WaveAlign Logo

Privacy Policy

Last Updated: September 2, 2025

Data Controller

WaveAlign
Email: contact@wavealign.com

Note on Children

Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal data from minors.

1. Introduction

Welcome to WaveAlign. We are committed to protecting your privacy and handling your personal data in a transparent and secure manner. This Privacy Policy describes how we collect, use, and share your personal data when you:

  • Visit our website (the "Site")
  • Use our desktop application (the "App")

Important Note for Beta Users: During the beta testing period, data collection is mandatory for desktop application users to help us improve the software. Full privacy controls will be available in the final release.

Please read this policy carefully. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Data We Collect

2.1 Website Data Collection

Information You Provide:

  • Email Address: When you sign up for our beta program through the provided form
  • Marketing Consent: Whether you have provided explicit consent to receive marketing communications

Data Collected Automatically (using Cookies and Tracking Technologies):

  • Usage Data: Information about how you access and use the Site, including your IP address, browser type, operating system, referring URLs, pages viewed, time spent on pages, and clicks
  • System Information: Operating system and version, browser type and version, device type, user agent string, browser language settings
  • Location Data: IP address and approximate geographic location (city, country, postal code, timezone) derived from IP address
  • Display Information: Screen resolution and viewport/window size
  • Identifiers: Pseudonymous identifiers assigned to your browser or device (such as cookie IDs, PostHog distinct IDs, session IDs, device IDs)
  • Feature Flag Data: A/B test assignments and feature flag configurations for website optimization
  • Server Logs: Our hosting provider automatically collects standard server logs, which may include your IP address, browser type, page requests, and timestamps

2.2 Desktop Application Data Collection

During the beta testing period, data collection is mandatory for all users to help us improve the application. By using the beta version, you agree to this data collection.

Application Metadata:

  • App Version: Retrieved from application initialization
  • App Lifecycle Events: When the app starts (app_opened), closes (app_closed), and when analytics consent is granted (analytics_consent_accepted)

User Interface Interactions:

  • Button Clicks: Process button interactions (start/cancel actions), feedback button clicks, settings dialog openings
  • Settings Changes: Target loudness adjustments with previous and new values
  • Path Selections: Length (character count) of selected input paths, output paths, and backup paths (actual file paths are never collected)
  • Dead Click Tracking: Clicks on disabled interface elements for user experience analysis, including element identifiers

Audio Processing Data (Per Track): For each processed audio file, we collect:

  • File Extension: .mp3, .wav, .flac, .aiff, .aif - no other information about the processed file
  • Loudness Measurements: Original and adjusted loudness values (LUFS), original and adjusted peak values (dB)
  • Processing Status: Whether tracks were skipped due to clipping, caching, unsupported format, or processing errors

Technical Data Collected Automatically (via PostHog):

  • System Information: Operating system and version, browser engine details, device type
  • Network Data: IP address and approximate geographic location (city, country, timezone) derived from IP address
  • Display Information: Screen resolution and viewport/window dimensions
  • Session Data: Pseudonymous session and device identifiers for analytics correlation
  • Library Information: PostHog SDK version and configuration details

Privacy Safeguards in Desktop App:

  • Only file extensions are collected, never full file paths or file names
  • Only path lengths collected, not actual directory structures
  • Identifiers are pseudonymous (randomly generated, not personally identifiable)
  • Geographic data is approximate (city-level, derived from IP address)
  • Data collection limited to supported audio formats only
  • Beta Period: Data collection is required for beta participation to help us improve the application

3. How We Use Your Data (Purpose and Legal Basis)

3.1 Website Data Usage

To Process Your Beta Signup:

  • Purpose: Add you to our beta waiting list and manage your request to join the beta program
  • Legal Basis: Necessary to take steps at your request prior to entering a contract or our Legitimate Interest in managing our beta program

To Send You Marketing Communications:

  • Purpose: Inform you about WaveAlign beta launch, provide updates, and send marketing information
  • Legal Basis: Your explicit Consent, obtained through the checkbox on the signup form

To Analyze Site Usage and Improve the Site:

  • Purpose: Understand how visitors use our Site, measure traffic, analyze user flows, identify popular content, and measure effectiveness of features
  • Legal Basis: Your explicit Consent, obtained through the analytics consent banner

3.2 Desktop Application Data Usage

To Improve Application Performance and User Experience (Beta Period):

  • Purpose: Understand how users interact with the application, identify usability issues, measure feature effectiveness, and optimize the user interface during beta testing
  • Legal Basis: Necessary for the performance of our beta testing agreement with you, and our Legitimate Interest in developing and improving our software

To Enhance Audio Processing Features (Beta Period):

  • Purpose: Analyze processing patterns, identify common issues, improve audio processing algorithms, and ensure compatibility with various audio formats
  • Legal Basis: Necessary for the performance of our beta testing agreement with you, and our Legitimate Interest in developing and improving our software

To Provide Technical Support (Beta Period):

  • Purpose: Diagnose technical problems, understand error patterns, and improve application stability during the beta testing phase
  • Legal Basis: Necessary for the performance of our beta testing agreement with you, and our Legitimate Interest in developing and improving our software

3.3 Shared Purposes (Website and Desktop App)

For Security and Troubleshooting:

  • Purpose: Monitor for and prevent fraudulent or malicious activity, diagnose technical problems, and maintain security
  • Legal Basis: Our Legitimate Interest in protecting our services and business operations

To Comply with Legal Obligations:

  • Purpose: Comply with applicable laws, regulations, and legal processes
  • Legal Basis: Compliance with a legal obligation

4. How We Share Your Data (Third Parties)

We share your personal data with third-party service providers who perform services on our behalf. These third parties are obligated to protect your data and use it only for the purposes we specify.

Brevo (Email Marketing Service): We share your email address and marketing consent status with Brevo to manage our email contact list and send you beta announcements and marketing communications (website only).

PostHog (Analytics and A/B Testing): We share usage data, identifiers, and event information with PostHog to perform:

  • Website analytics, A/B testing, and feature flag management (website data)
  • Application usage analytics and user experience analysis (desktop app data, mandatory during beta testing period)
  • Geographic and technical data processing for both website and desktop analytics

Hosting Provider: Your website data, including server logs, is processed and stored by our hosting provider as necessary to operate the Site.

We do not sell your personal data. We may also disclose your data if required by law or in response to valid requests by public authorities.

5. Cookies and Tracking Technologies

5.1 Website Cookies

Essential Cookies: Strictly necessary for Site operation (e.g., remembering consent preferences). Based on our legitimate interest in providing a functional website.

Analytics Cookies: Used by PostHog to collect information about Site usage. Only placed with your explicit consent via the consent banner.

Cookie Duration: Essential cookies expire at session end or after a few days. Analytics cookies may persist for up to 1–2 years unless deleted or consent is withdrawn.

5.2 Desktop Application Tracking

The desktop application uses PostHog for analytics with:

  • capture_pageview: Disabled (no automatic page view tracking)
  • Data Collection: System information, usage events, and geographic data (mandatory during beta testing period)
  • Identifiers: Pseudonymous session and device identifiers for analytics correlation
  • Beta Requirement: Data collection cannot be disabled during the beta testing phase as it is essential for improving the application

6. Data Retention

Email Address and Marketing Consent: Retained while you remain subscribed to our mailing list or until you withdraw consent, unless a longer retention period is required by law.

Website Analytics Data: Stored according to PostHog's retention settings and our account configuration.

Desktop Application Analytics Data: Stored according to PostHog's retention settings and our account configuration. You can request deletion of your application analytics data at any time.

Audio Processing Data: Aggregated and anonymized processing statistics may be retained to improve our algorithms, but individual track data is not linked to personal identifiers.

7. Data Security

We have implemented appropriate technical and organizational security measures designed to protect your personal data from accidental loss and unauthorized access, use, alteration, and disclosure. However, no method of transmission over the Internet or electronic storage is 100% secure.

Desktop Application Security: Analytics data from the desktop application is transmitted using secure protocols and encrypted in transit.

In the event of a personal data breach, we will notify affected individuals and regulators as required by law.

8. Your Data Protection Rights

Depending on your location and applicable laws (such as GDPR), you may have the following rights regarding your personal data:

  • Right to Be Informed — Know what data we collect and how we use it
  • Right to Access — Request a copy of the personal data we hold about you
  • Right to Rectification — Ask us to correct inaccurate data
  • Right to Erasure — Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing — Ask us to limit how we use your data
  • Right to Data Portability — Receive your data in a portable format
  • Right to Object — Object to processing based on legitimate interest or direct marketing
  • Right to Withdraw Consent — Withdraw consent for marketing or analytics at any time
  • Right to Lodge a Complaint — Contact a data protection authority if you believe your rights are violated

9. How to Exercise Your Rights

To exercise your rights or withdraw consent, contact us at contact@wavealign.com.

9.1 Website Consent Management

Withdraw Marketing Consent: Click the "unsubscribe" link in any marketing email or contact us directly.

Withdraw Website Analytics Consent: See the bottom of this page to clear your previous choice and re-trigger the cookie banner.

9.2 Desktop Application Consent Management

During Beta Testing Period:

  • Data collection is mandatory for beta participation and cannot be disabled
  • You maintain all other data protection rights (access, rectification, erasure after beta participation ends)
  • Contact us directly to exercise your rights or if you wish to discontinue beta participation

Post-Beta Release:

  • Full consent management controls will be available in application settings
  • You will be able to opt out of analytics data collection in the final release

10. International Data Transfers

Your personal data may be transferred outside your jurisdiction (e.g., to the US). These countries may have different levels of data protection than your own.

We rely on safeguards such as the EU Standard Contractual Clauses (SCCs) to protect your data when transferring from the EU/UK. You may request a copy of these clauses by contacting us.

11. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be published on this page with a revised "Last Updated" date. For desktop application users, we will also notify you of significant changes through the application itself. We encourage you to review this page regularly.

12. Contact Us

If you have questions about this policy or want to exercise your data rights, contact us:

Email: contact@wavealign.com

For desktop application-specific privacy questions, please include "Desktop App Privacy" in your subject line.

If you want to change your cookie preferences or see the consent banner again, you can do so here: