Last updated: March 1, 2026
Privacy Policy
This policy explains what SelfTalk collects, how we use it, and the controls available for your data.
1. Information we collect
Data used to operate SelfTalk
- Account information
- When you sign in we collect your name, email address, and profile picture through Google or Spotify OAuth. We do not store your password. Authentication is handled entirely by the OAuth provider.
- Spotify data
- When you connect Spotify, we access your Spotify user ID, playback state, and currently playing track to power the synchronized player. We never access your Spotify payment information or private messages.
- Affirmation and music content
- Custom affirmation text, song prompts, lyrics, voice profile metadata, and AI-generated audio files are stored securely in Supabase and associated with your account so you can access them across sessions.
- Voice support memory and sessions
- When you use Voice Support, we may store support memories, session summaries, and transcripts so SelfTalk can provide continuity across coaching conversations. Open Support Data Controls
- Usage and playback preferences
- We store playback preferences like volume, shuffle, loop mode, and last-played track in your browser localStorage so your session restores cleanly.
- Billing information
- Subscription billing is processed by Stripe. We never see or store your full credit card number. Stripe provides us with a customer ID and subscription status only.
- Automatically collected data
- Our servers may log your IP address, browser type, referring URL, and pages visited. This data is used for security monitoring and aggregate analytics and is not sold to third parties.
2. How we use information
Product operation and account security
- Provide, maintain, and improve the SelfTalk service.
- Restore playback state and preferences between sessions.
- Generate personalized AI affirmation audio from submitted text.
- Generate AI music, lyrics, and song direction from prompts you submit.
- Process subscription payments and manage your account.
- Send transactional emails such as subscription confirmations and password resets.
- Detect and prevent fraud, abuse, or unauthorized access.
- Comply with legal obligations.
3. Third-party services
Providers that process product data
| Provider | Purpose | Policy |
|---|---|---|
| Kie.ai | AI music generation provider | View policy |
| Spotify | Optional music streaming and playback | View policy |
| Supabase | Authentication, database, and file storage | View policy |
| Stripe | Subscription billing and credit top-ups | View policy |
| OpenAI | AI affirmation, lyric, style, and voice generation | View policy |
4. Cookies and local storage
Session state, not advertising pixels
SelfTalk uses browser localStorage for playback preferences and session state, plus Supabase Auth session cookies for authentication. We do not use advertising cookies or tracking pixels. Clearing browser storage resets playback preferences.
5. Data retention
Stored while your account is active
After account deletion, we delete or anonymize personal data within 30 days unless legal or financial rules require retention. Billing records may remain for up to 7 years. AI-generated audio files are deleted immediately.
6. Your rights
Access, correction, deletion, portability, and objection
- Access
- Request a copy of the data we hold about you.
- Correction
- Ask us to correct inaccurate data.
- Deletion
- Request deletion of your account and personal data.
- Portability
- Receive your data in a portable format.
- Objection
- Object to certain types of processing.
7. Children's privacy
SelfTalk is not directed at children under 13. Contact us if you believe a child provided personal information so we can delete it.
8. Security
We use HTTPS, Supabase row-level security, and Stripe PCI-compliant payment infrastructure. No system is completely secure, so use strong, unique account credentials.
9. Changes
We may update this policy. Significant changes will update the date above and may include an email or in-app notice.