privacy policy.

We collect information you provide directly when you:

• Create an account: email address, display name, and password (stored as a bcrypt hash by Supabase Auth — we never see the plaintext).
• Complete your profile: CAE/IPI number, manager/publisher/label contact details, avatar photo, and drawn signature (stored as an SVG path).
• Use sessions: lyrics, private notes, shared notes, voice memos, and session bounces you upload or type.
• Sign split sheets: your electronic signature, timestamp, and consent record (required under the ESIGN Act).

We also collect limited usage data automatically:

• Browser type, operating system, and device type.
• Pages visited and features used (via PostHog analytics — see Section 5).
• Error reports (via Sentry — see Section 5).
• Stripe payment metadata (plan, billing dates) — we never store full card numbers.

• To create and authenticate your account.
• To provide the TuneTrust service: sessions, split sheets, signatures, vault.
• To generate and email finalized split-sheet PDFs to all parties.
• To process subscription billing via Stripe.
• To send transactional emails (signing invitations, finalized PDFs) via Resend.
• To debug and improve the product (Sentry error reports, PostHog analytics).
• To comply with legal obligations, including maintaining ESIGN Act consent records.

We do not sell your personal data. We do not use your data for advertising.

We share data only as necessary to deliver the service:

• Supabase — database, authentication, file storage (EU/US infrastructure).
• Stripe — payment processing. Their privacy policy governs payment data.
• Resend — transactional email delivery.
• PostHog — product analytics (anonymised where possible).
• Sentry — error monitoring (may capture stack traces; no intentional PII sent).
• Collaborators you invite — your display name, email, and percentage appear on shared split sheets. This is fundamental to the service.

We may disclose data if required by law or to protect the rights, property, or safety of TuneTrust Ltd, our users, or the public.

• Account data: retained while your account is active. Deleted within 30 days of account deletion (except where legal obligations require longer retention).
• Finalized split-sheet PDFs: retained indefinitely — they are legal documents. Deletion of your account does not remove PDFs from co-signatories' vaults.
• Voice memos and bounces: deleted when you delete them, or when the session is deleted (if ever).
• ESIGN consent records: retained for 7 years as required by the ESIGN Act.

We use cookies strictly necessary for authentication (Supabase session cookies). PostHog sets a first-party analytics cookie to identify returning visitors. We do not use advertising or third-party tracking cookies.

You can opt out of PostHog analytics by enabling “Do Not Track” in your browser.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data (you can do this in Settings at any time).
• Delete your account and associated data (Settings → Danger zone).
• Export a copy of your data.
• Object to or restrict certain processing.
• Lodge a complaint with your local data protection authority.

To exercise any right not available in-app, email us at info@tunetrust.app. We respond within 30 days.

We use industry-standard security measures: HTTPS everywhere, bcrypt password hashing, row-level security on our database, and encrypted storage. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

TuneTrust is not directed at children under 13 (or 16 in the EU/UK). If you believe a child has provided us with personal data, contact us and we will delete it promptly.

We may update this policy from time to time. We will notify registered users by email and update the effective date above. Continued use of TuneTrust after the effective date constitutes acceptance of the revised policy.

Questions about this policy? Email info@tunetrust.app.