NexSpeak is a language learning platform operated by Javier Wilfrido Garcia Goyes, a sole trader registered in the United Kingdom, trading as NexSpeak.
We are registered as a Data Controller with the UK Information Commissioner's Office (ICO) under the Data Protection Act 2018 and UK GDPR.
Data Controller: Javier Wilfrido Garcia Goyes (trading as NexSpeak)
Registered address: 60 Tottenham Court Road, Office 1203, Fitzrovia, London W1T 2EW, United Kingdom
ICO Registration No.: 00013746096
Email: [email protected]
We collect the following categories of personal data:
Your data is used to provide and improve the NexSpeak service:
We process your personal data on the following lawful bases under UK GDPR:
We share data with the following processors, each bound by their own privacy policies and data processing agreements:
Supabase — Database and authentication. Stores your account information and learning progress. Hosted on EU infrastructure.
Stripe — Payment processing. Handles all subscription payments and billing. PCI DSS Level 1 certified. Stripe stores payment card data; we never do.
ElevenLabs — Audio synthesis. Generates the British English voice audio used in our stories and learning content.
Cloudflare — Content delivery network (CDN). Serves audio files via audio.nexspeak.com. No personal data is shared beyond what is technically necessary for delivery.
Umami Analytics — Website analytics. Cookieless and privacy-friendly. No personal data or IP addresses are stored. Self-hosted on our infrastructure.
Meta Platforms, Inc. — Advertising and attribution (Meta Pixel + Conversions API). Only activated if you have given explicit advertising consent via our cookie banner. Hashed email address may be shared with Meta to measure ad campaign effectiveness. Meta is based in the USA; transfers are covered by Standard Contractual Clauses. You can opt out at any time by declining or withdrawing advertising cookies.
Some of our processors (including Stripe, ElevenLabs, and Cloudflare) are based in the United States. When personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including:
We retain your personal data only for as long as necessary, in accordance with the UK GDPR principle of storage limitation (Article 5(1)(e)):
We implement industry-standard security measures including Row-Level Security (RLS) via Supabase (PostgreSQL), HTTPS encryption on all connections, secure authentication, and access controls. Your data is accessible only by you and authorised NexSpeak systems.
NexSpeak uses a minimal cookie approach:
Under UK GDPR, you have the following rights:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
You also have the right to lodge a complaint with the ICO: ico.org.uk/make-a-complaint
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email or via a notice within the app. The “Last Updated” date below always reflects the most recent version.
Data Controller: Javier Wilfrido Garcia Goyes (trading as NexSpeak)
Address: 60 Tottenham Court Road, Office 1203, Fitzrovia, London W1T 2EW, United Kingdom
ICO Registration No.: 00013746096
Email:
NexSpeak™ is a trade mark of Javier Wilfrido Garcia Goyes (UK Trade Mark Application No. UK00004369436, Classes 9 and 41). Published 24 April 2026 by the UK Intellectual Property Office.
Last Updated: 5 May 2026