Privacy Policy
Last updated: January 1, 2025
1. Who we are
HealingSounds ("we", "us", "our") operates the website healingsounds.top and the HealingSounds frequency therapy application.
2. Your audio — the most important part
We never receive, store, or process your audio sessions. All sound generation happens entirely in your browser using the Web Audio API. Nothing is uploaded to any server.
3. Information we collect
3.1 Account information (optional)
If you create a Pro account, we collect your email address (for login and confirmation), your password (stored as a bcrypt hash — we cannot see it), and your payment status.
3.2 Payment information
Payments are handled by PayPal. We only store the PayPal Order ID, payment amount, currency, and date. We never see your card or bank details. Review PayPal's Privacy Policy for details.
3.3 Local storage
The app stores your session token, theme preference, and session history in your browser's localStorage. This data stays on your device and is never sent to us except as an authentication token during API calls.
3.4 Server logs
Standard web server logs (IP address, browser type, request time) are kept for up to 30 days for security purposes, then deleted.
4. Data sharing
We do not sell or share your data. The only exceptions are PayPal (for payment processing), our hosting provider (under data protection obligations), and legal requirements (court orders).
5. Security
We use HTTPS for all connections, bcrypt password hashing (cost factor 12), secure random session tokens, 30-day session expiration, and SQL injection protection via prepared statements.
6. Your rights
You have the right to access, correct, or delete your data. You may also request data portability. To exercise any right, contact us via our contact page.
7. Changes
We may update this policy from time to time. Registered users will be notified by email of material changes. The date at the top of this page reflects the latest revision.
8. Contact
For privacy questions, contact us via our contact page.