Privacy Policy

1. Information Collection

We practice data minimalism. Our complete data collection consists of:

Personal Information:

• Email address - Required for account creation and essential service communications
• Device identifier - Used exclusively to enforce our one-trial-per-device policy
• IP address - Recorded solely when you accept this policy to establish legal proof of acceptance
• Payment card digits (last 4) - Displayed only in subscription management and billing history for user convenience

Information We Do Not Collect:

• ❌ Application usage analytics or behavioral tracking
• ❌ Crash reports or performance monitoring data
• ❌ Audio listening preferences or usage history
• ❌ Device location or sensor data
• ❌ Social media integrations or contact information
• ❌ Advertising identifiers or third-party tracking elements

2. Data Usage

We utilize your minimal data exclusively for essential service operations:

• Email address: Account management, authentication, and critical service notifications
• Device identifier: Enforcement of trial limitations (one trial per email address and one trial per device)
• IP address: Legal compliance and verification of policy acceptance
• Payment information: Subscription management display and billing history presentation

Prohibited Data Uses:

• ❌ Marketing campaigns or promotional communications
• ❌ Third-party data sales or sharing
• ❌ User behavior analysis or profiling
• ❌ Content personalization or recommendation systems

3. Subscription and Trial Management

Trial Policy:

• 7-day free trial available once per email address and once per device
• Manual subscription activation: payment processing initiates paid service
• Transparent cancellation available through application settings
• Email and device identifiers retained post-cancellation solely for trial abuse prevention

4. Data Security

We implement industry-standard security measures to protect your information:

• Encrypted data transmission and storage protocols
• Secure payment processing through certified third-party providers
• Regular security assessments and system updates
• Restricted access based on operational necessity

5. Data Retention and Removal

Account Deletion Process:

• Immediate removal: Personal preferences and account configuration data
• Legal retention: Email, device identifier, and IP address maintained for trial enforcement and legal compliance
• Payment information: Managed according to payment processor retention requirements

We retain minimal data only as legally required or necessary to prevent service abuse.

6. Third-Party Service Providers

We utilize certified providers with comprehensive security protocols:

• Payment processing: Square (PCI DSS compliant)
• Data storage: Supabase (SOC 2 Type II certified)
• Email delivery: Brevo (GDPR compliant)

Service providers process data exclusively for specified functions under strict contractual obligations.

7. User Rights

You maintain the following rights regarding your personal data:

Available Through the Application:

• Account creation: Provide your email address to create an account
• Account deletion: Remove your account and associated personal data through app settings
• Subscription cancellation: Cancel your subscription through app settings

Available by Email Request:

• Data access: We can provide your stored information (email, device ID, IP address, last 4 card digits)
• Data export: We can send your data in a simple format (typically JSON or plain text)
• Account assistance: Help with account-related issues within our technical capabilities

Current Limitations:

• Email address changes require manual processing and may take several business days
• Data processing objections are handled on a case-by-case basis within our technical constraints
• We operate with limited technical resources as a solo developer

Given our minimal data collection and technical setup, most data requests are straightforward but may require manual processing.

8. Policy Updates

Material changes to this policy will be communicated through the application or email notification. Continued service usage following notification constitutes acceptance of revised terms. We remain committed to our minimal data collection principles.

9. Legal Compliance

This policy complies with applicable privacy regulations including GDPR, CCPA, and state-specific privacy laws. We may adjust our practices to meet evolving legal requirements while maintaining our privacy-first approach.