Privacy Policy
How Muzings collects, uses, and protects personal data. This draft is structured to meet GDPR Art. 13/14 and CCPA disclosure requirements.
Last updated: [TODO]
Who we are (the controller)
Muzings LLC (“Muzings,” “we,” “us”) is the data controller for the personal data described in this policy. We are a limited liability company registered in California, USA (entity no. B20260172274), with our registered office at 6615 Fathom Way, Goleta, CA 93117, USA.
For any privacy question, or to exercise the rights set out below, contact us at hello@muzings.ai.
[TODO: confirm whether a Data Protection Officer or EU/UK representative is appointed, and add contact details if so.]
What data we collect
We group the personal data we process into three categories.
- Account data. Information you provide to create and manage your account — for example your name and email address.
- Content you create. The material you submit to the service while using it, including any uploads.
- Technical and usage data. Information generated as you use the service — for example IP address, device and browser information, and activity logs.
[TODO: confirm the exact fields collected in each category once the product surfaces are finalised.]
Why we process it (legal bases)
Under the GDPR we rely on one or more of the following legal bases, depending on the purpose.
- Performance of a contract. To provide the service you have signed up for and to operate your account.
- Legitimate interests. To secure, maintain, and improve the service, and to prevent abuse — balanced against your rights. [TODO: document the balancing assessment.]
- Consent. Where we ask for it, for example for non-essential cookies or optional communications. You can withdraw consent at any time.
- Legal obligation. To comply with laws that apply to us, for example tax, accounting, or lawful requests.
How long we keep it (retention)
We aim to keep personal data only for as long as necessary for the purpose it was collected, then delete or anonymise it.
- Account data — kept while your account is active and for up to 90 days after you close it, then deleted or anonymised, unless a longer period is required by law (for example tax or accounting records). [CONFIRM with counsel: closure grace period and any statutory minimums.]
- Content you create — kept while your account is active; deleted within 30 days of account deletion or a valid erasure request, subject to routine backups cycling out. [CONFIRM with counsel: deletion window and backup-expiry interaction.]
- Technical and usage data / logs — operational logs retained up to 12 months; security and audit logs retained up to 7 years to meet security-monitoring and compliance obligations. [CONFIRM with counsel: these mirror our internal log-retention schedule.]
Who we share it with
We use a small number of third-party processors to run the service, each under contract and only for the purposes we set. The current list — with purpose, data shared, and processing region — is published on our Subprocessors page.
California residents (CCPA/CPRA). We do not sell your personal information, and we do not “share” it for cross-context behavioural advertising, as those terms are defined under California law — so no “Do Not Sell or Share My Personal Information” action is needed to stop such activity. In the preceding 12 months we have disclosed the categories of personal information described above (identifiers, customer content, and internet/usage activity) only to the service providers listed on our Subprocessors page, solely so they can operate the service on our behalf. [CONFIRM with counsel: the CCPA category mapping and that no “sale” or “share” occurs across every current data flow.]
AI processing of your content
Muzings is an AI product: to file, recall, and answer questions about your notes, we send the content you submit to the AI providers listed on our Subprocessors page — Anthropic for text generation, and OpenAI for semantic-search embeddings and (on desktop) voice transcription. Voice capture on a mobile device is transcribed by that device’s built-in speech service — Google on Android, Apple on iOS — rather than by OpenAI. We share only what a given feature needs, attributed to your account. Where a feature draws on publicly available information (for example a web search to identify an unfamiliar name in a note), we may use that public information freely.
- Personal identifiers — including people’s names — are masked before text-generation AI sees them. Before your text is sent for AI text generation and chat answers, we use machine-learning detection to replace high-risk identifiers — names of people, email addresses, phone numbers, government ID numbers, and payment-card numbers — with placeholders, and restore the real values only in the reply, on our own servers. Names use a stable per-account placeholder so the AI can still connect your notes about the same person without ever seeing who they are. This is masking (pseudonymisation), not encryption, and it is not end-to-end encryption.
- Semantic-search embeddings and voice transcription are not masked first. To make recall work, the text of your notes is sent to the embeddings provider as written, and voice recordings are sent to the transcription provider as recorded — these paths are not masked beforehand. They remain covered by the no-train, retention, and access-control protections below.
- Remaining content is processed under the protections below. Places and the body of your notes are sent to the AI as written — the AI needs them to be useful — and are protected by the no-train, retention, and access-control measures in this section rather than by masking.
- Not used to train AI. Your content is not used to train the providers’ AI models — their commercial APIs exclude API inputs and outputs from model training.
- Limited retention at the provider. We process under each provider’s data-processing terms and are putting zero/limited-retention configurations in place. [CONFIRM with counsel: link the executed provider DPAs and state the retention term relied on for each.]
- Minimised in our own logs. Our internal AI-call ledger stores your prompts and the AI’s replies with personal-data shapes masked by default, and can be configured to store no content at all.
- No end-to-end encryption. Because the service reasons over your content on our servers and at the AI provider, your data is encrypted in transit and at rest and is logically separated per account, but it is not end-to-end encrypted — which would make these AI features impossible.
We do not use your content to build advertising profiles, and we do not sell it.
International transfers
Our infrastructure is hosted in the United States (Amazon Web Services, US-East-2 / Ohio). Where personal data is transferred from the EEA or the UK to the United States or another third country, we rely on appropriate safeguards — the European Commission’s Standard Contractual Clauses (SCCs) and, for UK transfers, the UK International Data Transfer Addendum (IDTA) — together with supplementary measures including encryption in transit and at rest.
Our primary infrastructure provider, Amazon Web Services, also participates in the EU–U.S., UK Extension, and Swiss–U.S. Data Privacy Framework. [CONFIRM with counsel: the transfer mechanism relied on per subprocessor, and link the executed SCCs / IDTA.]
Your rights
Subject to applicable law, you may have the right to access, rectify, or erase your personal data, to data portability, to object to or restrict certain processing, and to withdraw consent. CCPA gives California residents comparable rights, including the right to know and to delete.
To exercise any of these, email hello@muzings.ai. If you are in the EEA or the UK, you also have the right to lodge a complaint with your local data-protection supervisory authority. Because we are established in the United States rather than the EEA/UK, the GDPR “one-stop-shop” lead-authority mechanism does not apply, so you may contact the authority in your country of residence.
How we protect it
We apply technical and organisational measures intended to protect personal data — including encryption in transit, access controls, and monitoring. A fuller, honestly-staged inventory of our controls is on the Trust Center.
Changes to this policy
We may update this policy from time to time. When we do, we will revise the “Last updated” date above. [TODO: confirm how material changes will be communicated.]