Documentation
Privacy Policy
Everything you need to know about MusicMuse.
Last updated: March 15, 2026 · Effective date: March 15, 2026
This Privacy Policy explains how Astrionix LLC collects, uses, shares, and protects your personal information when you use MusicMuse.
1. Information We Collect
1.1 Information You Provide Directly
| Data Type | Examples | When Collected |
|---|---|---|
| Account Information | Full name, email address, password | Account registration |
| Profile Information | Instrument, bio, avatar | Profile setup and editing |
| Communications | Contact form messages, support requests | When you contact us |
| Payment Information | Card details (processed by Stripe — we never see or store full card numbers) | Subscription purchase |
| Organization Data | School/studio name, role within organization | Enterprise onboarding |
1.2 Information Collected Automatically
| Data Type | Examples | Purpose |
|---|---|---|
| Usage Data | Pages visited, lessons accessed, features used, time spent, click patterns | Service improvement and personalization |
| Practice Data | Practice session scores, accuracy metrics, notes played, VOSS feedback logs | Progress tracking and VOSS feedback |
| Device Information | Browser type, operating system, device type, screen resolution | Compatibility and debugging |
| Network Information | IP address, approximate location (city/region level only) | Security, fraud prevention, analytics |
| Cookie Data | Session identifiers, CSRF tokens | Authentication and security (see Cookie Policy) |
1.3 Audio and Practice Room Data
When you use the Practice Room, audio from your microphone or MIDI input is processed in real-time to generate AI-powered performance feedback. We want to be clear about how this works:
- Real-time processing: Audio is analyzed for pitch and rhythm in real-time and is not stored on our servers after the session ends, unless you explicitly choose to save a recording.
- Session metadata: We store performance metrics (score, accuracy percentage, notes played, duration) but not the raw audio.
- AI analysis: Audio may be sent to our AI provider for processing during your session. It is not retained by the AI provider after processing is complete.
1.4 Information from Third Parties
If you join an organization (school, studio, academy) on MusicMuse, the organization administrator may provide us with your name and email address as part of the invitation process. We do not purchase data about you from data brokers or other third-party sources.
2. How We Use Your Information
We use the information we collect for the following purposes:
Providing and Operating the Service
- Authenticating your identity and maintaining your session
- Processing subscription payments and managing billing
- Delivering lessons, practice feedback, and AI-powered features
- Tracking your learning progress, XP, badges, and level
- Enabling organization features (trainer dashboards, student rosters, assignments)
Improving and Personalizing the Service
- Analyzing usage patterns to improve features and user experience
- Personalizing content recommendations based on your instrument, region interests, and skill level
- Debugging errors and maintaining platform stability
Communication
- Sending essential account notifications (password resets, subscription confirmations, trial expiry warnings)
- Responding to your support requests and contact form submissions
- Sending optional product updates and educational content (you may unsubscribe at any time)
Security and Legal Compliance
- Detecting and preventing fraud, abuse, and unauthorized access
- Enforcing our Terms of Service and other policies
- Complying with legal obligations and responding to lawful requests from authorities
3. Legal Bases for Processing (for EEA/UK Users)
If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data on the following legal bases:
- Contract performance: Processing necessary to provide the Service you requested (account management, billing, lesson delivery).
- Legitimate interests: Processing necessary for our legitimate business interests (analytics, security, service improvement), where those interests are not overridden by your rights.
- Consent: Where you have given clear consent for a specific purpose (e.g., optional marketing communications).
- Legal obligation: Processing necessary to comply with applicable laws.
4. How We Share Your Information
We do not sell your personal data. We share data only in the following limited circumstances:
| Recipient | What We Share | Why |
|---|---|---|
| Stripe, Inc. | Name, email, payment information | Payment processing and subscription management |
| AI Providers (OpenAI / Anthropic) | Chat messages, practice audio (during session only) | Powering VOSS feedback and chat features |
| Your Organization | Name, progress, scores, assignment status | Enabling trainer/admin classroom management (Enterprise plans only) |
| Hosting Provider (Hostinger) | All data transits through their infrastructure | Website hosting and server operations |
| Law Enforcement | Data as required by valid legal process | Compliance with subpoenas, court orders, or applicable law |
In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you via email or prominent notice on the Service before your data is transferred and becomes subject to a different privacy policy.
5. Data Retention
We retain your personal data for as long as your account is active or as needed to provide you the Service. Specific retention periods:
- Account data: Retained while your account is active. Deleted within 30 days of a verified account deletion request.
- Practice session metadata: Retained while your account is active for progress tracking.
- Billing records: Retained for seven (7) years after the last transaction as required for tax and financial compliance.
- Audit and security logs: Retained for one (1) year for security and fraud prevention.
- Contact form submissions: Retained for two (2) years.
- Anonymized analytics data: May be retained indefinitely as it cannot be used to identify you.
6. Your Rights and Choices
Depending on your location and applicable law, you may have some or all of the following rights regarding your personal data:
| Right | Description |
|---|---|
| Access | Request a copy of the personal data we hold about you. |
| Correction | Request correction of inaccurate or incomplete personal data. |
| Deletion | Request deletion of your personal data (subject to legal retention requirements). |
| Portability | Request a machine-readable copy of your personal data. |
| Restriction | Request that we limit how we process your personal data. |
| Objection | Object to processing based on legitimate interests. |
| Withdraw Consent | Where processing is based on consent, withdraw that consent at any time. |
| Non-Discrimination | We will not discriminate against you for exercising your privacy rights. |
To exercise any of these rights, contact us at support@musicmuse.astrionix.io. We will respond to verified requests within thirty (30) days. We may request identity verification before processing your request.
7. Account Deletion
You may request deletion of your account and all associated personal data at any time by:
- Using the account deletion feature in your profile settings
- Sending an email to support@musicmuse.astrionix.io from the email address associated with your account
Upon receiving a verified deletion request:
- Any active subscription must be canceled before deletion is processed. We will guide you through this if needed.
- We will delete or anonymize your personal data within thirty (30) days.
- Certain data (billing records, abuse reports) may be retained as required by law or to protect our legitimate interests.
- Deletion is irreversible. Your progress, XP, badges, and practice history will be permanently lost.
8. Children's Privacy
MusicMuse is not directed to children under the age of thirteen (13). We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13 without verifiable parental consent, we will take steps to delete that information as quickly as possible.
If you are a parent or guardian and believe your child under 13 has provided personal information to us, please contact support@musicmuse.astrionix.io immediately.
Users between thirteen (13) and eighteen (18) years of age must have parental or guardian consent to use the Service. Organization administrators who enroll minors are responsible for obtaining appropriate consent.
9. International Data Transfers
MusicMuse is operated from the United States. If you are accessing the Service from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
For users in the EEA/UK, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and/or the UK Information Commissioner's Office to provide adequate data protection safeguards for international transfers.
10. Data Security
We implement industry-standard technical and organizational measures to protect your personal data, including:
- Encrypted data transmission using HTTPS/TLS for all connections
- Secure password storage using bcrypt hashing (we never store plaintext passwords)
- CSRF (Cross-Site Request Forgery) protection on all forms
- Rate-limited login attempts with automatic account lockout after repeated failures
- Role-based access controls restricting who can view and modify data
- Audit logging of all sensitive operations (logins, data changes, administrative actions)
- Regular security reviews of our codebase and infrastructure
Despite these measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and encourage you to use a strong, unique password for your MusicMuse account.
11. Cookies and Tracking Technologies
We use cookies and similar technologies as described in our Cookie Policy. In summary, we use only essential cookies required for the Service to function (session management, authentication, security). We do not currently use third-party advertising or tracking cookies.
12. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out of Sale: We do not sell your personal information. If this changes, we will provide a clear opt-out mechanism.
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
To exercise your California privacy rights, contact support@musicmuse.astrionix.io.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Provide notice via email to the address associated with your account
- Display a prominent notice within the Service
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes acceptance of the revised policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: support@musicmuse.astrionix.io
- Web: Contact Form
- Entity: Astrionix LLC
If you are in the EEA and believe we have not adequately addressed your concerns, you have the right to lodge a complaint with your local data protection supervisory authority.