Privacy Policy
1. Introduction
MythicVoices ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI voice generation platform.
By using MythicVoices, you agree to the collection and use of information in accordance with this policy. This policy is compliant with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
2. Information We Collect
2.1 Personal Information
When you create an account through Google or Discord OAuth, we collect:
- Email address
- Full name
- Profile picture (avatar)
- OAuth provider ID (Google or Discord)
2.2 Usage Data
We automatically collect information about your use of our service:
- Campaigns, characters, and sessions you create
- Audio files you generate and their metadata (text, duration, character used)
- Credits purchased and consumed
- Transaction history
- Feature requests and support tickets
2.3 Technical Data
With your consent (via analytics and marketing cookies), we collect:
- IP address (anonymized in Google Analytics)
- Browser type and version
- Device information
- Operating system
- Pages visited and time spent
- Click behavior and interactions
- Session recordings (with sensitive data masked)
- Traffic source and referral information
- Conversion events and campaign attribution
Note: We use Google Consent Mode v2 to ensure that tracking respects your privacy choices. Technical data collection only occurs if you accept analytics or marketing cookies. Without consent, we track anonymously without storing personal identifiers.
2.4 Billing Information
For payment processing, we collect:
- Name and billing address
- VAT number (if applicable)
- Fiscal code (for Italian users)
Important: We do NOT store credit card information. All payment processing is handled securely by Stripe, and we never have access to your complete card details.
3. How We Use Your Information
We use your information for the following purposes:
- Service Provision: To create and manage your account, process payments, generate audio files, and provide customer support
- Service Improvement: To analyze usage patterns, fix bugs, and develop new features (only with analytics consent)
- Marketing and Advertising: To measure the effectiveness of our advertising campaigns and improve ad targeting (only with marketing consent)
- Communication: To send transactional emails (account updates, purchase confirmations, support responses)
- Legal Compliance: To comply with legal obligations, including tax and invoicing requirements
- Security: To detect and prevent fraud, abuse, and security incidents
We will never sell your personal information to third parties or use it for marketing purposes without your explicit consent.
4. Third-Party Services
We use the following third-party services to operate our platform:
Authentication
- Google OAuth: Privacy Policy
- Discord OAuth: Privacy Policy
Payment Processing
- Stripe: Handles all payment processing. Privacy Policy
AI Services
- ElevenLabs: Voice generation. Privacy Policy
- OpenAI: Text generation. Privacy Policy
- Google Gemini: Text and dialogue generation. Privacy Policy
Your text prompts are sent to these services to generate content. They may process this data according to their own privacy policies.
Storage
- AWS S3: Audio file storage. Privacy Policy
Tag Management
- Google Tag Manager (GTM): Manages tracking tags and scripts. Privacy Policy
GTM is a tag management system that loads other tracking services based on your consent preferences.
Analytics (Only with Consent)
- PostHog: Privacy-focused analytics and session recording. Privacy Policy
- Google Analytics 4 (GA4): Web analytics service for understanding user behavior. Privacy Policy
Analytics services only track your activity if you accept analytics cookies. Without consent, tracking is fully anonymous.
Marketing & Advertising (Only with Consent)
- Meta Pixel (Facebook Pixel): Tracks conversions and helps measure ad effectiveness. Privacy Policy
Meta Pixel only activates if you accept marketing cookies. It helps us measure the effectiveness of our advertising campaigns.
Invoicing (Italian Users)
- Fatture in Cloud: Electronic invoicing for Italian customers. Privacy Policy
5. Cookies and Tracking Technologies
5.1 What Are Cookies?
Cookies are small text files stored on your device that help websites function properly and provide analytics about usage.
5.2 Types of Cookies We Use
Strictly Necessary Cookies (Always Active)
These cookies are essential for the website to function:
- next-auth.session-token: Maintains your login session (30 days)
- next-auth.csrf-token: Security protection (session only)
- cc_cookie: Stores your cookie consent preferences (1 year)
Functional Cookies (Optional)
Enhance your experience with personalized features:
- User interface preferences
- Language and region settings
Analytics Cookies (Optional - Requires Consent)
Help us understand how you use our service:
- ph_*: PostHog analytics and session tracking (1 year)
- _ga, _ga_*: Google Analytics 4 tracking (2 years)
- _gid: Google Analytics session identification (24 hours)
- Page views, clicks, and user interactions
- Session recordings (with sensitive data masked)
- Traffic source and campaign tracking
Note: You can withdraw analytics consent at any time using the cookie settings in the footer.
Marketing Cookies (Optional - Requires Consent)
Used to measure advertising effectiveness:
- _fbp: Facebook Pixel primary cookie (3 months)
- _fbc: Facebook click identifier (2 years)
- fr: Facebook advertising and measurement (3 months)
- Conversion tracking for advertising campaigns
- Custom audience building (anonymized)
Note: Marketing cookies help us understand which ads are effective. They do not contain personally identifiable information.
5.3 Managing Cookies
You can manage your cookie preferences at any time by:
- Clicking "Cookie Settings" in the website footer
- Configuring your browser to block or delete cookies
- Using browser privacy extensions
Please note that blocking necessary cookies may prevent the website from functioning properly.
6. Data Security
We implement industry-standard security measures to protect your data:
- All data transmitted over HTTPS encryption
- Secure authentication via OAuth 2.0
- Regular security audits and updates
- Access controls and employee training
- Encrypted database storage
- PCI DSS compliant payment processing (via Stripe)
While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
7. Data Retention
We retain your data for the following periods:
- Account Data: Until you delete your account or request deletion
- Audio Files: Until you manually delete them from your library
- Transaction History: 10 years (as required by tax law)
- Analytics Data: 90 days (PostHog), 14 months (Google Analytics 4)
- Marketing Data: 90 days (aggregated advertising metrics)
- Support Tickets: 2 years for quality assurance
After these periods, data is permanently deleted from our systems, except where legally required to retain it longer.
8. Your Privacy Rights
8.1 GDPR Rights (EU Users)
If you are in the European Economic Area, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for analytics tracking at any time
8.2 CCPA Rights (California Users)
If you are a California resident, you have the right to:
- Know what personal information we collect and how we use it
- Request deletion of your personal information
- Opt-out of the sale of personal information (we do not sell your data)
- Non-discrimination for exercising your privacy rights
8.3 How to Exercise Your Rights
To exercise any of these rights, please contact us at our contact page. We will respond to your request within 30 days.
You also have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.
9. International Data Transfers
Your data may be transferred to and processed in countries outside your jurisdiction. We ensure adequate safeguards are in place:
- EU-US Data Privacy Framework compliance (for US-based services)
- Standard Contractual Clauses (SCCs) with third-party processors
- Adequate data protection measures as required by GDPR
10. Children's Privacy
Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date at the top
- Sending an email notification for significant changes (if you have an account)
Your continued use of the service after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Contact: Contact Form
Support: Get Help
This Privacy Policy is compliant with GDPR (EU), CCPA (California), PIPEDA (Canada), and other applicable data protection regulations.