Privacy Policy

StrikeSense is the controller for personal data processed through the website, account system, desktop application, and support channels, except where a third party such as Paddle acts as an independent controller for payment processing.

For privacy requests, contact support@strikesense.app.

• Account data: email address, password hash, email verification status, authentication tokens, subscription status, and account identifiers.
• Billing data: Paddle customer identifier, plan selected, transaction or subscription identifiers, payment status, renewal or cancellation status, invoices, tax information, and refund status. Full card numbers and card security codes are processed by Paddle and are not stored by StrikeSense.
• App and detector data: app version, device or installation identifiers, selected audio source settings, detection timestamps, likely track matches, confidence levels, rights status labels, and error logs needed to operate the detector.
• Website and technical data: IP address, browser type, device information, pages viewed, approximate location derived from IP address, cookies or similar identifiers, and security logs.
• Support data: messages, attachments, account references, diagnostics, and any information you choose to provide when contacting us.

StrikeSense processes selected desktop audio signals to recognize likely music matches and check rights status. The app is intended to process audio for detection and risk-warning purposes, not to publish your audio or make it publicly available.

Depending on app configuration and service operation, short audio-derived fingerprints, detection metadata, and match results may be processed to provide the service, prevent abuse, improve accuracy, diagnose issues, and support your account. We do not use your audio workflow to grant legal clearance or certify ownership of rights.

• Contract performance: creating accounts, authenticating users, providing paid access, operating detection features, managing subscriptions, and delivering support.
• Legitimate interests: securing the service, preventing fraud and abuse, debugging, improving product reliability, measuring feature performance, and communicating service updates.
• Legal obligations: tax, accounting, consumer protection, payment dispute, and compliance recordkeeping.
• Consent: optional marketing emails, optional analytics where required, and non-essential cookies where consent is legally required.

Payments are handled by Paddle. When you check out, Paddle receives and processes payment details, billing address, tax location, fraud-screening data, and transaction records needed to complete the purchase and meet legal obligations.

We receive payment status, customer identifiers, plan information, transaction identifiers, subscription identifiers, and related billing events so that we can activate, renew, cancel, or refund access.

• Hosting and infrastructure providers that run the website, API, database, logs, and file delivery.
• Paddle for checkout, subscriptions, invoices, taxes, payment processing, fraud prevention, and refunds.
• Email providers for transactional emails such as verification, password reset, receipts, and support communication.
• Rights, recognition, analytics, monitoring, and security providers where needed to operate the detector and protect the service.
• Authorities, advisers, payment networks, or dispute bodies where required by law or needed to establish, exercise, or defend legal claims.

Personal data may be processed in Hungary, the European Union, the European Economic Area, the United Kingdom, the United States, or other countries where our providers operate. Where required, we use appropriate safeguards such as adequacy decisions, standard contractual clauses, contractual controls, and security measures.

• Account data is kept while your account is active and for a reasonable period after closure for security, backup, dispute, and compliance purposes.
• Billing and tax records are retained for the period required by applicable accounting, tax, payment, chargeback, and consumer protection rules.
• Detector logs and technical diagnostics are kept only as long as reasonably needed for operation, security, debugging, and abuse prevention unless a longer period is required for a dispute or legal obligation.
• Support records are retained as long as needed to resolve your request and maintain a reliable support history.

Subject to legal conditions, you may request access, correction, deletion, restriction, portability, objection to processing based on legitimate interests, and withdrawal of consent where processing is based on consent.

You also have the right to complain to a supervisory authority. In Hungary, the supervisory authority is the National Authority for Data Protection and Freedom of Information, also known as NAIH.

We use technical and organizational measures designed to protect personal data, including access controls, password hashing, transport security, least-privilege access, logging, backups, and provider security reviews. No system is completely secure, so you should keep your account credentials private and report suspected unauthorized access promptly.

StrikeSense is not directed to children under 16. If you believe a child provided personal data without appropriate permission, contact support@strikesense.app so we can review and delete the data where required.

We may update this policy when the service, providers, laws, or data practices change. The effective date shows when the current version applies. Material changes will be communicated in a reasonable way.