Privacy Policy

Last updated: 26 Jan 2026

At PetSongs, we respect your privacy and are committed to protecting your personal information. This Policy explains what we collect, why we collect it, how we share it, and your rights under applicable law (including the GDPR).

Controller & Contact

PetSongs is operated by DLRD Studios AB, Stockholm, Sweden. Contact: support@petsongs.io.

Data We Process

  • Account & contact details (e.g., name, email).
  • Pet info for song generation (e.g., name, species, preferences, uploads).
  • Usage, device, and technical data for security, troubleshooting, product analytics, and conversion measurement for advertising purposes (e.g., IP address, user agent, timestamps, and event identifiers).
  • Payment & billing data via Stripe (e.g., card brand/last four, billing address, transaction IDs, invoices/receipts, tax/VAT details). We do not store full card numbers; card details are submitted directly to Stripe.

Purposes & Legal Bases (GDPR)

  • Provide the Service (accounts, song generation, downloads, subscriptions) — performance of contract.
  • Security, fraud prevention, and abuse detection — legitimate interests / legal obligation.
  • Tax, accounting, and compliance (transaction records) — legal obligation.
  • Product analytics (non-essential) and marketing emails — consent (you can withdraw at any time).
  • Advertising measurement and optimization (e.g., Meta Pixel/Conversions API) — consent where required by law.

Advertising & Measurement

We use advertising and measurement services provided by Meta Platforms Ireland Ltd. (Facebook/Instagram), including the Meta Pixel and Meta Conversions API, to measure conversions, optimize ads, and show relevant advertising.

These services may collect or receive information about your interactions with our website (for example, page views and purchases). Where required by law, we process this data based on your consent.

Measurement may occur via browser-based technologies (cookies/pixels) and, where permitted, via secure server-to-server communications (server-side tracking). When we share identifiers with Meta to improve measurement accuracy, we use hashed versions (for example, a hashed email address) and do not share plain-text personal data for advertising purposes.

Processors & Transfers

We use trusted providers to operate the Service, including:

  • Stripe (payments & billing portal). Stripe acts as our processor and may act as an independent controller for fraud prevention and compliance.
  • Supabase (database/auth/storage) and Vercel (hosting).
  • Resend (transactional email).
  • Meta Platforms Ireland Ltd. (advertising measurement and optimization).
  • Music/AI generation vendors (e.g., model hosting services) used to generate your songs.

Data may be transferred outside the EEA. Where applicable, we rely on safeguards such as the EU Standard Contractual Clauses and additional measures as appropriate.

Retention & Security

We keep personal data only as long as necessary for the purposes above or as required by law. Examples:

  • Account data: for the life of your account and a reasonable period thereafter.
  • Transaction and invoice records: retained as required by accounting/tax laws (typically up to 7 years).
  • Logs and security records: retained for a limited period aligned with our security needs.
  • Generated songs/files: retained while your account is active, or until you delete them.

We apply technical and organizational measures to protect your data (e.g., encryption in transit and at rest, access controls). Stripe is PCI-DSS compliant for card processing.

AI & Model Training

We do not use your prompts, uploads, or generated songs to train our or third-party models beyond what is necessary to operate, secure, and improve the Service as described in this Policy and our agreements with vendors.

Your Rights

You may request access, rectification, deletion, restriction, portability, or object to processing where applicable. You can withdraw consent at any time. To exercise your rights, contact support@petsongs.io. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

Children

The Service is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us personal data, please contact us to request deletion.

Automated Decision-Making

We do not engage in automated decision-making that produces legal or similarly significant effects about you.

Cookies & Similar Technologies

We use essential cookies required to run the site. With your consent, we also use analytics and marketing technologies, including Meta Pixel, to understand usage and measure the effectiveness of our advertising.

Some advertising and measurement may occur without cookies (for example via server-side tracking), but only where permitted by law and based on your consent or other applicable legal basis. You can manage preferences through our cookie banner at any time.

Changes

We may update this Policy and will indicate the “Last updated” date above.