Privacy Policy

Who we are

Choordinator is a tool for bands, jams, and worship teams to share live chord charts in real time. When we say "we" or "Choordinator" below, we mean Choordinator LLC, the operator of www.choordinator.com and the related mobile apps.

What we collect

We collect the smallest amount of data we can while still running the service you signed up for.

• Account data. Your email, display name, and the opaque subject identifier your OAuth provider (Google or Apple) returns. We store this so we can recognize you across devices.
• Your content. Chord charts, setlists, personal notes, band annotations, tags, and any files you import (PDF, DOCX, TXT). This is your work; we store it so you can get back to it.
• Session activity. When you start or join a live session, we record the session code, which songs were played, the start time, and a deduped viewer count. This is how the North Star Metric (Weekly Active Sessions) and your own session history get populated.
• Billing data. If you subscribe, Stripe handles your card details. We only store a Stripe customer ID, subscription status, trial end date, and period-end date. We never see or store card numbers.
• Technical data. Your IP address is hashed (SHA-256, truncated) and used only for rate-limiting abuse. We do not persist the raw IP. If you submit the feedback form we also record the page URL and user agent of that submission so we can reproduce bugs.
• Anonymous usage. Page-view counts via Vercel Web Analytics. No cookies, no cross-site tracking, and no personally identifying information.

How we use it

• To run the product you signed up for (sync charts across devices, host live sessions, process your subscription)
• To debug issues and improve the product (aggregate metrics, reproduce bugs from feedback submissions)
• To respond to your support requests and honor your data-deletion requests
• To comply with the law when we're required to

We do not sell your data. We do not share it with advertisers. We do not train AI models on your charts, and we do not allow our sub-processors to use your content to train theirs.

Who else sees it (sub-processors)

We use a small set of vendors to run the service. Each sees only the data necessary for its job.

• Vercel — hosts the web app and runs the API routes. Sees traffic.
• Neon (Postgres) — stores your account, charts, setlists, annotations, and session history.
• Upstash (Redis) — holds short-lived session state (8-hour TTL) and rate-limit counters.
• Pusher — delivers real-time events during a session (song changes, scroll position). Does not retain session data.
• Stripe — processes subscription payments. Sees the card data we never see.
• Anthropic — powers chord-chart song detection and import splitting. We send the chart text; we do not send your email or account identifier.
• Google / Apple — authenticate your sign-in. Sees what they return to us: your email, name, and a stable subject ID.
• Resend — delivers support email notifications when you submit the feedback form.

International data transfers

Choordinator is operated from the United States, and our sub-processors (listed above) are based in the US, EU, and Canada. If you're outside the US, your data is transferred to and processed in the US — and wherever our sub-processors operate — to run the service. We rely on the contractual safeguards each sub-processor publishes (Standard Contractual Clauses where required under the GDPR/UK GDPR) to keep your data protected at the same standard your home jurisdiction would require.

Who can see your content

• Your personal library — only you.
• Band workspaces — visible to that band's members. OWNER and EDITOR roles can edit shared content; MEMBER can view.
• Live sessions — anyone with the session code can view whatever chart the leader displays. Codes expire after 8 hours of inactivity.
• Public share links — if you explicitly generate a share token for a chart, anyone with the link can view it. You can revoke the token at any time.

How long we keep it

• Your account and content — indefinitely, until you delete it or delete your account.
• Live session state — 8 hours in Redis, then automatically purged.
• Session history (logs, songs played) — retained as long as your account exists.
• Billing records — as required by tax and accounting law.
• Rate-limit counters — 1-hour window.

How we secure your data

• All traffic between you and Choordinator goes over HTTPS (TLS).
• Our Postgres database (Neon) encrypts your data at rest. Our Redis cache (Upstash) encrypts data in transit.
• We authenticate you through Google or Apple — we never see, store, or handle your password.
• We keep the team that touches your data small and audited.
• IP addresses used for rate-limiting are hashed and truncated before they're stored; we can count abuse attempts without knowing who you are.
• If we ever detect a security incident that materially affects your data, we'll notify affected users and — where the law requires it — regulators, without undue delay.

Software isn't perfect. If you spot a security issue, email support@choordinator.com with "security" in the subject line and we'll get on it.

Your rights

Rights that work the same for everyone, everywhere:

• Delete your account — Settings → Danger Zone → Delete account. This removes your account, content, annotations, and session logs. Some billing records are retained for legal compliance.
• Get a copy of your data — email support@choordinator.com and we'll export it.
• Correct your data — edit your name in Settings; edit your content in your library.
• Opt out of analytics — Vercel Web Analytics is cookieless and does not track individuals; there is nothing to opt out of in the traditional sense.

Additional rights under GDPR, UK GDPR, and CCPA

If you're in the EU, UK, or California — or wherever else gives you similar rights — you also have:

• Right to know / right of access — what personal data we have on you and how we're processing it.
• Right to rectification — correct inaccurate or incomplete data.
• Right to erasure ("right to be forgotten") — delete your data, subject to our retention obligations for things like billing records.
• Right to restrict processing — tell us to stop using your data for specific purposes while we sort something out.
• Right to object — push back on processing we do under legitimate-interest grounds (for example, product analytics).
• Right to data portability — get your data in a machine-readable format so you can take it elsewhere.
• Right to non-discrimination (CCPA) — we won't charge you more or give you a worse service because you exercised a right.
• Right to complain — lodge a complaint with your local data-protection authority (the ICO in the UK, your national DPA in the EU, the California AG, etc.) if you think we've mishandled your data. We'd appreciate a chance to fix it first, but it's your call.

To exercise any of these rights, email support@choordinator.com. We'll verify it's really you (by email, to the address on your account) and respond within 30 days — faster for most requests.

California "Notice at Collection" (CCPA §1798.100): the data categories we collect from California residents are listed in the What we collect section above. We use that data only to run the service you signed up for (see How we use it). We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

Children

Choordinator is not directed at children under 13, and we do not knowingly collect data from them. If you believe we have, email support@choordinator.com and we will delete it.

Changes to this policy

If we change this policy in a way that materially affects how we handle your data, we'll note the change at the top of this page and, for significant changes, email signed-in users. The "Last updated" date at the top reflects the most recent edit.

Contact

Questions, requests, or concerns: support@choordinator.com. Copyright takedowns: see our DMCA policy.