1. Introduction

Welcome to NutifAI. We are committed to protecting your privacy and ensuring the security of your personal information and audio data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our music transcription service.

By using NutifAI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1. Information You Provide

Account Information: When you create an account, we collect your email address, display name (optional), and password (stored as a secure hash).
Profile Information: You may optionally provide a display name and avatar URL.
Audio Files: When you upload audio files, we process and store them to generate transcriptions. Audio files and transcription metadata are retained according to our retention policy. Please note that uploaded files may be used for training and improving our recognition models.
OAuth Information: If you sign in using OAuth providers (Google, GitHub, Microsoft, Apple), we receive your email address, name, and profile picture from the provider.

2.2. Automatically Collected Information

Usage Data: We collect information about how you use our service, including pages visited, features used, and time spent on the platform.
Device Information: We may collect information about your device, including IP address, browser type, operating system, and device identifiers.
Log Data: Our servers automatically log information such as request timestamps, IP addresses (sanitized for privacy), user agents, and error messages.
Cookies and Tracking: We use cookies and similar technologies to maintain your session, remember your preferences, and analyze usage patterns.

2.3. Third-Party Information

OAuth Providers: When you use social login, we receive information from the provider (Google, GitHub, Microsoft, Apple) according to their privacy policies.
Analytics: We may use analytics services (Google Analytics, Umami) that collect anonymized usage data.

3. How We Use Your Information

We use the collected information for the following purposes:

To provide and maintain our music transcription service
To process your audio files and generate transcriptions, MIDI files, and sheet music
To create and manage your user account
To authenticate you and secure your account
To communicate with you about your account, service updates, and support requests
To improve our service, analyze usage patterns, and develop new features
To train and improve our recognition models using uploaded audio files and transcription data
To detect, prevent, and address technical issues, security threats, and fraudulent activity
To comply with legal obligations and enforce our terms of service
To send you marketing communications (only with your consent)

4. Data Storage and Security

We implement industry-standard security measures to protect your information:

Encryption: Passwords are stored using industry-standard memory-hard hashing, and sensitive data is encrypted in transit (HTTPS) and at rest.
Access Controls: Access to your data is restricted to authorized personnel only.
Secure Sessions: We use secure, HTTP-only cookies for session management.
Regular Audits: We conduct regular security audits and vulnerability assessments.
Data Retention: Audio files and transcription metadata are retained according to our retention policy.

Note: While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100{}ecure. We cannot guarantee absolute security.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

Service Providers: We may share information with third-party service providers who assist us in operating our service (e.g., cloud hosting, analytics). These providers are contractually obligated to protect your information.
Legal Requirements: We may disclose information if required by law, court order, or government regulation.
Protection of Rights: We may share information to protect our rights, property, or safety, or that of our users or others.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.
With Your Consent: We may share information with your explicit consent.

We do NOT share your audio files or transcriptions with third parties for marketing or advertising purposes.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

6.1. General Rights

Access: Request a copy of the personal information we hold about you.
Correction: Update or correct inaccurate information in your account.
Deletion: Request deletion of your account and associated data.
Data Export: Request an export of your data in a machine-readable format (GDPR compliance).
Objection: Object to processing of your information for certain purposes.
Restriction: Request restriction of processing in certain circumstances.

6.2. GDPR (European Union)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR). You can exercise these rights through your account settings or by contacting us.

6.3. CCPA (California)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of personal information (we do not sell your information).

To exercise your rights, please:

Visit your account profile page to update information or request data export
Use the account deletion feature in your profile settings
Contact us using the information provided in Section 10

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

Maintain your login session
Remember your language preferences
Analyze website traffic and usage patterns
Improve user experience

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our service.

Types of cookies we use:

Essential Cookies: Required for the service to function (session management, security).
Analytics Cookies: Help us understand how visitors use our service (Google Analytics, Umami).
Preference Cookies: Remember your settings and preferences (language, theme).

8. Third-Party Services

Our service integrates with third-party services that have their own privacy policies:

OAuth Providers: Google, GitHub, Microsoft, Apple - when you use social login, their privacy policies apply.
Analytics: Google Analytics and Umami - collect anonymized usage data.
Cloud Services: We use cloud hosting providers to store and process your data securely.

We encourage you to review the privacy policies of these third-party services.

9. Children's Privacy

Our service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate safeguards to ensure your information is protected in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Posting the new Privacy Policy on this page
Updating the "Last updated" date at the top of this page
Sending you an email notification (if you have an account)
Displaying a notice on our website

Your continued use of our service after any changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: contact@nutif.ai
Website: https://nutif.ai/

We will respond to your inquiry within 30 days as required by applicable privacy laws.

Privacy Policy