Privacy Policy

Last updated: March 17, 2026

1. Information We Collect

Account information

When you create an account, we collect your email address and password (stored as a secure hash). If you sign in via Google OAuth, we receive your Google profile email and name.

Workspace and usage data

Data generated by your use of the Service, including: keyword configurations, discovered creator profiles, pipeline items, scoring results, outreach drafts, custom system prompts, prompt version history, and usage counters.

Creator data from third-party platforms

The Service collects publicly available information about content creators from YouTube, TikTok, and Instagram, including:

  • Public usernames / handles and profile URLs
  • Follower and subscriber counts
  • Public bio text and external URLs
  • Public content URLs, captions, and post dates
  • Engagement metrics (views, likes, comments) on public content
  • Whether the account is a business account (Instagram)

This data is sourced from publicly available profiles and content. Creators whose data is collected are not direct users of the Service and have not provided consent to us directly. Our legal basis for processing this data is legitimate interest in enabling brand-creator partnerships using publicly available information (see Section 7).

Payment information

Payment processing is handled by Stripe. We store your Stripe customer ID and subscription ID but do not store full credit card numbers. Payment method tokens are managed entirely by Stripe.

Server logs

Standard server logs including IP addresses, user-agent strings, request timestamps, and API response codes. These are used for security monitoring and debugging.

2. How We Use Your Information

  • Authenticating your sessions and managing workspace access.
  • Running discovery pipelines on your behalf (searching YouTube, TikTok, Instagram).
  • Scoring creators for brand fit using AI models.
  • Generating outreach draft messages using AI models.
  • Classifying custom system prompts for content safety using AI models.
  • Enforcing usage quotas and billing overage charges.
  • Sending transactional emails (invites, password resets, billing notifications).
  • Monitoring platform health, debugging issues, and improving the Service.

3. AI Processing

The Service sends data to third-party AI providers for the following purposes:

  • Creator scoring: Creator metadata (handle, platform, follower count, content summaries, engagement metrics) is sent to OpenAI to generate a brand-fit score, summary, niche tags, and rationale.
  • Draft generation: Creator metadata and evidence URLs are sent to OpenAI to generate outreach message drafts and subject lines.
  • Prompt classification: Custom system prompts submitted by tenants are sent to OpenAI for content safety classification before storage.
  • Prompt generation (Phase 2): Brand descriptions (provided by the tenant, not stored) are sent to OpenAI to generate suggested system prompts.

Data sent to OpenAI is processed under OpenAI's API data usage policy. As of the effective date, OpenAI does not use API inputs for model training.

4. Data Sharing and Sub-Processors

We do not sell your data. We share data only with sub-processors necessary to operate the Service:

  • Stripe — payment processing and subscription management
  • OpenAI — AI-powered scoring, drafting, classification, and generation
  • Apify — data collection from TikTok and Instagram public APIs
  • YouTube Data API v3 — data collection from YouTube (operated by Google). YouTube API usage is subject to Google's Privacy Policy.
  • Resend — transactional and outreach email delivery

Each sub-processor processes data only as necessary to provide their service to us.

5. Data Retention

  • Account data: Retained while your account is active and for 90 days after deletion to allow for recovery.
  • Creator profiles and pipeline data: Retained for the lifetime of your workspace. Deleted when the workspace is deleted.
  • Prompt version history: Retained indefinitely as an immutable audit trail. Not deleted when a prompt is reverted or changed.
  • Prompt rejection log: Retained indefinitely for security audit purposes. Stores only the first 500 characters of rejected prompts.
  • Prompt generation log: Retained indefinitely. Stores only the character count of brand descriptions — the description text itself is not stored.
  • Server logs: Retained for 12 months.
  • Billing audit events: Retained indefinitely for financial compliance.

6. International Data Transfers

Your data may be transferred to and processed in the United States or other countries where our sub-processors operate (including OpenAI, Stripe, Apify, and Resend). By using the Service, you consent to the transfer of your data to these jurisdictions.

7. Rights of Creators (Non-Account Holders)

The Service collects publicly available information about content creators who are not direct users of the Service. Our legal basis for processing this data is legitimate interest: enabling brands to identify and reach out to creators whose public content aligns with their audience.

If you are a creator whose data appears in the Service and you wish to:

  • Request a copy of the data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data from the platform

Please contact us at support@soundminds.ai with your platform handle and the platform (YouTube, TikTok, or Instagram). We will process your request within 30 days.

8. Your Rights (Account Holders)

You may request a copy of your data, correction of inaccurate data, or deletion of your account at any time by contacting us. Depending on your jurisdiction, you may have additional rights under GDPR, CCPA, or other data protection laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

10. Contact

Privacy and support: support@soundminds.ai

Billing: billing@soundminds.ai