Privacy Policy

Effective date: June 15, 2026 · Version 2026-06-15

Piano Nova is operated by Ivan Shapovalov, an individual based in Cyprus ("we", "us", "Piano Nova"). This policy explains what personal data we process when you use Piano Nova, why, and the rights you have. We are the data controller.

1. Data We Collect

• Account data — your email address and name, collected when you register.
• Authentication data — handled by Supabase Auth (including Google sign-in, if you use it).
• Payment data — subscriptions and payments are processed by Stripe. We do not see or store your full card details; we receive limited billing metadata (e.g. plan, status, last four digits) from Stripe.
• Content you upload — the music scores you upload and the MusicXML we generate from them, stored via Supabase Storage.
• Usage data — anonymous analytics (pages visited, device, approximate country) via Google Analytics, only if you accept cookies.
• Terms acceptance — the version of our Terms and Privacy Policy you accepted at registration, with a timestamp.

2. Why We Process It & Legal Bases

• To provide the service (account, score processing, playback, subscriptions) — legal basis: performance of a contract.
• To take payment — performance of a contract.
• To send service emails (verification, password reset, billing) — performance of a contract, and our legitimate interest in keeping your account secure and operating the service you requested.
• To understand and improve the product via analytics — consent (cookie banner).
• To keep records of terms acceptance — our legitimate interest in holding proof that you agreed to our Terms and Privacy Policy.

We do not send marketing emails without a separate opt-in, and we never sell your data.

3. Service Providers

We share data with processors strictly to run the service:

• Supabase — authentication, database & file storage (EU-hosted).
• Stripe — payment processing.
• Resend — transactional email delivery.
• A cloud compute provider — on-demand processing of uploaded scores into MusicXML.
• Cloudflare — hosting & content delivery.

4. Storage & Security

Data is encrypted in transit (TLS) and at rest. We use reputable providers and keep access limited to the operator.

5. How Long We Keep It

• Account data — for as long as your account exists.
• Uploaded scores & generated files — while your account exists; access is tied to an active subscription (see our Terms of Service). If a subscription lapses, files are retained but locked, and may be deleted after 12 months of inactivity.
• Terms-acceptance records — retained for the life of the account as legal proof.

You can ask us to delete your account and data at any time.

6. Your Rights (GDPR)

As an EU resident or someone whose data we process, you have the right to access, rectify, erase, restrict, object to, and port your data. Where we rely on consent (e.g. analytics cookies), you may withdraw it at any time; withdrawal does not affect the lawfulness of processing carried out before it. To exercise any right, email contact@piano-nova.com; we respond within 30 days. You may also lodge a complaint with the Office of the Commissioner for Personal Data Protection of Cyprus.

7. Cookies & Analytics

We use Google Analytics (GA4) only after you accept cookies. IP addresses are anonymized. You can withdraw consent by clearing cookies or using the opt-out add-on.

8. International Transfers

Supabase hosts our authentication, database, and file storage in the EU. Some other providers — Stripe, our cloud compute provider, Cloudflare, and Google Analytics — may process data in the United States or other countries outside the EU/EEA. Such transfers rely on appropriate safeguards, principally the European Commission's Standard Contractual Clauses or an adequacy decision. You can request a copy of the relevant safeguards by emailing contact@piano-nova.com.

9. Children

Piano Nova is not directed at children under 16. If you are under 16, please use Piano Nova only with the consent of a parent or guardian.

10. Automated Decision-Making

We convert your uploaded scores to a playable format using automated optical music recognition. This processing produces MusicXML from your files; it does not make any automated decisions that produce legal effects concerning you or similarly significantly affect you. We do not carry out profiling.

11. Changes to This Policy

We may update this policy; the version identifier and effective date above will change. Material changes will be communicated by email or in-app.

12. Contact

Questions or requests? Email contact@piano-nova.com.