Privacy Policy

Last Updated: January 18, 2025

Introduction

Tritonality ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

This policy complies with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

Tritonality Email: tritonality-privacy@goodhum.com Website: https://tritonality.com

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, profile picture (via Clerk authentication)
• User Content: Chord progressions, project names, and musical data you create
• Feedback: Bug reports, feature requests, and support inquiries

2.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent in the app
• Device Information: Browser type, operating system, screen resolution
• Log Data: IP address, access times, error logs
• Cookies: Session cookies for authentication and preferences

2.3 AI Processing Data

• Prompts: Text instructions you provide to AI features
• Generated Content: AI-suggested chord progressions
• Note: This data is processed by Claude AI (Anthropic) under their data processing agreement

3. Legal Basis for Processing (GDPR)

We process your data under the following legal bases:

• Contract Performance: To provide the Service you subscribed to (Art. 6(1)(b) GDPR)
• Legitimate Interest: To improve our Service and prevent fraud (Art. 6(1)(f) GDPR)
• Consent: For analytics and marketing communications (Art. 6(1)(a) GDPR)
• Legal Obligation: To comply with tax and financial regulations (Art. 6(1)(c) GDPR)

4. How We Use Your Information

We use your data to:

• Provide and maintain the Service
• Process payments and subscriptions
• Send service-related notifications
• Improve our Service through analytics
• Respond to support requests
• Detect and prevent fraud or abuse
• Comply with legal obligations

We do NOT:

• Sell your personal data to third parties
• Use your chord progressions for any purpose other than providing the Service
• Share your data with advertisers

5. Data Sharing and Third Parties

We share data only with trusted service providers:

5.1 Essential Service Providers

• Clerk (Authentication): Account management and security
• Stripe (Payments): Payment processing
• Anthropic (AI): Claude AI for chord generation
• Vercel (Hosting): Service infrastructure
• Neon/Postgres (Database): Data storage

5.2 Analytics (With Consent)

• Sentry: Error tracking and performance monitoring (app.tritonality.com only, with consent)
• Google Analytics: Website analytics (tritonality.com only, with consent)

All third parties are bound by data processing agreements and GDPR compliance.

6. Data Retention

• Account Data: Retained while your account is active
• Chord Progressions: Retained until you delete them or close your account
• Usage Logs: Retained for 12 months for security and debugging
• Backup Data: Retained for 30 days after deletion

When you delete your account, we will:

1. Immediately remove your access
2. Delete your personal data within 30 days
3. Anonymize or delete associated content

7. Your Rights (GDPR)

You have the following rights:

7.1 Right of Access (Art. 15 GDPR)

Request a copy of your personal data

7.2 Right to Rectification (Art. 16 GDPR)

Correct inaccurate personal data

7.3 Right to Erasure (Art. 17 GDPR)

Request deletion of your personal data ("right to be forgotten")

7.4 Right to Data Portability (Art. 20 GDPR)

Receive your data in a machine-readable format (MIDI, JSON)

7.5 Right to Object (Art. 21 GDPR)

Object to processing based on legitimate interests

7.6 Right to Withdraw Consent (Art. 7(3) GDPR)

Withdraw consent for analytics or marketing at any time

To exercise these rights, contact: tritonality-privacy@goodhum.com

We will respond within 30 days as required by GDPR.

8. Data Security

We implement appropriate technical and organizational measures:

• Encryption: HTTPS/TLS for data in transit, encryption at rest
• Authentication: Secure authentication via Clerk
• Access Control: Limited access to personal data
• Regular Audits: Security reviews and updates
• Incident Response: Procedures for data breach notification

9. International Data Transfers

Your data may be transferred to and processed in countries outside the EU/EEA, including:

• United States: Anthropic (Claude AI), Stripe, Clerk
• Data Transfer Mechanism: Standard Contractual Clauses (SCCs) approved by the EU Commission

10. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it immediately.

11. Cookies and Tracking

We use the following types of cookies:

Essential Cookies (Always Active)

• Authentication Cookies: Required for login and account access (via Clerk)
• Security Cookies: Protect against fraud and abuse
• Preference Cookies: Remember your theme and UI settings

Analytics Cookies (Require Consent)

• Google Analytics (tritonality.com): Tracks website visits and user behavior
• Sentry Session Replay (app.tritonality.com): Records anonymized session data to help debug issues (all text and media are masked)
• Performance Monitoring: Tracks page load times and application performance
• Error Tracking: Captures error reports with user context (when consented)

Cookie Consent

When you first visit our site, we will ask for your consent to use analytics cookies. You can:

• Accept All: Enable all cookies including analytics
• Reject Analytics: Only use essential cookies

Your cookie consent is stored across both tritonality.com and app.tritonality.com using a shared cookie on the .tritonality.com domain, so you only need to consent once.

You can change your cookie preferences at any time by:

1. Clearing your browser cookies and revisiting the site
2. Contacting us at tritonality-privacy@goodhum.com

Disabling essential cookies may affect Service functionality.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in:

• Our data practices
• Legal requirements
• Service features

We will notify you of significant changes via:

• Email notification
• In-app announcement
• Updated "Last Updated" date

13. Data Protection Officer

For privacy concerns or to exercise your rights, contact:

Email: tritonality-privacy@goodhum.com Response Time: Within 30 days

14. Supervisory Authority

If you are in the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority.

15. Contact Us

For privacy questions or requests:

Email: tritonality-privacy@goodhum.com Website: https://tritonality.com Mail: Aito Works Oy c/o Goodhum Oy PL 76 20101 Turku Finland

By using Tritonality, you acknowledge that you have read and understood this Privacy Policy.