Privacy Policy

Last updated: March 25, 2026

1. Introduction

This Privacy Policy describes how DENOISE-AI ("Company," "we," "us," or "our") collects, uses, stores, and protects information when you use the DENOISE-AI platform, including the web application, API, and all related services (collectively, the "Service"). By using the Service, you consent to the data practices described in this Policy. If you do not agree with this Policy, please do not use the Service.

2. Information We Collect

2.1 Account Information

  • Email address and display name provided during registration.
  • Authentication credentials managed through Firebase Authentication (we do not store raw passwords).
  • Account preferences and settings.

2.2 Billing Information

  • Payment and subscription information processed by Stripe. We do not store your full credit card numbers, CVV, or other sensitive payment details on our servers. Stripe handles payment data in accordance with PCI DSS standards.
  • Transaction history, including plan type, purchase dates, and amounts paid.

2.3 Uploaded Files

  • Audio and video files you upload for processing through the web interface or API.
  • Processed output files generated by the Service.
  • File metadata such as file name, format, size, and duration.

2.4 API-Specific Data

  • Hashed API keys (we do not store your raw API keys after initial generation; only cryptographic hashes are retained for authentication purposes).
  • API request logs, including timestamps, endpoints called, request parameters, and response status codes.
  • Processing metadata such as input audio duration, processing type, and job completion status.
  • Usage metrics including minutes consumed, request counts, and rate limit events.

2.5 Automatically Collected Information

  • Device and browser information, including browser type and version, operating system, and device type.
  • IP addresses.
  • Pages visited, features used, and actions taken within the Service.
  • Referring URLs and how you arrived at the Service.
  • Date, time, and duration of your visits.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide the Service: To process your audio files, deliver results, manage your account, and provide customer support.
  • Process Payments: To process credit purchases, API plan subscriptions, and manage billing through Stripe.
  • Enforce Rate Limits and Quotas: To monitor API usage, enforce plan limits, and ensure fair usage of the Service across all users.
  • Prevent Abuse: To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity, including abuse of API keys, circumvention of rate limits, and violations of our Terms of Service.
  • Improve the Service: To analyze usage patterns, diagnose technical issues, and improve the performance, reliability, and features of the Service. We do not use your uploaded audio files to train our machine learning models.
  • Communicate: To send you service-related notifications, security alerts, and important updates about your account or the Service.
  • Comply with Legal Obligations: To comply with applicable laws, regulations, legal processes, or governmental requests.

4. Data Retention

4.1 Uploaded and Processed Files

Uploaded audio and video files, along with processed output files, are deleted from our servers after processing is complete, subject to a short retention window (typically up to 24 hours) to ensure reliable delivery and allow for re-download. After the retention window, files are permanently deleted from our active storage. We do not maintain long-term archives of your audio content.

4.2 API Logs and Usage Data

API request logs and usage metrics are retained for a period necessary to ensure billing accuracy, facilitate dispute resolution, enforce our Terms of Service, and comply with legal obligations. This retention period is typically up to 90 days for detailed request logs and up to 12 months for aggregated usage and billing records.

4.3 Account Data

Account information is retained for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing our Terms).

5. Third-Party Sharing

We do not sell, rent, or trade your personal information or uploaded content to third parties. We share data only with the following categories of service providers, and only as necessary to operate the Service:

  • Stripe: For payment processing and subscription management. Stripe receives your payment information directly and processes it in accordance with their own privacy policy and PCI DSS standards.
  • Google Cloud Platform: Our infrastructure provider. Your files and data are processed and stored on Google Cloud servers. Google acts as a data processor on our behalf and is contractually obligated to protect your data.
  • Firebase (Google): For authentication services and user account management.

We may also disclose your information if required to do so by law, court order, or governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

6. Security Measures

We implement commercially reasonable technical and organizational security measures to protect your information, including:

  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security).
  • Hashed API Keys: API keys are stored as cryptographic hashes. Raw API keys are displayed only once at the time of creation and are not stored or retrievable thereafter.
  • Firebase Authentication: User authentication is managed through Firebase Auth, which provides secure credential storage and session management.
  • Access Controls: Access to user data is restricted to authorized personnel and systems on a need-to-know basis.
  • Infrastructure Security: Our services run on Google Cloud Platform, which maintains robust physical and network security controls.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee the absolute security of your data.

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: You may access and review the personal information associated with your account through your account settings.
  • Correction: You may update or correct your account information at any time through your account settings.
  • Deletion: You may request deletion of your account and associated personal data through your account settings or by contacting us through our Community page. Account deletion is permanent and cannot be undone.
  • Data Export: You may request an export of the personal data we hold about you by contacting us through our Community page.
  • Opt Out: You may opt out of non-essential communications. Service-related notifications (such as security alerts and billing confirmations) cannot be opted out of while your account remains active.

8. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

  • Essential Cookies: Session cookies for authentication and maintaining your logged-in state. These are strictly necessary for the Service to function and cannot be disabled.
  • Analytics Cookies: We may use analytics tools to understand how users interact with the Service, which features are most popular, and how we can improve the user experience. Analytics data is collected in aggregate form.

Most web browsers are set to accept cookies by default. You can adjust your browser settings to refuse cookies, but doing so may impair the functionality of the Service.

9. Children’s Privacy

The Service is not intended for or directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us through our Community page.

10. International Data Processing

The Service is operated from and data is processed in the United States using Google Cloud Platform infrastructure. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence. By using the Service, you consent to the transfer and processing of your information in the United States.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and may provide additional notice (such as an in-app notification or email). Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Policy. We encourage you to review this Policy periodically.

12. Contact

For privacy-related questions, concerns, data requests, or to exercise your rights under this Policy, please visit our Community page to connect with our support team. You may also reach us through the Reddit discussion group linked on that page.