Legal
Privacy Policy
What we collect, what we do with it, who else sees it, and how long we keep it. Written in plain English; we mean what it says.
Last updated: 19 April 2026
01Who we are
SoundMuse is operated by Venus Cloud Ltd, registered in England. We are the "data controller" for your personal data under the UK GDPR and the EU GDPR. You can reach us about anything in this policy — including to exercise the rights described below — using the contact details on our homepage.
02The headline
We do not use your prompts or generated songs to train AI models. Your User Input is processed to produce your output, stored so you can access your library, and then left alone. We don't sell your data. We don't share it with advertisers. The external companies listed below process data only to make the service function.
03What data we collect
Account data (from Google)
We use Sign in with Google as the only sign-up method. When you sign in, Google shares your name, email address, profile picture URL, and Google account identifier with us. We request the minimum scopes needed to identify you (openid email profile) — nothing about your Gmail, Drive, Calendar or contacts.
Billing data (through Stripe)
When you make a purchase, payment is handled by Stripe. We do not see or store your card number, CVV, or expiry. We do store:
- your Stripe customer ID (an opaque identifier);
- your current subscription tier and billing interval;
- a hashed fingerprint of your payment card, returned to us by Stripe, which lets us detect multiple attempts to purchase the $1 trial with the same card. We cannot recover the card number from this fingerprint.
Content you submit (User Input)
To generate music we store your prompts, the Spotify link or track details you paste, any lyrics you supply or request, the chosen genre and vocal language, and other generation options. We store the resulting audio file, its duration and size, and metadata such as the title you gave it.
Technical data
Our server logs contain the usual information — requests we serve, timestamps, error traces, IP addresses in transient logs — used to operate the service and investigate abuse. We do not store IP addresses in a database keyed to your account. We set two first-party cookies: a signed session cookie (so you stay logged in), and a CSRF protection cookie. Both are strictly necessary for the service to work.
Analytics
We load Google Analytics 4 on the public marketing pages to understand aggregate traffic. This uses cookies and a client identifier. It is not used inside the authenticated app.
04Why we process it (legal bases)
- Performance of a contract. Most processing — running your generations, charging your card, giving you access to your library — is necessary to deliver the service you signed up for (UK GDPR Art. 6(1)(b)).
- Legitimate interests. We rely on legitimate interests to prevent fraud (the card fingerprint check on the trial), to keep the service secure, to communicate about the service, and to run aggregate analytics (Art. 6(1)(f)).
- Legal obligation. Tax records, fraud investigation records, and responses to lawful requests (Art. 6(1)(c)).
- Consent. Where we rely on consent (such as optional marketing emails, if we add them), you can withdraw it at any time (Art. 6(1)(a)).
05Who else processes your data
We use a small number of specialist sub-processors to run the service. Each is bound by a data processing agreement and processes your data only on our instructions.
| Provider | Purpose | Data involved | Region |
|---|---|---|---|
| Sign-in (OAuth) | Email, name, avatar, Google ID | US / EU | |
| Stripe | Payment processing, subscription billing, chargeback handling | Name, email, card details, billing country, payment amount | US / EU / UK |
| Cloudflare | Audio and image storage (R2), video streaming, CDN and edge routing | Your generated audio files, cover art, plus standard request metadata | Global edge; primary storage EU/US |
| Modal | GPU compute for running the music generation model | Your prompt, chosen options, generated audio (transient only — not retained by Modal) | US |
| Anthropic | AI lyric generation (Claude), when you request lyrics | Your prompt and the resulting lyrics; no account identifier is sent | US |
| Google Analytics | Aggregate traffic analytics on public marketing pages | Client ID, page, referrer, browser, approximate region | US / EU |
When you paste a Spotify track, we fetch the public embed page (title, artist, cover art) from Spotify. No account identifier is sent and no data is pushed back to Spotify about you. We are not a registered Spotify API application.
06International transfers
Several of our processors (Modal, Anthropic, parts of Google and Stripe, parts of Cloudflare's edge) are located in the United States. When your data is transferred outside the UK/EEA, we rely on the UK International Data Transfer Addendum and the European Commission's Standard Contractual Clauses, supplemented by the processor's technical and organisational measures. You can request copies of these transfer mechanisms from us.
07AI model training — what we promise
We do not use your prompts, your Spotify references, your lyrics, your generated audio, or any other User Input to train, fine-tune, or evaluate any AI model. The models we use (for audio, for lyrics) are pre-trained; your usage does not feed back into them. Our sub-processors Anthropic and Modal have contractual commitments with us that prohibit training on data we route through them. If this changes in the future, we will update this policy and notify existing users before the change takes effect.
08How long we keep your data
- Account data (name, email, etc.) is kept while your account exists.
- Generated songs remain in your library until you delete them or delete your account.
- Billing records (invoices, tax records, fraud records) are kept for seven years after the year of the transaction, as required by UK tax law and to respond to payment disputes (chargebacks can be filed up to 540 days after a transaction).
- Session and CSRF cookies expire after thirty days of inactivity.
- Server logs are rotated within thirty days.
- Card fingerprints used for trial fraud prevention are kept for as long as the anti-abuse check remains relevant, typically the lifetime of the service, as this is a legitimate-interest fraud control.
When you delete your account, we schedule a 30-day recovery window during which you can log back in to restore it. After that window, your profile, library, and content are permanently removed, except for the billing records noted above.
09Your rights
If you are in the UK or EU (and in most of the world under our best-effort policy), you can:
- Access the personal data we hold about you;
- Correct any data that's wrong or out of date;
- Delete your account and personal data, subject to the retention periods above;
- Export your data in a portable format (we'll provide a JSON export of your account plus downloads of your generated audio);
- Restrict or object to certain processing, especially processing based on legitimate interests;
- Withdraw consent where we relied on it (for example, for marketing emails);
- Complain to a supervisory authority. In the UK that is the Information Commissioner's Office (ICO); in the EU it is the supervisory authority in your country of residence.
To exercise any of these rights, get in touch using the contact details on our homepage. We will respond within one calendar month. There is no fee unless your request is manifestly unfounded or excessive.
10Security
We apply industry-standard security measures: TLS in transit, access control on our origin, encryption at rest for stored audio in Cloudflare R2, hashed session tokens, CSRF protection on state-changing requests, per-user rate limits, and principle-of-least-privilege access for the small team. No system is perfectly secure; if you believe your account has been compromised, contact us immediately.
11Children
SoundMuse is not directed to children under 16 and we do not knowingly collect personal data from them. If you believe a child has given us personal data, please contact us and we will delete it.
12Changes to this policy
If we change this policy in a way that materially affects you, we'll notify you by email or in-app at least thirty days before the change takes effect. Other changes (clarifications, structural edits, updated processor details) take effect when posted. The "Last updated" date at the top always reflects the current version.
13Contact
Contact details for questions about this policy are on our homepage.
Data controller: Venus Cloud Ltd, registered in England.