TESSERING

Privacy Policy

Effective date: May 27, 2026

This policy explains what data Tessering collects, how we use it, and the choices you have. Tessering is operated by Umytjan Baynazarov (sole proprietor), based in Dallas, Texas, United States ("we", "us", "our"). For any privacy question or request, email privacy@tessering.com.

We sell a fully browser-based service globally. Depending on where you live, laws such as the EU/UK GDPR or U.S. state privacy laws may give you specific rights, described below.

What we collect

Account information. When you sign up, we collect your email address and basic authentication details. If you sign in with a third-party provider (such as Google), we receive a limited identifier from them to log you in. Authentication and account data are handled through Supabase.

Your content. We store the projects, audio stems, and related files you create or upload, along with settings needed to reproduce your work (for example, spatial positions and timeline data). We store this so the Service works — we don't use your audio for anything other than operating Tessering for you.

Export and usage data. We collect basic technical and usage information — such as export metadata, session activity, feature usage, and error logs — to operate, secure, and improve the Service.

Payment information. Payments are handled by Paddle, our Merchant of Record. Paddle collects and processes your payment details directly under its own privacy policy. We do not receive or store your full card details. We receive limited information such as your subscription status and the receipts/records needed to manage your account.

How we use your data

We use your data to:

  • provide and operate the Service (run your projects, generate exports, keep you logged in);
  • manage your subscription and account;
  • keep the Service secure and prevent abuse;
  • fix problems and improve features;
  • communicate with you about your account, important changes, or support requests;
  • comply with legal obligations.

Legal bases (for users in the EU/UK)

Where the GDPR applies, we rely on: performance of a contract (to provide the Service you signed up for), legitimate interests (to secure and improve the Service), consent (where we ask for it), and legal obligation (where the law requires).

Who we share data with

We don't sell your personal data. We share it only with service providers that help us run Tessering, under agreements that limit how they use it:

  • Supabase — database, authentication, and file storage.
  • Paddle — payment processing and Merchant of Record (billing, tax, receipts).
  • Netlify — website and application hosting.

We may also disclose data if required by law, to protect our rights or users' safety, or in connection with a business transfer.

International transfers

We're based in the United States, and our providers may process data in the U.S. and other countries. If you're in the EU/UK or elsewhere, your data may be transferred to and processed in the U.S. Where required, transfers rely on appropriate safeguards (such as standard contractual clauses used by our providers).

How long we keep your data

  • Active and canceled accounts. If you cancel but don't delete your account, we keep your projects, exports, and profile indefinitely, so you can come back and resubscribe without losing your work.
  • Account deletion. You can ask us to delete your account at any time (see below). When you do, we purge your personal data within 30 days, except for limited records we're legally required to keep (such as transaction records held by Paddle) or anonymized data that no longer identifies you. Short-term backups age out in the ordinary course.

Your rights

Depending on where you live, you may have the right to:

  • access the personal data we hold about you;
  • correct inaccurate data;
  • delete your data;
  • object to or restrict certain processing;
  • receive a copy of your data in a portable format;
  • withdraw consent where we relied on it.

Deleting your account. You have the right to delete your account and your data. To do this, email privacy@tessering.com (or use the in-app option if available). We'll confirm and complete deletion within 30 days as described above.

To exercise any right, email privacy@tessering.com. We'll respond within the time required by applicable law. You also have the right to complain to your local data-protection authority.

Cookies and local storage

Tessering uses essential browser storage (such as local storage and session storage) to keep you logged in and to remember app settings. Our providers — including Paddle and Supabase — may set cookies needed for payments and authentication. We don't use your audio content for advertising.

Children

Tessering is not intended for anyone under 16, and we don't knowingly collect data from people under 16. If you believe a child under 16 has given us personal data, contact privacy@tessering.com and we'll delete it.

Security

We take reasonable measures to protect your data, and rely on established providers (Supabase, Paddle, Netlify) for secure infrastructure. No online service can be guaranteed perfectly secure, but we work to keep your data safe and to address issues promptly.

Changes to this policy

We may update this policy. If we make material changes, we'll take reasonable steps to notify you (such as a notice in the app or by email). The "Effective date" at the top shows when this version took effect.

Contact

  • Privacy requests: privacy@tessering.com
  • General / billing: payments@tessering.com