Privacy Policy

Last updated: June 3, 2026

1. Who we are

SonicStu ("we", "us") operates sonicstu.com and provides AI music creation tools and a marketplace. This policy explains what data we collect, why, and how we protect it.

2. Data we collect

• Account data: email, password hash, display name, profile image.
• Generated content: prompts, uploaded audio, generated tracks, lyrics, cover art.
• Billing data: handled by Stripe; we store only Stripe customer IDs and the last 4 digits of cards for receipts.
• Usage data: page views, generation counts, device/browser info, and IP address for security.

3. How we use your data

To operate the service, generate your music, process payments, prevent fraud, and improve the product. We do not sell your data to third parties.

4. AI model training

By default, we do not train our models on your prompts or generated audio. Optional opt-in programs may apply for community-shared content; you can opt out at any time in account settings.

5. Sharing

We share data only with sub-processors that operate the service: hosting (Cloudflare), database/storage (Supabase), payments (Stripe), email (Resend), and AI engines (Replicate, Suno, Google). Each is bound by a data processing agreement.

6. Your rights

You can access, export, correct or delete your account data at any time from your dashboard, or by emailing privacy@sonicstu.com. GDPR and CCPA requests are honored within 30 days.

7. Retention

We retain account data for as long as your account is active, plus 90 days after deletion for backups. Generated audio is retained until you delete it. Billing records are retained for 7 years for tax compliance.

8. Security

Data is encrypted in transit (TLS 1.3) and at rest (AES-256). See our Security page for details.

9. Children

SonicStu is not intended for users under 13. We do not knowingly collect data from children.

10. Contact

Questions: privacy@sonicstu.com.