Privacy Policy

Last updated: April 12, 2026

πŸ”’ Our core promise: We never sell your personal data to anyone β€” ever.

Your information is used only to operate and improve NoteFest. That's it.

1. Who We Are

NoteFest ("we," "us," or "our") operates the NoteFest music education platform at notefest.com. This Privacy Policy explains how we collect, use, and protect your personal information when you use our Service.

2. Information We Collect

Information you provide directly:

  • Account information: name and email address (when signing in with Google)
  • Profile preferences: instrument choice, avatar
  • Feedback and contact messages you send us

Information collected automatically:

  • Learning progress: lessons completed, quiz scores, XP earned, time spent
  • Device and usage data: browser type, operating system, pages visited
  • Session data: activity within the app to improve lesson recommendations

Guest users:

If you use NoteFest without signing in, we store a temporary anonymous session ID in your browser's local storage to track your progress locally. No personally identifiable information is collected from guest users.

3. How We Use Your Information

We use the information we collect to:

  • Operate and maintain the Service
  • Track and display your learning progress
  • Personalize your learning experience
  • Process subscription payments securely via Stripe
  • Send you important service-related communications
  • Respond to your support requests and feedback
  • Improve our content, features, and lesson quality
  • Detect and prevent fraud or abuse

4. We Never Sell Your Data

NoteFest does not sell, trade, rent, or otherwise transfer your personal information to third parties for their marketing or commercial purposes. Period.

We do not run third-party advertising on NoteFest. We do not use your data to build advertising profiles.

5. Third-Party Services

We work with a small set of trusted service providers who process data on our behalf:

  • Google OAuth β€” for account sign-in (governed by Google's Privacy Policy)
  • Stripe β€” for payment processing (they receive billing info only, not learning data)
  • MongoDB Atlas β€” for secure cloud database storage of your progress
  • Vercel β€” for hosting and infrastructure

Each of these providers has their own privacy policy and is bound by data processing agreements with us. None of them are authorized to use your data for their own purposes.

6. Data Retention

We retain your account and progress data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer. Anonymized, aggregated data (e.g., aggregate quiz statistics) may be retained indefinitely.

7. Children's Privacy

NoteFest welcomes learners of all ages. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If you are a parent and believe your child under 13 has created an account without your consent, please contact us and we will delete the account promptly.

8. Cookies and Local Storage

We use browser local storage and session storage to:

  • Remember your preferences (mute settings, language)
  • Track your in-progress lessons between sessions
  • Store guest session data locally on your device

We use minimal cookies required for authentication (session cookies). We do not use tracking or advertising cookies.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you
  • Correction: Request that we correct inaccurate data
  • Deletion: Request that we delete your account and data
  • Portability: Request your data in a machine-readable format
  • Opt-out: Opt out of non-essential communications at any time

To exercise any of these rights, please contact us.

10. Security

We implement industry-standard security measures to protect your data, including encrypted connections (HTTPS), secure authentication, and access controls. However, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date and, where appropriate, by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

Questions about this Privacy Policy or your data? Contact us here or email us at violinexplained@gmail.com.