Privacy Policy

Introduction

Scope of Policy and Terms of Consent

Welcome to our music generation service platform. We deeply understand the importance of your personal privacy and are fully committed to protecting the security of your personal information. This Privacy Policy is meticulously designed to provide you with a detailed explanation of how we collect, utilize, store, share, and protect your personal data when you visit our website, use our applications, and interact with our related services. This Privacy Policy applies comprehensively to all artificial intelligence-based music generation products and associated digital services offered by us. When you register for an account, browse our web pages, or actively utilize our generation tools, it signifies that you have fully read, completely understood, and voluntarily agreed to the entirety of this Privacy Policy. If you do not agree with any provision contained within this policy, you must immediately cease accessing and stop using our services. We strongly encourage you to carefully read every section of this document to fully comprehend your privacy rights and the specific methods by which we fulfill our data protection obligations.

Information We Collect

Account Registration and Basic Information

In order to provide you with our core service functionalities, we collect your basic identity information when you create an account on our platform. This information primarily includes your email address, the account password you establish, the username you select, and your profile avatar. If you choose to register and log in via a third-party social media account or single sign-on service, we will obtain your public information on that third-party platform within the scope of your authorization, such as your unique account identifier and the associated email address. This basic information serves as the necessary prerequisite for us to establish your exclusive cloud workspace, verify your user identity, and safeguard your account security.

User Generated Content and Prompts

As an artificial intelligence music generation tool, we collect the creative instructions you actively input when utilizing our core features. This encompasses various prompt words you type into the text input boxes, original lyrics you author, music genre tags you select, emotional tendency settings, and your specific descriptions regarding instrument arrangements. These inputs constitute the core material that drives the artificial intelligence engine to perform creation. We collect and record this information so that the system can accurately comprehend your creative intentions and transmit them to the underlying generative models, thereby delivering audio results that meet your expectations. Concurrently, the system will also record the final audio files, project files, and associated metadata generated based on your prompts.

User Uploaded Audio and Reference Materials

Within certain advanced customization features, we allow you to upload external audio files or reference materials to enable the artificial intelligence models to perform style transfer or vocal cloning processing. When you utilize this feature, we will collect and temporarily store the dry vocal files, backing tracks, or media files in other formats that you upload. We hereby solemnly promise that such reference materials uploaded by you are exclusively used to respond to your specific generation request at that time. We employ strict isolation mechanisms when handling these sensitive media files to ensure they will never be accessed by any unauthorized third parties.

Automatically Collected Usage Data and Terminal Information

During the course of your interaction with our platform, to ensure the stability of our services and optimize system performance, our servers will automatically record your device information and network activity data. This data covers your internet protocol address, the type and version of the browser you are using, the specific details of your operating system, unique device identifiers, and your approximate geographical location information. Furthermore, we will track your specific operational trajectories on the platform, such as the pages you visit, the buttons you click, the frequency at which you initiate generation requests, the time consumed by generation tasks, and your interaction records with error prompt messages. These diagnostic data are absolutely vital for us to troubleshoot system failures and continuously improve the product's user experience.

Payment and Billing Information

When you decide to upgrade from a free user to our subscribed user or purchase additional computing power credits, you are required to provide relevant financial information to complete the transaction. Please be aware that we do not directly store your complete credit card numbers or sensitive payment verification codes on our own servers. We rely entirely on third-party payment processing organizations that comply with international data security standards to complete the financial settlements. We will only receive and store non-sensitive order information from the payment gateways, such as your billing address, transaction receipt numbers, subscription effective time, subscription tier, and payment status, in order to issue invoices for you, manage your subscription privileges, and provide subsequent billing inquiry services.

How We Use Your Information

Providing and Maintaining Music Generation Services

The primary purpose for collecting the aforementioned information is to fulfill the service agreement between you and us, ensuring the music generation tools can operate stably around the clock. We will utilize your prompts and materials to drive the underlying algorithms and complete the complex audio rendering processes in the cloud. During this process, our internal systems need to invoke third-party artificial intelligence interfaces, and your input instructions and necessary parameters will be securely transmitted to these third-party partners who provide the core generation capabilities. These third-party partners are strictly authorized to use your data solely for executing the current music generation tasks, and they are bound by rigorous confidentiality agreements, strictly prohibiting them from using your prompts or audio for their own unverified commercial purposes. Beyond this, your account information will be used for cross-device progress synchronization, ensuring you can access your historical generated music library on any terminal.

AI Model Training and Algorithm Optimization

In order to continuously elevate the quality of music generation, audio fidelity, and the models' ability to comprehend natural language prompts, we may analyze and learn from aggregated data stripped of personal identity features, strictly within the boundaries permitted by law. This means your anonymized prompt structures, genre preferences, and quality feedback on generation results might be utilized for the internal fine-tuning and iteration of our algorithms. However, we absolutely respect your intellectual property rights and personal privacy; any data containing your explicit personal identification markers, as well as content you generate in private mode, will never be directly used as training corpora for public models. We are dedicated to finding the most rigorous balance between technological advancement and user privacy protection.

Customer Support and Service Notifications

Your contact information and usage records will be utilized to provide highly efficient customer support services. When you submit a support ticket to our technical team or report a system vulnerability, we will review your system logs and account status to rapidly locate and resolve the issues you encounter. Furthermore, we will use your email address to send you service notifications that are critically important for your account security, such as password reset links, subscription status change alerts, payment failure warnings, and legal notices regarding significant privacy policy updates. These communications are indispensable for maintaining your vital interests.

Fraud Prevention and Platform Security

Safarding the security of the entire digital ecosystem is our unshrinkable responsibility. We will comprehensively utilize your terminal information, internet protocol addresses, and operational behavior patterns to construct an automated security risk control system. This data will be used to detect and defend against malicious registrations, computing power abuse, abnormal interface invocations, and potential cyber attack behaviors. If our security algorithms identify a suspicion that a certain account is exploiting platform vulnerabilities for illegal profit or generating content that violates laws and regulations, we will utilize the collected access logs for manual verification and, when necessary, take decisive measures such as freezing the account, restricting functionalities, or even reporting to relevant law enforcement agencies.

How We Share and Disclose Your Information

Cloud Computing and Infrastructure Service Providers

To support the massive parallel computing demands and the stable storage of vast amounts of audio files, we must rely on industry-leading cloud computing service providers, data center operators, and content delivery network suppliers. Consequently, your personal data and generated audio files will be securely hosted on these infrastructures. We exclusively select top-tier suppliers who have passed rigorous international information security certifications, and we sign highly legally binding data processing agreements with them, ensuring they can only process data according to our written instructions and must implement the highest level of physical and network security defense measures. As mentioned previously, this also includes the third-party artificial intelligence interface providers who supply our core generative computing power, as they are an indispensable link in our service chain.

Third-Party Payment Processing Institutions

When processing your subscription payments, your billing details will be shared with regulated financial payment gateways. These specialized institutions are responsible for processing your fund transfers and verifying your payment credentials. They possess independent and strict privacy protection mechanisms, assuming the responsibility of guaranteeing the absolute security of your financial data. Our information sharing with them is strictly limited to the absolute minimum data scope required to complete individual transactions and handle subsequent refund disputes.

Legal Compliance and Mandatory Disclosures

Under certain extreme and necessary circumstances, if we receive legally binding subpoenas, court orders, or other mandatory legal documents from government agencies, we will be compelled to disclose your personal information. Additionally, we reserve the right to disclose relevant information in accordance with the law if we firmly believe it is necessary to investigate, prevent, or take action regarding suspected illegal activities, significant fraud risks, behaviors posing potential threats to anyone's physical safety, or to defend against actions that violate our terms of service. Prior to making any mandatory disclosures, unless expressly prohibited by law, we will generally make our utmost effort to notify you in advance.

Business Transfers and Corporate Restructuring

If our company experiences a merger, is acquired by another entity, undergoes asset restructuring, enters bankruptcy liquidation, or sells the majority of its core business assets in the future, your user data, acting as a crucial component of our company's assets, may be transferred to the new owner or assignee. Upon the occurrence of such ownership changes, we will notify you through prominent announcements on our website or by sending direct emails, ensuring that the receiving party continues to be bound by this Privacy Policy or privacy terms of an equivalent level of protection.

Data Storage and Security Protection

Data Encryption and Security Technical Measures

We employ encryption technologies that conform to the highest industry standards to protect your data security. All network communications between you and our servers are encrypted end-to-end utilizing Secure Sockets Layer technology to prevent data from being maliciously intercepted during transmission. Regarding data storage at rest, your account passwords undergo irreversible cryptographic hash and salt processing, and your sensitive credentials and audio files are protected in our cloud databases using Advanced Encryption Standards. Not only have we deployed firewalls, intrusion detection systems, and automated vulnerability scanning tools at the software level, but we have also strictly limited our internal employees' access privileges to production environment databases, ensuring only core technical personnel who have passed strict background checks and obtained specific authorization can access controlled data when absolutely necessary.

Data Retention and Anonymization Periods

Regarding the music content and prompt records you generate on the platform, we implement differentiated data retention strategies that depend specifically on your account subscription status. For basic non-subscribed users utilizing the free services, in order to optimize our server storage resource allocation and practice the principle of data minimization, all audio files you generate, inputted prompt logs, and associated metadata will only be retained in our system for fourteen days. Upon the expiration of the fourteen-day period, the generated data of these non-subscribed users will automatically trigger permanent deletion procedures by the system and cannot be recovered. For active paid subscribed users, we will retain your generated asset library long-term until you actively terminate your subscription, cancel your account, or manually execute deletion operations within your workspace. Following a reasonable grace period after your account is canceled or your subscription is terminated, we will completely erase or irreversibly anonymize your personal data, rendering it permanently incapable of identifying your personal identity.

Your Privacy Rights and Control Options

Accessing and Correcting Your Personal Information

You possess the complete right to log into your account dashboard at any time to access the core personal profile we hold concerning you. If you discover that your email address, username, or other identity information has changed or contains recording errors, you can directly update and correct them through the account settings page. For deeper system data that cannot be directly modified on the interface, you have the right to submit a written data access request to our privacy support team, and we will provide you with a structured copy of your personal data within the legally prescribed response timeframe.

Account Cancellation and Complete Data Deletion

We grant you the right to be forgotten. If you decide to no longer use our music generation services, you can find the option to permanently cancel your account within the account security settings. Once you submit a cancellation application and pass secondary identity verification, aside from data that must be briefly retained to fulfill tax audits, prevent legal litigation, and comply with statutory retention obligations, all your personal identity information, historical prompt records, and unexpired long-term retained audio files will be completely purged from our active databases and backup systems.

The Right to Opt-Out of AI Model Training

We deeply comprehend the protection needs of certain professional creators regarding prompt engineering and original inspiration. Therefore, we provide you with the option to opt-out of internal algorithm optimization. You can explicitly activate the option within your account's privacy settings panel to refuse having your prompts and generation results included in any future model training datasets. Once you exercise this right, your data will be flagged with a restricted processing status, utilized exclusively to provide you with real-time generation services, and we will sever any possibility from the foundational level of these data flowing into our research and development training pipelines, fully guaranteeing your creative privacy.

Privacy Rights for Different Geographic Regions

If you are a resident of the European Economic Area, you enjoy specific rights granted by the General Data Protection Regulation, including the right to restrict data processing, the right to data portability, and the right to lodge complaints with local regulatory authorities. If you are a resident of California, United States, under the California Consumer Privacy Act, you have the right to request that we disclose the categories of personal information collected over the past twelve months, and you possess the absolute right to opt-out of the sale of your personal information. We solemnly declare that we will never sell your personal data to any third-party data brokers. We will earnestly safeguard every one of your statutory privacy rights in accordance with the specific legal requirements of your jurisdiction.

Protection of Minors' Privacy

Our complex artificial intelligence generation services and related commercial functionalities are not designed for minors. We will never intentionally or actively collect personal data from any child who has not reached the statutory digital age of consent. During the user registration process, we mandate that all users must pledge they have met the adulthood standards stipulated by their country or region. If we discover during routine security reviews, or through reports from parents and legal guardians, that we have accidentally collected personal information of minors, we will immediately employ top-priority technical measures to locate and urgently delete these illicitly acquired children's data from all servers, and unconditionally terminate the associated violating accounts.

Rules for Cross-Border Data Transfers

Given that our service architecture is deployed globally, and we rely on third-party cloud computing providers and artificial intelligence interface partners who may be located in multiple different countries worldwide, your personal information may consequently need to be transmitted, processed, and stored in locations outside your jurisdiction. The data protection laws and regulations of these destination countries may differ from the standards of your home country. When such unavoidable cross-border data transfers occur, we will strictly comply with applicable legal provisions by signing standard contractual clauses, relying on adequacy decisions of relevant countries, or implementing strict corporate binding rules to ensure your data continues to receive a level of security protection equivalent to what is promised in this Privacy Policy after leaving your country.

Changes and Update Notifications for this Privacy Policy

With the rapid evolution of artificial intelligence technology, the continuous release of new features on our platform, and the ongoing amendments to global privacy protection laws, we need to irregularly update the contents of this Privacy Policy. When we make substantial, material changes to this policy that affect your core rights, such as expanding the scope of data collection, introducing new third-party sharing mechanisms, or altering data retention periods, we will not only post an update notification in a prominent position on our official website but also send you a dedicated reminder email to the email address you provided during registration. We strongly recommend that you periodically revisit this page to stay informed of our latest privacy protection dynamics at all times. Your continued use of our services after the effective date of the updated Privacy Policy will be deemed as your acceptance of all the modified terms.

Contact Us

We attach great importance to your concerns regarding personal privacy protection. If you generate any questions while reading this Privacy Policy, or if you wish to exercise any of your statutory privacy rights, or if you have any complaints and suggestions regarding our data processing practices, please feel free to contact us at any time via the designated legal support email address provided at the bottom of our official website. Our professional privacy compliance team will earnestly listen to your appeals and provide you with a detailed, professional, and satisfactory response in the fastest possible time after receiving your request. We are dedicated to building a secure and reliable music creation platform for you, founded on a basis of transparency and trust.

Our Email: support@beatbun.com