: November 2025
Responsible Entity: Dumas SpA, Apoquindo 2930, Office 201, Las Condes, Santiago, Chile
1. Introduction and Scope
Dumas SpA (“Dumas”, “we”, “our”) is committed to protecting the privacy and security of the data processed through its mobile SaaS application AKI Voice. This policy explains how Dumas collects, processes, stores, and protects personal and operational data generated within AKI Voice. AKI Voice operates under a licensing model managed exclusively by Dumas. Dumas retains full ownership and control of the software, including its licensing system. Access and continued use of the application depend on an active license, as established in the customer’s service contract.
AKI Voice is a mobile application that enables the collection of structured data through voice or text input, designed for operational environments where manual data entry may be slow or impractical. Using speech recognition technologies and artificial intelligence, the application transforms spoken instructions into completed forms, which are stored for later use and governance within the organization. AKI Voice does not perform advanced analytics on its own; its primary purpose is to streamline information capture in the field and ensure that data is recorded consistently, traceably, and securely.
2. Architecture and Environment
AKI Voice is fully deployed on Microsoft Azure Cloud, including its backend, database, and AI models. Two Azure AI components are used:
- Azure Speech Services for real-time speech-to-text transcription.
- Azure Open AI Service (GPT-based model) for parsing the transcribed text and mapping it to form fields.
All processing, storage, and networking occur within Azure infrastructure. The app is available for both Android and iOS.
3. Data We Collect
Personal Data
AKI Voice may collect the following personal information:
- User name and email address (for identification and session management).
- Geolocation data (if the user grants permission).
- Device information: model, operating-system version, language, and installation ID.
Operational and Form Data
The content of completed forms or surveys, including data transcribed from voice input. These data are defined by the customer’s configuration and may include operational, descriptive, or sensitive business information.
Technical and Usage Data
Automatic logs generated by Azure App Service for monitoring (no passwords or credentials stored). Connection status (Wi-Fi or mobile data), timestamp, and user ID/email. Permissions granted (microphone, location).
Voice Data and Retention
Audio recordings are processed in real time and, by default, deleted after transcription and parsing.
However, for governance or auditing purposes, audio files may be securely stored in Azure Blob Storage, subject to prior validation and explicit agreement with the customer.
These stored audio files are protected under the same security and confidentiality standards applied to other customer data.
The database retains associated metadata (e.g., user ID, timestamp, geolocation, and structured form values).
Data Storage and Encryption
All information is stored in Azure SQL Database, protected with:
- Transparent Data Encryption (TDE) for data at rest.
- TLS 1.2+ for data in transit.
Only authorized administrators have access. Currently, no additional anonymization is applied beyond minimization, since the only personally identifiable element is the user’s email address.
4. Voice Processing and Artificial Intelligence
Speech Recognition
AKI Voice uses Azure Speech Services through the Speech SDK. Audio is recorded locally on the user’s device (via native iOS/Android APIs) and securely transmitted to Azure for transcription. The audio stream is processed exclusively within Azure and not shared with any external third party.
AI Parsing and Field Mapping
After transcription, Azure Open AI (gpt-based) parses the text and maps it to the appropriate form fields. This process occurs within Azure Open AI Service under the same enterprise security standards. No training, model-retraining, or third-party data usage occurs.
Future Capabilities
Future versions may incorporate image and text-recognition features using open-source or Azure-native models for data enrichment. Such functionality will adhere to this same privacy and governance framework.
5. Data Processing Workflow
- Voice Input: The user records an audio clip → the app transmits it to the backend → Azure Speech transcribes → Azure Open AI parses → fields are auto-completed.
- Text Input: Alternatively, the user can enter data manually; updates are applied instantly.
- Submission: When the user taps “Submit”, the completed form (JSON payload) is sent to the backend for storage.
- Storage: Raw JSON is saved with metadata (user, geolocation, timestamp) and normalized into structured tables.
- Retention and Deletion: Audio and transcriptions are deleted after processing. Data in SQL Database are retained according to the customer’s retention policy.
6. User Roles and Data Access Governance
To ensure transparency and alignment with data governance best practices, AKI Voice defines distinct user roles and responsibilities related to data access, processing, and stewardship within the platform.
These roles follow the principle of shared responsibility between Dumas, its customers, and the underlying infrastructure of Microsoft Azure, as well as the privacy frameworks established by Android and iOS platforms.
The following table outlines the user categories, their access scope, capabilities, and governance duties within the AKI Voice ecosystem:
| Role | Access Scope | Capabilities | Governance Responsibility | Data Governance Notes |
| Field User (End User) | Limited to assigned forms or surveys | Record voice inputs, generate transcriptions, complete and submit forms, and review personal submissions | Directly responsible for the accuracy, completeness, and timeliness of submitted information | Acts as the Data Owner of their collected data; must adhere to the organization’s data quality and usage policies |
| Client Master User (Data Steward) | Full visibility over all forms and records within the client’s domain | Review, validate, and approve transcriptions; manage users, permissions, and access or deletion requests | Ensures data quality, governance compliance, and appropriate access control within their organization | Acts as the Data Steward responsible for overall data governance and supervision of information captured through AKI Voice |
| Dumas Support (Service Layer) | Administrative access to application configuration, forms, and metadata | Manage app configuration, enable user access, perform maintenance, and ensure platform performance | Supports technical governance but does not access or alter audio content or form data without explicit authorization | Operates under confidentiality agreements; focuses on system reliability, metadata management, and customer support |
| AKI Voice System (Product Layer) | Access to all product components, APIs, and AI services | Process audio recordings, execute AI models (speech-to-text, parsing, validation), and maintain overall system logic | Ensures data integrity, availability, and proper system operation | Maintains licensing control, product ownership, and adherence to Dumas’s internal security standards |
| Azure Platform and Mobile Services (Infrastructure Layer) | Infrastructure-level access only | Execute data encryption, backup, redundancy, and secure networking | Provides the secure execution environment for AKI Voice | Governed by Microsoft Azure compliance frameworks (ISO/IEC 27001, SOC 2, GDPR) and by the privacy policies of Apple and Google |
7. Security and Resilience
Encryption
In transit: All communication uses HTTPS (TLS 1.2 or higher).
At rest: Azure SQL Database employs Transparent Data Encryption (TDE).
Backups and Recovery
App Service: Automatic hourly backups managed by Azure.
Database: Continuous backups (full, differential, and log) stored in locally redundant storage (LRS), allowing restore to any point within 7 days.
Future Enhancements
Implementation of Azure Front Door is planned to centralize TLS certificates, enable WAF (Web Application Firewall), and enforce Layer-7 security policies.
8. Data Sharing and Third Parties
AKI Voice does not share form data or user-generated content with third parties. However, device-level data (such as model, OS version, or anonymous app statistics) may be collected by Apple and Google in accordance with their respective platform privacy policies. Dumas ensures that any processing involving third-party services (such as Microsoft Azure) is governed by confidentiality and data-protection agreements.
9. International Data Transfers and User Rights
Data are stored and processed in Microsoft Azure East US 2 (or another Azure region selected by Dumas). Given the international nature of the service, data may be transferred across regions in compliance with applicable data-protection laws (GDPR, LGPD, Ley 19.628). Users—through their designated master accounts—may exercise their rights to access, correct, or delete their information by contacting Dumas via official support channels. No data from minors are processed; the app is intended for adult professional use only.
10. Contact
For questions related to privacy or data protection, please contact: soporte@dumas.cl
11. Changes to This Policy
Dumas may update this Privacy Policy to reflect technological, legal, or operational changes. Any revisions will be published at https://www.dumas.cl/privacy-policy-akivoice with an updated effective date.
Empresa líder mundial en el diseño de soluciones que permiten a la industria minera transformar y mejorar sus procesos a través del conocimiento de los datos