Resonate

Legal

Privacy Policy

Last updated: April 17, 2026

1. What we collect

To run Resonate we collect:

  • Account information — your email, password (hashed), full name and role (artist or producer).
  • Profile content — bio, genres, location, avatar, portfolio links, rates, equipment, demos and social links you choose to add.
  • Activity — inquiries you send/receive, messages, reviews you write.
  • Technical data — IP address, browser type and basic usage logs for security and abuse prevention.

2. How we use it

We use your information only to:

  • Operate the service (show your profile, deliver inquiries and messages)
  • Authenticate you and keep your account secure
  • Send transactional emails (signup, password reset, inquiry notifications)
  • Investigate abuse, fraud or terms violations

We don’t sell your data. We don’t use it to train third-party AI models.

3. Who we share it with

We share data only with:

  • Other users — your public profile (name, avatar, bio, portfolio) is visible to anyone visiting your page. Your email is shared with a producer or artist only when you explicitly send/accept an inquiry.
  • Infrastructure providers — Supabase (database, auth, storage) and Resend (email delivery). These providers process data on our behalf under their own privacy commitments.
  • Legal requests — when required by law or to protect the safety of users.

4. Your rights

You can at any time:

  • Edit or remove the content on your profile from your dashboard
  • Request a copy or full deletion of your account by emailing hello@resonate.app
  • Object to a particular use of your data

We’ll respond to verified requests within 30 days. If you’re in the EU/UK you have additional rights under GDPR; we follow the same process for everyone.

5. Data retention

We keep account data for as long as your account is active. After deletion we remove your personal information within 30 days, except where we’re legally required to keep certain records.

6. Security

We use industry-standard encryption in transit (TLS) and at rest. Passwords are hashed and never stored in plain text. Sign-up passwords are checked against the Have I Been Pwned database to block known-breached credentials. No system is perfectly secure — choose a strong, unique password and tell us at the email above if you suspect anything off.

7. Children

Resonate is not intended for anyone under 16. We don’t knowingly collect data from children. If you believe a child has signed up, email us and we’ll remove the account.

8. Changes to this policy

We’ll post any updates here and notify active users by email when changes are material.

9. Contact

Privacy questions: hello@resonate.app