Introduction
LoveSol ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
We comply with COPPA (Children's Online Privacy Protection Act) and GDPR (General Data Protection Regulation) to ensure the highest standards of privacy protection for you and your loved ones.
We do not knowingly collect personal information from children under 13 without parental consent.
Information We Collect
We collect the following types of information to provide and improve our service:
Account Information
- Email address (for authentication and account management)
- Password (encrypted and securely stored)
- Account creation date and last login information
- Authentication method (Apple, Google, or email)
Personalization Data
- Recipient's name (for personalizing song lyrics)
- Occasion type (for personalized content)
- Preferences and themes selected
Usage Data
- App interactions and feature usage
- Song creation frequency and patterns
- Music style and theme preferences
- Language preferences
- Audio playback statistics
Technical Data
- Device type and model
- Operating system version
- App version and build number
- Network connection type
- Crash reports and error logs
- • Precise location data
- • Photos or videos
- • Contact lists or address books
- • Social media information
- • Biometric data
- • Health or medical information
How We Use Your Information
We use the collected information for the following purposes:
| Purpose |
Data Used |
Legal Basis |
| Create personalized songs |
Recipient information, preferences |
Contract performance |
| Provide and maintain our service |
Account information, technical data |
Contract performance |
| Improve user experience |
Usage data, preferences |
Legitimate interest |
| Send important service updates |
Email address |
Contract performance |
| Respond to support requests |
Account information, technical data |
Contract performance |
| Ensure app security and prevent fraud |
Account information, technical data |
Legitimate interest |
| Process subscription payments |
Account information |
Contract performance |
Data Storage & Security
We implement industry-standard security measures to protect your data:
Encryption & Security
- All data is encrypted in transit using TLS 1.3
- Data at rest is encrypted using AES-256
- Passwords are hashed using bcrypt
- API keys and sensitive data are securely stored
Infrastructure & Access
- Data is stored on secure Supabase servers
- Regular security audits and penetration testing
- Access to data is strictly controlled and logged
- Employee access requires multi-factor authentication
Data Retention
- Account data: Retained while account is active
- Personalization data: Deleted upon account deletion
- Usage data: Anonymized after 2 years
- Generated songs: Stored according to subscription tier
Children's Privacy (COPPA Compliance)
We take children's privacy very seriously and comply with COPPA requirements:
- • We do not knowingly collect personal information from children under 13
- • Personalization data is used solely for song creation
- • Users have full control over their data
- • No behavioral advertising or tracking of children
- • No sharing of personal data with third parties
- • Users can request deletion of their data at any time
User Controls
- Account creation requires adult verification
- Users can review and delete personalization data
- No automatic data collection from children
- Clear consent mechanisms
Data Sharing & Third Parties
We are committed to protecting your privacy and limit data sharing:
Service Providers (Limited Data Sharing)
- Supabase: Database and authentication services
- OpenAI/Suno: AI song generation (no personal data shared)
- Apple/Google: Authentication services
- RevenueCat: Subscription management and analytics
- • Sell personal information to third parties
- • Share personal information with advertisers
- • Use data for behavioral advertising
- • Share data with social media platforms
Subscription & Payment Data
As part of providing our premium subscription service, we collect and process certain subscription-related data:
What Subscription Data We Collect
- Subscription status and plan type (weekly, monthly, or annual), including free trial status
- Purchase dates, free trial start/end dates, and renewal dates
- Transaction identifiers provided by Apple (no financial data is stored directly by us)
- Credit balance and usage history within the app
Third-Party Payment Processing
- Apple handles all payment processing — we never see or store your credit card details or any payment instrument data
- RevenueCat manages subscription state synchronization between Apple and our servers, allowing us to accurately grant and revoke premium access
- Subscription data is used solely for service delivery (granting premium features), customer support, and fraud prevention
Your Rights (GDPR Compliance)
You have the following rights regarding your personal data:
Data Rights
- Access: Request a copy of your personal data
- Correction: Update inaccurate or incomplete data
- Deletion: Request deletion of your account and all data
- Portability: Export your data in a machine-readable format
- Restriction: Limit how we process your data
- Objection: Object to certain types of processing
Communication Preferences
- Opt-out of marketing communications
- Control notification settings
- Withdraw consent at any time
- Request data processing restrictions
International Data Transfers
Your data may be processed in countries other than your own:
- • Data is primarily stored in the United States
- • We ensure adequate protection through standard contractual clauses
- • We comply with local data protection laws
- • Cross-border transfers are minimized where possible
Cookies & Tracking
Our app uses minimal tracking for essential functionality:
- • No third-party advertising cookies
- • No cross-site tracking
- • Analytics are anonymized and aggregated
- • You can opt-out of non-essential tracking
Data Breach Response
In the unlikely event of a data breach, we will:
- • Notify affected users within 72 hours
- • Report to relevant authorities as required by law
- • Take immediate steps to contain and remediate
- • Provide guidance on protective measures
- • Conduct a thorough investigation
Changes to This Policy
We may update this Privacy Policy from time to time:
- • Material changes will be notified via email
- • In-app notifications for significant updates
- • Updated effective dates will be clearly marked
- • Continued use constitutes acceptance of changes