Privacy Policy

This Privacy Policy explains how Lingfaro collects, uses, and shares information when institutional clients and interpreters use the Lingfaro platform and websites. It does not change the terms of any signed Business Associate Agreement or Data Processing Addendum, which govern the specific categories of data they cover.

Account and organization information: names, work email addresses, organization details, roles, and (for interpreters) languages, modalities, service area, and credential or roster status submitted for verification.

Engagement metadata: the language, modality, time, location, and status of dispatch requests and sessions, and the documentation records produced for completed engagements.

Payment information: billing details and payout information processed through our payment provider. We do not store full card numbers or bank credentials on our systems.

Usage information: log data, device and browser information, and product-analytics events used to operate and improve the Service.

The platform is designed so that dispatch does not require protected health information (PHI) or other sensitive case content. Forms are built to capture only what dispatch needs: language, modality, time, and location. Clinical, legal, and case context should flow to interpreters through the client's own systems.

Where a client is a HIPAA-covered entity, any PHI that is nonetheless processed is governed by a signed Business Associate Agreement, and we handle it accordingly.

We use information to operate the marketplace: to match and dispatch interpreters, produce session documentation, process payments and payouts, verify interpreter identity and credentials, provide support, maintain security, comply with legal obligations, and improve the Service.

We do not sell personal information, and we do not use it for behavioral advertising.

Between the parties to an engagement: clients and interpreters see the information necessary to coordinate and document a session.

Service providers (subprocessors): we use vetted providers for identity verification, payments, video and telephony connectivity, hosting, and observability, under contracts that restrict their use of data. A current subprocessors list is available to your compliance team on request.

Legal and safety: we may disclose information where required by law or to protect the rights, safety, and integrity of the Service and its users.

Business transfers: information may be transferred as part of a merger, acquisition, or sale of assets, subject to this Policy.

We use strictly necessary cookies for authentication and security, and privacy-respecting product analytics to understand how the Service is used. Analytics events are scrubbed of direct identifiers where feasible. You can control cookies through your browser settings.

We retain account and engagement records for as long as needed to provide the Service, meet the documentation and audit needs of institutional clients, and comply with legal, tax, and regulatory obligations. Retention periods for client-controlled data follow the applicable signed agreement.

We enforce encryption in transit and at rest, scope data access by role and organization, require identity verification for interpreters, and maintain incident-response procedures. No system is perfectly secure, but security is a design priority rather than an afterthought. See our Trust Center and Security pages for more detail.

You can access and update your account information within the Service. Depending on your jurisdiction, you may have rights to access, correct, or delete personal information. For data that an institutional client controls (for example, records created on behalf of the client), please direct requests to that organization, which acts as the controller; we will support them as processor.

The Service is intended for use by institutions and professional interpreters and is not directed to children. We do not knowingly collect personal information directly from children through the Service.

Lingfaro operates in the United States, and information is processed in the United States. If you access the Service from outside the U.S., you understand that information will be processed here.

We may update this Policy from time to time. Material changes will be reflected by updating the date below and, where appropriate, by notice through the Service.