Privacy Policy

1. Introduction

HitsForge ("we," "us," "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email, password, name when you sign up
• Profile Information: Display name, brand name, logo uploads
• Payment Information: Billing details (processed securely by Stripe)
• Content: Music prompts, lyrics, tags, and preferences you input

2.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on platform
• Device Information: Browser type, IP address, operating system
• Cookies: Session cookies for authentication and preferences
• Analytics: Anonymous usage patterns to improve the Service

2.3 Third-Party Platform Data

When you connect social media accounts (TikTok, Instagram, YouTube):

• OAuth access tokens (encrypted and stored securely)
• Platform user ID and username
• Posting permissions you grant

3. How We Use Your Information

We use your information to:

• Provide the Service: Generate music, create videos, publish to platforms
• Account Management: Authenticate users, manage subscriptions, track usage
• Improve AI Models: Train and improve music generation quality (anonymized data only)
• Customer Support: Respond to inquiries and troubleshoot issues
• Payment Processing: Bill subscriptions and process payments
• Analytics: Understand usage patterns and optimize features
• Legal Compliance: Comply with laws and prevent fraud

4. How We Share Your Information

We do NOT sell your personal information. We may share data with:

4.1 Service Providers

• Supabase: Database and authentication (data encrypted at rest)
• Stripe: Payment processing (PCI-DSS compliant)
• Cloudflare R2: Media storage and CDN
• Vercel: Hosting and deployment
• Music API Providers: AI music generation (prompts only, no personal info)

4.2 Social Media Platforms

When you authorize posting to TikTok, Instagram, or YouTube, we share only the content you explicitly choose to publish. We use OAuth tokens to post on your behalf.

4.3 Legal Requirements

We may disclose information if required by law, court order, or to protect our rights and safety.

5. Data Retention

We retain your data as follows:

• Account Data: Until you delete your account
• Generated Content: 90 days after creation (you can download anytime)
• Usage Logs: 12 months for analytics
• Payment Records: 7 years (legal requirement)

6. Data Security

We implement security measures including:

• Encryption in transit (HTTPS/TLS) and at rest
• Secure password hashing (bcrypt)
• OAuth token encryption
• Regular security audits
• Access controls and monitoring

However, no system is 100% secure. Use strong passwords and enable two-factor authentication when available.

7. Your Privacy Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update inaccurate information
• Deletion: Request account and data deletion
• Data Portability: Export your data in machine-readable format
• Opt-Out: Unsubscribe from marketing emails
• Revoke Permissions: Disconnect social media accounts anytime

To exercise these rights, contact us at: privacy@hitsforge.com

8. Cookies and Tracking

We use cookies for:

• Essential Cookies: Authentication and session management (required)
• Analytics Cookies: Usage tracking (can be disabled)
• Preference Cookies: Remember your settings

You can control cookies via your browser settings, but disabling essential cookies may break functionality.

9. Children's Privacy

HitsForge is not intended for users under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure adequate safeguards through standard contractual clauses and encryption.

11. Third-Party Links

HitsForge may contain links to external sites (TikTok, Instagram, YouTube). We are not responsible for their privacy practices. Review their policies separately.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or prominent notice on the Service.

13. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

Email: privacy@hitsforge.com
Website: https://hitsforge.com
Response Time: Within 30 days