AIFlowMusic

Privacy Policy

What data AIFlowMusic collects and how we use it.
May 26, 2026

Effective: 2026-05-26

This policy explains what data AIFlowMusic collects and how we use it.

What we collect

When you visit the site (no account):

  • Standard server logs (IP address, browser type, requested pages) — kept 30 days for security and abuse prevention.
  • Anonymous analytics (page views, referrer, country) via Plausible — does not use cookies, does not identify you personally.

When you create an account:

  • Email address
  • Name (from OAuth provider, if you sign in via Google/GitHub)
  • Profile photo URL (from OAuth, if available)

When you use the music generator:

  • Your prompts and generated outputs (audio, MIDI files, lyrics) — stored to make them available in your library.

When you upload audio (Audio to MIDI):

  • The audio file is sent to Replicate (https://replicate.com) for processing by the open-source basic-pitch model. We do not store your uploaded audio after conversion completes.

When you pay:

  • Payment method (handled by Stripe — we never see card numbers)
  • Billing address (for tax compliance)

What we don't collect

  • We don't track you across other websites.
  • We don't sell your data to advertisers.
  • We don't use your prompts or outputs to train AI models. Your content is yours.
  • We don't fabricate review counts, usage stats, or testimonials.

Where data is stored

  • Application data: Vercel (US East and EU regions)
  • Payment data: Stripe (PCI-compliant, US)
  • AI processing: kie.ai (Suno generation) and Replicate (basic-pitch) — both per-request, no long-term storage by them on our behalf

Data retention

  • Server logs: 30 days
  • Account + generation history: until you delete your account
  • Failed payment attempts: 90 days for fraud prevention
  • Cancelled accounts: deleted 30 days after cancellation request

Your rights

You can:

  • Export your data (email us, we'll send a JSON dump within 7 days)
  • Delete your account (one-click in settings; data permanently removed after 30 days)
  • Opt out of marketing emails (one-click unsubscribe in every email)
  • Request data correction (email support@aiflowmusic.com)

GDPR users in the EU and CCPA users in California have additional rights, available on request.

Cookies

We use one functional cookie (session ID) when you sign in. No tracking cookies, no advertising cookies, no third-party cookies.

Children

The service is not designed for users under 16. We do not knowingly collect data from children under 16. If you believe we have, please email us.

Changes

If we update this policy in any material way, we will notify you by email and in-app before the change takes effect.

Contact

Privacy questions: support@aiflowmusic.com