Privacy Policy

Last updated: April 2026

1. What We Collect

• Microphone audio: Processed locally in your browser via the Web Speech API. Raw audio is never sent to our servers. Only the resulting text transcript is sent to our API for scene analysis.
• Transcripts: Sent to our server-side API for scene analysis using a language model. Not stored permanently — used only for the duration of the request.
• Account and access data: Tester username, session status, and access status during beta. Email address and subscription status may be collected if you create an account or join a future paid plan.
• Local storage: Preferences, scene presets, and custom sounds are stored in your browser’s localStorage. We do not access this data.

2. How We Use Data

• Transcripts are forwarded to OpenAI for context analysis and sound selection.
• We do not sell or share personal data with third parties for marketing.
• Anonymous usage metrics may be collected to improve the Service.

3. Third-Party Services

• OpenAI: Processes transcripts. Subject to OpenAI’s Privacy Policy.
• Payments: No live payment processor is active in the beta. If paid plans are introduced, the payment provider will be disclosed before checkout.
• Supabase: Stores account and story data.
• Cloudflare R2: Hosts sound files.

4. Data Retention

Transcripts are ephemeral and not persisted after the API response. Account data is retained while your account is active. You may request deletion at any time.

5. Your Rights

You may request access to, correction of, or deletion of your personal data by contacting us. If you are in the EU, you have rights under GDPR including data portability and the right to object to processing.

6. Security

API keys are stored server-side only. All communication uses HTTPS. We follow industry best practices to protect your data.

Tester access does not authorize anyone to probe, scan, scrape, reverse-engineer, or attempt to access private source code, secrets, server files, API keys, private repositories, internal systems, or another person’s data. We may use logs and security telemetry to detect misuse, protect the Service, investigate abuse, and revoke access when necessary.

7. Confidential Beta Materials

Private beta features, implementation details, non-public APIs, unreleased workflows, and internal technical materials are confidential. Privacy-related requests are welcome, but beta access does not grant permission to copy, extract, publish, or redistribute source code, assets, internal documentation, prompts, API behavior, or private technical information.

8. Contact

Privacy questions? Email aaroncue92@gmail.com.

← Back to SuiteRhythm