Privacy Policy

This Privacy Policy explains how dp.vision ("we", "us", or "our") collects, uses, stores, and protects personal data when you use the DailyMuse application and website located at dailymuse.app (the "Service").

We are committed to protecting your privacy and complying with the European Union General Data Protection Regulation (GDPR), the Polish Act on Protection of Personal Data, and all other applicable data protection legislation.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

The data controller responsible for your personal data is:

For any questions regarding data protection or to exercise your rights under GDPR, please contact us at hello@dailymuse.app.

3.1 Data You Provide Directly

• Account information: email address, name (if provided), and authentication credentials.
• Voice recordings: audio files you record through the Service for transcription and content generation.
• Brand profiles: information about your brand voice, audience, content preferences, and style settings you configure within the Service.
• Photos and images: images you upload for use in your content.
• Generated content: AI-generated text drafts, social media posts, and other content created through the Service.
• Feedback and communications: any messages you send to us via email or in-app feedback.

3.2 Data Collected Automatically

• Usage data: features you use, pages you visit, timestamps of interactions, session duration, and general usage patterns.
• Device information: browser type and version, operating system, device type, and screen resolution.
• Network information: IP address (anonymized where possible) and general geographic location (country/region level).

3.3 Data We Do Not Collect

• We do not use third-party analytics or tracking cookies.
• We do not collect precise geolocation data.
• We do not purchase data from third-party data brokers.
• We do not use advertising pixels or retargeting technologies.

Under GDPR Article 6, we process your personal data based on the following legal grounds:

• Contract performance (Art. 6(1)(b)): Processing necessary to provide the Service you requested, including account management, voice transcription, and content generation.
• Consent (Art. 6(1)(a)): Where you have given explicit consent, such as recording your voice, uploading photos, or opting into communications. You may withdraw consent at any time by contacting us or deleting the relevant data in the app.
• Legitimate interest (Art. 6(1)(f)): For improving the Service, ensuring security, preventing fraud, and analyzing aggregated usage patterns. We have balanced these interests against your rights and determined that the processing is proportionate and does not override your fundamental rights.
• Legal obligation (Art. 6(1)(c)): Where processing is necessary to comply with applicable laws (e.g., tax records, responding to lawful requests from authorities).

DailyMuse uses artificial intelligence to transcribe your voice recordings and generate content. This section explains how that works:

6.1 Voice Transcription

Your voice recordings are sent to Groq (Groq, Inc., USA), which uses the Whisper large-v3 model to convert speech to text. Audio data is processed in real-time and is not stored by Groq after transcription is complete, in accordance with Groq's data processing terms.

6.2 Content Generation

Transcribed text, along with your brand profile and content preferences, is sent to Anthropic (Anthropic, PBC, USA), which uses the Claude AI model to generate content drafts. Under Anthropic's commercial terms, inputs and outputs are not used to train their models.

6.3 No Automated Decision-Making

The AI processing described above is used solely to assist you in creating content. No decisions with legal or similarly significant effects are made solely by automated means. You always have the final say on what content is published.

We share personal data only with trusted service providers who process data on our behalf. Each processor is bound by a Data Processing Agreement (DPA) or equivalent contractual safeguards.

We do not sell, rent, or trade your personal data to any third party. Data is shared with processors solely for the purposes described in this Privacy Policy.

Your data is transferred from the European Economic Area (EEA) to the United States where our processors operate. These transfers are protected by:

• EU-U.S. Data Privacy Framework (DPF): Where processors are certified under the DPF, this serves as an adequate transfer mechanism under GDPR Article 45.
• Standard Contractual Clauses (SCCs): Where the DPF does not apply, we rely on the European Commission's Standard Contractual Clauses (adopted June 2021) as the legal mechanism for cross-border transfers, in compliance with GDPR Article 46(2)(c).
• Supplementary measures: We implement additional technical and organizational safeguards, including encryption in transit (TLS 1.2+) and at rest, access controls, and contractual obligations prohibiting processors from using data beyond the specified purposes.

You may request a copy of the applicable transfer safeguards by contacting us at hello@dailymuse.app.

We retain your personal data for as long as necessary to fulfill the purposes described in this policy:

• Account data: Retained for the duration of your account. Deleted within 30 days of account deletion request.
• Voice recordings: Stored for as long as your account is active. You may delete individual recordings at any time. All recordings are deleted upon account deletion.
• Generated content: Retained for as long as your account is active. Deleted upon account deletion.
• Usage data: Retained in aggregated, anonymized form for up to 24 months for service improvement purposes.
• Legal obligations: Some data may be retained longer where required by law (e.g., tax and accounting records for the period required by Polish law).

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS 1.2+) and at rest for all stored data.
• Row-level security (RLS) policies in our database ensuring users can only access their own data.
• Secure authentication via Supabase Auth with industry-standard practices.
• Access to production systems limited to authorized personnel on a need-to-know basis.
• Regular review of security practices and processor compliance.

While we take reasonable measures to protect your data, no method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it to hello@dailymuse.app.

As a data subject in the European Union, you have the following rights under the GDPR. You may exercise any of these rights by contacting us at hello@dailymuse.app:

• Right of access (Art. 15): You have the right to obtain confirmation of whether we process your personal data and to receive a copy of that data.
• Right to rectification (Art. 16): You have the right to have inaccurate personal data corrected and incomplete data completed.
• Right to erasure (Art. 17): You have the right to request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations.
• Right to restriction of processing (Art. 18): You have the right to request that we restrict the processing of your data in certain circumstances.
• Right to data portability (Art. 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
• Right to object (Art. 21): You have the right to object to processing based on legitimate interest. We will stop processing unless we demonstrate compelling legitimate grounds.
• Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In Poland, this is the President of the Office for Personal Data Protection (UODO): uodo.gov.pl.

We will respond to your request within 30 days. In complex cases, this period may be extended by an additional 60 days, in which case we will notify you.

DailyMuse uses only essential cookies and local storage required for the Service to function. We do not use any analytics, advertising, or tracking cookies.

• Supabase authentication token: Stored in localStorage to maintain your authenticated session. Essential for the Service to work.
• User preferences: Stored in localStorage (e.g., theme preference). Essential for Service personalization.

For more details, please see our Cookie Policy.

DailyMuse is not intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe that a child under 16 has provided us with personal data, please contact us immediately and we will delete that data.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by email and/or by posting a prominent notice within the Service at least 14 days before the changes take effect.

The "Last updated" date at the top of this page indicates when this policy was last revised. Continued use of the Service after changes become effective constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

We aim to resolve all complaints internally. If you are not satisfied with our response, you have the right to lodge a complaint with the Polish supervisory authority (UODO) or the supervisory authority in your EU member state of residence.