Rifflogbeta

Legal

Privacy Policy

Effective May 28, 2026

Rifflog is a small, independent product. This policy explains what we collect, why we collect it, and how we use it. We don't sell your data and we don't run ads.

What we collect

When you create an account we collect your email address and a hashed password. We don't ask for your name, phone number, or any payment information to use the free tier.

When you create a tab, we store the content you type, any tuning and instrument settings you configure, and audio files you upload. We also store the sharing preferences you set (private, link-only, or specific email addresses).

We log standard server-side metadata with each request: IP address, browser and device type, referring page, and timestamps. This is used for debugging and understanding general usage patterns, not individual tracking.

How we use it

  • To operate the service — serving your tabs, authenticating your session, sending transactional emails like password resets.
  • To improve Rifflog — understanding which features are used and where things break.
  • To contact you about the product — new features, policy changes, or account issues. You can opt out of non-essential emails at any time.

Third-party services

We use a small number of third-party providers to run Rifflog:

  • Cloud storage — audio files you upload are stored in cloud object storage (Amazon S3 or equivalent). Files are private by default and accessible only through authenticated Rifflog URLs.
  • Email delivery — transactional emails (verification, password reset) are sent via a third-party email service. We don't share your address with them beyond what's needed to deliver the email.
  • Hosting infrastructure — the application runs on cloud infrastructure. Your data is stored in databases and object storage within that infrastructure.

We don't use third-party analytics, advertising networks, or tracking pixels.

Your content

You own everything you create on Rifflog — your tab content, your audio, your notes. We don't claim any license to it beyond what's necessary to store and deliver it back to you and the people you choose to share it with.

If you delete a tab or your account, your content is removed from our systems within 30 days.

Cookies

We use a session cookie to keep you logged in. We don't use advertising cookies, cross-site tracking cookies, or third-party analytics cookies.

Data retention

Account data and tab content is retained as long as your account is active. Server logs are retained for up to 90 days. Audio files are retained until you delete them or close your account.

Changes to this policy

If we make material changes we'll update the effective date at the top of this page and, for significant changes, send a notice to your account email address.

Contact

Questions about this policy? Email us at hello@rifflog.com.