Cookie preferences

We use cookies to improve your experience. Learn more

Privacy Policy

Last updated: December 2024

Introduction

Chorducate ("we", "our", or "us") is a company registered in England and Wales. We are committed to protecting your privacy and handling your data transparently.

This Privacy Policy explains how we collect, use, and protect your information when you use Chorducate at chorducate.com (the "Service").

Information We Collect

Account Information: When you create an account, we collect your email address, display name, and profile information you choose to provide. If you sign in with Google, we receive your name, email, and profile picture from Google.

Content You Create: We store the fretboard diagrams, whiteboards, and other content you create using our Service. This includes drawings, text, images you upload, and any metadata (titles, descriptions, tags).

Usage Data: We automatically collect information about how you use the Service, including pages visited, features used, and interactions. This helps us improve the product.

Device Information: We collect basic device information such as browser type, operating system, and screen size to ensure the Service works correctly.

How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Save and sync your content across sessions
  • Send important service updates and security notices
  • Respond to your support requests
  • Improve the Service based on usage patterns
  • Detect and prevent fraud or abuse
  • Process donations and payments (if applicable)

Third-Party Services

We use the following third-party services to operate Chorducate:

  • Neon (Database): Stores your account and content data securely in the cloud.
  • Cloudflare R2 (Storage): Stores images, thumbnails, and exported files.
  • PostHog (Analytics): Helps us understand how users interact with the Service to make improvements. You can opt out of analytics tracking.
  • Sentry (Error Monitoring): Collects error reports to help us fix bugs quickly.
  • Stripe (Payments): Processes donations and payments securely. We do not store your payment card details.
  • Resend (Email): Sends transactional emails like verification codes and password resets.
  • Google (Authentication): If you choose to sign in with Google, Google provides us with basic profile information.

Cookies and Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Required for the Service to function (authentication, session management).
  • Analytics Cookies: Help us understand usage patterns (PostHog). You can opt out of these.

You can control cookie preferences through our cookie consent banner or your browser settings.

Data Sharing

We do not sell your personal data. We only share data with third parties as described above (service providers) or when:

  • You give us explicit consent
  • Required by law or legal process
  • Necessary to protect our rights or safety

Public Content: If you make your diagrams or profile public, this content is visible to anyone and may be indexed by search engines.

Data Retention

We retain your account data and content for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

Anonymous usage data may be retained indefinitely in aggregated form for analytics purposes.

Your Rights (UK/EU Users)

Under UK GDPR and EU GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a portable format
  • Object: Object to processing of your data
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@chorducate.com.

Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS)
  • Secure password hashing (bcrypt)
  • Access controls and authentication
  • Regular security reviews

Children's Privacy

Chorducate is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, please contact us.

International Transfers

Your data may be transferred to and processed in countries outside the UK/EU. Where this happens, we ensure appropriate safeguards are in place (such as standard contractual clauses) to protect your data.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the Service or sending you an email.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Email: privacy@chorducate.com

Chorducate
United Kingdom