We protect your creativity and your data
This Privacy Policy explains how TUSMATIKO ("ToneTote", "we", "us") collects, uses, shares and protects personal information when you access our AI songwriting tools, purchase credits, or interact with any of our websites, apps and communications. If you have questions, contact [email protected].
Personal information we collect
We collect information in three ways.
1.1 Information you provide.
- Contact & account data: name, email, language preference, authentication tokens, profile photo.
- Payment & transaction data: invoices, purchase history, PayPal transaction IDs (payment instruments stay with the processor).
- Creative inputs: prompts, lyrics, characters, uploaded reference files, user-generated multimedia, prompt metadata.
- Support communications: messages, screenshots, survey responses.
- Marketing preferences: opt-in status, engagement metrics.
1.2 Third-party sources. We may supplement information with data from payment processors, analytics partners, security vendors, or public sources (e.g., social handles you link to ToneTote). If you sign in with Google or similar SSO providers we receive the data permitted under their settings.
1.3 Automatic data collection. When you use ToneTote we automatically log device identifiers, IP address, browser type, operating system, timestamps, crash logs, referral URLs, and limited event telemetry (e.g., feature usage, latency).
How we use personal information
We use personal information only for legitimate business purposes, including to:
- Operate, maintain, and improve the ToneTote apps, APIs, and AI models.
- Provide customer support, respond to inquiries, and resolve disputes.
- Process transactions, send receipts, prevent fraud, and manage credits.
- Analyze aggregated usage to improve prompts, safety filters, and product roadmap.
- Deliver security alerts, policy updates, and legally required notices.
- Send marketing communications where permitted (you can opt out at any time).
Retention
We retain personal information for as long as necessary to fulfill the purposes above, comply with law, or resolve disputes. Typical examples:
- Account data: retained while the account is active and for up to 24 months after closure.
- Billing records: retained for seven years to meet tax and accounting rules.
- Creative assets: retained until you delete them from your dashboard or request erasure.
- Security logs: retained for 12 months unless extended for investigations.
How we share personal information
We do not sell personal data. We share it only with:
- Service providers such as PayPal, Resend, Replicate/OpenRouter, hosting and analytics vendors.
- Professional advisors (lawyers, accountants, auditors) under confidentiality obligations.
- Authorities when required by law, court order, or to protect rights, safety, or property.
- Corporate transactions if we merge, acquire, or sell assets, subject to privacy safeguards.
Your choices
- Account settings: update profile data, delete prompts, or deactivate your account within the app.
- Email preferences: unsubscribe using the link in our messages or via settings.
- Cookies: manage consent in our banner or browser. See Cookie Notice for details.
- Data requests: email [email protected] to access, port, or delete your data.
Other sites and services
The Service may link to third-party websites (e.g., tutorials, social channels). We do not control their privacy practices. Review each provider’s policy before sharing data.
Security
We implement administrative, technical, and physical safeguards, including TLS encryption, network segmentation, role-based access controls, automated monitoring, and employee security training. No system is perfect; please notify us promptly about any suspected vulnerability at [email protected].
International data transfers
ToneTote is headquartered in the United States. When transferring data outside your jurisdiction we rely on Standard Contractual Clauses, Data Processing Agreements, or other safeguards recognized by applicable law.
Children
ToneTote is not directed to children under 13 (or the relevant minimum age in your country). We do not knowingly collect personal data from minors without verifiable parental consent. If you believe a child has provided data, contact us and we will delete it.
Changes to this Privacy Policy
We may update this Privacy Policy to reflect operational, legal, or regulatory changes. We will post the revised policy and update the “Last updated” date. Material changes will be announced via email or in-product notice.
Notice to EEA/UK/Swiss users
For users located in the European Economic Area, United Kingdom, or Switzerland:
- Data controller: TUSMATIKO.
- Legal bases: performance of a contract, legitimate interests (product improvement, fraud prevention), consent (marketing and optional cookies), and compliance with legal obligations.
- Rights: access, rectification, erasure, portability, restriction, objection, and complaint to a supervisory authority. Contact [email protected] to exercise these rights.
Contact us
Email: [email protected]
