Privacy Policy

Last updated: 22 May 2026

Chordelia ("we", "us") is a beta web app for generating chord progressions, operated from New Zealand. This page explains what we collect, why, and what you can do about it. It applies to everyone who uses app.chordelia.io and this site.

Short version: we collect the minimum needed to sign you in, save your progressions, prevent abuse, and keep the service running. We don't sell your data. We don't train AI models on your content.

What we collect

Account info — when you sign in with Google, we receive your email address, name, and profile picture from Google. We do not see your Google password.
Your content — chord progressions you save, settings, and preferences.
Usage data — generation counts (for the 100/day rate limit) and basic action logs.
Technical data — IP address, user agent, and request timestamps in our server logs, used for security, debugging, and abuse prevention.
Analytics — anonymous, cookieless page-view analytics via Swetrix. No personal identifiers, no cross-site tracking.

How we use it

To run the service — sign you in, save your work, generate progressions on request.
To enforce limits and prevent abuse.
To respond to you when you contact us.
To improve the product (aggregate, non-identifying patterns of use).

What we don't do

We don't sell or rent your personal data.
We don't use your saved progressions or generations to train AI models.
We don't share your data with advertisers.

Who we share data with

A small number of service providers, only as needed to run Chordelia:

Google — sign-in (OAuth).
Our hosting provider — to host the app, database, and logs.
Swetrix — anonymous analytics.

We may disclose data if legally required (e.g., a valid court order).

Where data is stored and for how long

Data is stored on servers we control. We keep your account and saved progressions for as long as your account exists. Server logs are kept for up to 90 days. If you delete your account, we delete your account info and saved content within 30 days, except where we're required to keep records.

Your rights

Wherever you are, you can email us to:

Access a copy of your data.
Correct or update it.
Delete your account and associated data.
Object to or restrict certain processing.

If you're in the EU/UK (GDPR) or California (CCPA), you have these rights under those laws. We honour them globally.

Cookies

We use a single session cookie to keep you signed in. We do not use advertising or tracking cookies. Our analytics provider (Swetrix) is cookieless.

Children

Chordelia is not directed at children under 16. If you believe a child has provided us data, email us and we'll delete it.

Changes to this policy

If we make material changes, we'll update the date at the top and, where appropriate, notify you in-app. Continued use after changes means you accept the updated policy.

Contact

Questions, requests, or concerns? Email hello@chordelia.io.