Legal

Privacy Policy

We built Vivaldi Studio with a simple rule: your music, your data, your device. None of the apps collect telemetry, no account is required, no analytics run in the background. This document explains, in plain language, what that means and the few narrow exceptions.

Last updated: April 8, 2026

1. Scope

This privacy policy applies to every app in the Vivaldi Studio suite — currently Vivaldi Music Workshop, Vivaldi Keyboard, Vivaldi Audio Editor, and Vivaldi Score — as well as to upcoming apps (Vivaldi Backing Tracks, Vivaldi Sheet Music) once released. It also covers the website vivaldistudio.app and any subdomain we may add.

One policy, same rules for every app. If a specific product ever introduces a different data practice, we will add a dedicated section here before that behaviour ships.

2. Who is responsible

The data controller for any personal data processed through Vivaldi Studio apps or this website is:

Enzo Augieri

Independent developer — Vivaldi Studio

Contact: [email protected]

You can reach us by email for any privacy-related question, to exercise your rights, or to report an issue.

3. What the apps collect

Nothing. Not a single byte. Vivaldi Studio apps run entirely on your device and do not collect, transmit, or store any personal data. Specifically, our apps:

  • do not require any account or login
  • do not include analytics, crash reporting, or telemetry of any kind
  • do not read your contacts, photos, location, microphone (unless a specific feature asks at runtime), or files outside the ones you explicitly choose
  • do not track you across other apps or websites (no IDFA, no advertising ID use)
  • do not embed third-party SDKs that collect data
  • do not make outbound network requests during normal use

Any file you import (a custom SoundFont, a recording, a session) is copied into the app's sandbox on your device. It never leaves your device unless you share it yourself.

4. Network access

The apps are designed to work fully offline. There are only two narrow situations in which a network request might occur, and both require an explicit action on your part:

  • Opening an in-app link (help article, product page, release notes). The link opens in your system browser, not inside the app.
  • App Store purchases and restore, handled entirely by Apple's StoreKit. We never see your payment details.

Any personal data you send via the support form on the website is covered by section 5 below.

5. Support form

When you contact us through the support form on vivaldistudio.app/support, we collect the following information — and only this information:

Required: your name, email address, subject line, message, and the product tag (which app the request is about).

Optional: app version, OS version, device model, interface locale. These help us reproduce bugs.

Technical metadata: the browser's User-Agent string and a SHA-256 hash of your IP address. The raw IP is never logged in clear — we only store the one-way hash, used solely for abuse prevention (rate-limiting, spam detection).

We use this data only to answer your request and to improve the products. We do not send marketing emails from support submissions. If you also opt in to our mailing list, that is handled separately and covered by its own consent flow (coming soon — currently no marketing list is active).

Legal basis (GDPR art. 6): processing is based on your consent (art. 6 § 1 a) when you submit the form, and on our legitimate interest (art. 6 § 1 f) in maintaining a secure and functional support channel for the technical metadata above.

6. Where data is stored

Support form submissions are stored in a PostgreSQL database hosted by Supabase in the European Union (region eu-central-1, Frankfurt). Access to the database is restricted to a service role held only by the server; anonymous and public access is revoked at the row-level-security layer.

Notification emails are sent via Brevo, an EU-based transactional email provider. The website itself is served by Cloudflare Pages, which may process your IP and User-Agent for the sole purpose of delivering the pages and protecting the infrastructure (standard HTTP serving — no cookies set by us).

7. How long we keep it

Support submissions are retained for up to 24 months from the date of submission, after which they are deleted from the database. We keep them this long because recurring issues sometimes surface weeks after a first report and previous context helps us answer faster.

You may ask us to delete your data earlier at any time (see section 9 — Your rights).

8. Sub-processors

We work with a short, explicit list of sub-processors. None of them receive your data for commercial use, re-sell it, or use it to train machine-learning models.

Provider Purpose Region
Supabase Database storage of support submissions EU (Frankfurt)
Brevo Transactional email delivery (support notifications, auto-replies) EU
Cloudflare Website hosting, DNS, email routing for support@ Global CDN with EU edge
Apple (App Store) App distribution, in-app purchases, device receipts Per Apple's policy

Each of these providers has its own privacy commitments and is GDPR-compliant. We will update this list before adding any new sub-processor.

9. Your rights (GDPR)

If you are in the European Union, the United Kingdom, or another jurisdiction granting similar rights, you are entitled to:

  • Access — ask us what data we hold about you
  • Rectification — have us correct wrong or outdated information
  • Erasure ("right to be forgotten") — have us delete your data
  • Portability — receive your data in a machine-readable format
  • Restriction and objection — limit or oppose processing
  • Withdrawal of consent — at any time, without affecting prior lawful processing
  • Complaint to a supervisory authority — in Italy, the Garante per la Protezione dei Dati Personali

To exercise any of these rights, email us at [email protected]. We reply within a reasonable time (and always within the 30-day GDPR window).

10. Children's privacy

Vivaldi Studio apps are not directed at children under 13, and they collect no personal data in any case. Music students under 13 can still use the apps safely — there is nothing to collect — but the App Store purchase itself is governed by Apple's Family Sharing and parental controls, not by us.

11. Website: cookies & tracking

The website vivaldistudio.app does not use analytics, tracking cookies, or third-party trackers. No Google Analytics, no Plausible, no Cloudflare Web Analytics, no advertising pixels. We do not know when you visit, which page you read, or how long you stay — and we like it that way.

The site may set a small, strictly functional cookie for the support form (CSRF / session) only if you interact with it; this cookie is essential, expires when you close the browser, and is never used for tracking. The hosting layer (Cloudflare) may set its own operational cookies (e.g. __cf_bm) to protect against bots; these are managed by Cloudflare and documented in their cookie policy.

12. Changes to this policy

We may update this privacy policy from time to time — for example, if we add a sub-processor or introduce a new feature that handles data differently. When we do, we bump the "Last updated" date at the top of the page. For substantive changes we will also post a visible notice on the website at least 14 days before the change takes effect.

13. Contact

Any privacy question, request, or complaint — write to [email protected]. A human reads every message.

Developer: Enzo Augieri — independent, one-person studio.

Terms of use · Support · Home