How we handle your personal data.

Soundscaper is operated by Kenjin (“we”, “us”), a company registered in England and Wales. We are the data controller for personal data processed in connection with this service. Contact: [email protected].

For UK GDPR, our supervisory authority is the Information Commissioner's Office (ICO). For EU GDPR matters, please contact us first; we'll route to the appropriate supervisory authority if needed.

The categories of personal data we process when you use Soundscaper:

• Account identifiers: email address, hashed password, optional display name, account creation timestamp.
• Subscription data: plan, recording credit balance, archive flag, billing identifiers from Stripe / Apple App Store / Google Play / RevenueCat.
• Recording metadata: session id, length, listening context, support areas chosen, chosen surface and embedding visibility, optional in-session cue selection, optional display title, favourite flag, last-played-position.
• Recording content: the master audio file of any soundscape you compose, while you have an active subscription (plus a 90-day grace period).
• Journal entries: body text, entry type, optional stress / energy values, optional linked session id.
• Notification tokens: push tokens you choose to register.
• Operational logs: request id, IP address, HTTP method and status code, timestamps — for uptime and abuse prevention.

We don't process your raw intake text. Intake is parsed by an on-device language model; only the structured intent profile is transmitted as part of the session-creation request.

Under UK and EU GDPR, we rely on the following lawful bases:

• Performance of a contract (Article 6(1)(b)): processing necessary to provide the account, subscription, recording library, and journal features you sign up for.
• Legitimate interests (Article 6(1)(f)): operational logging for uptime and abuse prevention, anonymised crash reporting (mobile app), reconciliation of subscription state across platforms.
• Consent (Article 6(1)(a)): marketing emails (where offered), push notifications, opt-in Insights reflection signals.
• Legal obligation (Article 6(1)(c)): retention of billing records as required by UK tax and accounting law.

• Account state: for the lifetime of your account. Deleted within 30 days of an account deletion request.
• Recording masters: for the duration of your active subscription, plus a 90-day grace period after lapse.
• Recording metadata and journal entries: for the lifetime of your account. Deleted within 30 days of an account deletion request.
• Operational logs: 30 days, then deleted.
• Billing records: 7 years, per UK tax law (HMRC requirement). Limited to the financial-record fields needed for tax compliance.

You have the right to:

• Access your personal data — via the Export tool in your Account hub or by emailing us.
• Rectify inaccurate personal data — via your account settings or by emailing us.
• Erasure — via the Delete tool in your Account hub.
• Restrict processing, object to processing, and data portability — by emailing us.
• Withdraw consent at any time for processing based on consent (notifications, Insights signals, and similar) — via the relevant setting or by emailing us.
• Lodge a complaint with the ICO (UK) or your local supervisory authority (EU).

We respond to data-subject requests within 30 days. No fee, unless requests are manifestly unfounded or excessive.

Our infrastructure runs primarily within the UK and the European Economic Area. Where transfers outside the UK / EEA are necessary (for example, to certain Apple or Google notification endpoints), we rely on Standard Contractual Clauses or equivalent transfer mechanisms recognised by the ICO and the European Commission.

The public website uses no analytics cookies, advertising cookies, or third-party tracking technologies. The signed-in member area uses a small number of strictly necessary cookies for authentication and session continuity.

We don't use cookies for behavioural profiling. There's no analytics consent banner because there's nothing to consent to.

Account passwords are hashed with a modern slow-hash algorithm. Transport between client and server is encrypted with TLS. Recording masters at rest in cloud storage are encrypted by the storage provider. Access to production data is limited to a small number of authorised engineers, and audited.

Soundscaper is intended for users 18 and over. We don't knowingly collect personal data from children under 18. If we become aware we have, we delete it.

We'll post material changes to this page with a new “last updated” date. Substantive changes affecting your rights or how we process your data will be notified by email at least 14 days before they take effect.