Privacy policy.
Cadence listens. On your phone. Nothing leaves.
This page explains precisely what the app processes, what stays local, what is sent to a server, and your rights.
The essentials
The audio you play is never sent to a server. Chord detection runs entirely on your iPhone. Cadence only collects data necessary for your account (email, password) and for product improvement (anonymous or pseudonymized).
The ChordNet V1.3b detection engine runs in CoreML on your device. No audio fragment, no note, no detected chord transits through our servers.
Who processes your data
Data controller: Max J., independent developer, publisher of the Cadence application.
Contact: contact@cadence-music.app
Cadence is currently in closed TestFlight beta. Full legal information (business status, registered address) will be published at public launch.
What Cadence processes
Audio — processed locally, never collected
When you play, the microphone captures sound. Audio is analyzed in real time on your iPhone by the embedded detection engine. Recognized chords are saved to your session. Raw audio is not stored, not sent, not retained.
User account
| Data | Purpose | Legal basis |
|---|---|---|
| Account creation, authentication, transactional communication | Contract performance | |
| Password (hashed) | Authentication | Contract performance |
| Apple ID (Sign in with Apple) | Simplified authentication | Contract performance |
| Progressions, sessions, notes | Storage of your creations | Contract performance |
Product analytics
| Data | Purpose | Legal basis |
|---|---|---|
| Anonymized usage events | Understanding how the app is used, prioritizing improvements | Legitimate interest |
| Device model, iOS version | Compatibility, debugging | Legitimate interest |
| Errors and technical traces | Bug detection and resolution | Legitimate interest |
On the cadence-music.app website
| Data | Purpose | Legal basis |
|---|---|---|
| Email (waitlist signup form) | Launch notification | Consent |
Technical subprocessors
To operate, Cadence relies on providers bound by confidentiality commitments and GDPR compliance:
| Provider | Role | Hosting |
|---|---|---|
| Supabase | Authentication, database | European Union |
| PostHog | Product analytics | European Union |
| Sentry | Technical error tracking | United States (Standard Contractual Clauses) |
| Apple | iOS distribution, Sign in with Apple | United States (DPF) |
| Vercel | Website hosting | United States (DPF) |
| Tally | Waitlist form | European Union |
Retention period
- User account: retained as long as your account is active. Deleted on request, or automatically after 24 months of inactivity.
- Anonymized product data: 14 months maximum.
- Waitlist email: kept until public launch, then purged within 90 days.
- Technical logs: 30 days.
Your rights
Under the GDPR, you have the following rights regarding your personal data:
- Access, rectification, erasure.
- Objection to processing, restriction.
- Portability.
- Define post-mortem directives.
- Lodge a complaint with a supervisory authority (CNIL in France).
To exercise these rights: contact@cadence-music.app. Response within 30 days.
Security
Passwords hashed (bcrypt), encryption in transit (TLS 1.3), encryption at rest on Supabase, access to data limited to what is strictly necessary.
Cookies
The iOS application does not use cookies. The cadence-music.app website only uses strictly necessary technical cookies. Details on the Cookies page.
Minors
Cadence is not intended for children under 15. No intentional collection of data concerning minors.
Changes
This policy may evolve. Substantial modifications are notified by email or in the application. The update date appears at the top of this page.