Neuorise

Privacy Policy

Privacy Policy for Neuorise

Last Updated: Jun 7 2026

At Neuorise, we take your privacy and data security with absolute seriousness. We believe your mental health data and physiological parameters belong entirely to you. This Privacy Policy details exactly what data we collect, how it is stored, and the strict boundaries we place around it.

1. No Additional Data Collection

We do not collect any personal or tracking data that you do not willingly and explicitly provide to us. Neuorise does not use silent background tracking, behavioral tracking scripts, or invasive advertising tracking.

2. Information We Collect

We only process data that is fundamental to providing you with the AI music healing service:

  • Account Credentials: Username, email address, and a securely hashed password (using PBKDF2) when you voluntarily register.
  • Session Verification: Secure, server-side HttpOnly cookies strictly to keep you logged in.
  • Wellness & Physiological Inputs: Your answers to our short 5–7 question mood questionnaires, alongside basic physiological parameters (such as heart rate or respiratory rate) that you manually provide or consent to measure.
  • Feedback Data: Ratings (1-5 stars) and custom notes you submit to adjust the music generation loop.

3. Strict Database Boundaries & No Unauthorized Access

Your information will never be accessed or transferred off the Neuorise database without your explicit action, explicit knowledge, or direct command. All user state histories, generated tracks, and questionnaire logs are isolated inside our secure SQLite database container (data/neuorise.sqlite3). No backend scripts are authorized to transfer, export, or leak this data externally without your specific trigger (e.g., clicking a button to explicitly export your profile).

4. absolute Zero-Sale Policy (No Third-Party Data Selling)

We do not sell, rent, trade, or monetize your personal data, questionnaires, physiological inputs, or feedback to third-party vendors, data brokers, or advertisers in any way or under any circumstances. Your information stays strictly within Neuorise.

5. Third-Party API Processors

To generate your custom healing music, Neuorise securely communicates with external AI services on the server-side:

  • Gemini API: Processes your survey answers anonymously to formulate music style parameters.
  • Suno API: Receives style prompts to generate the therapeutic audio file.

These data exchanges happen entirely via server-side variables. We never send your personal account identifiers, emails, or unhashed passwords to these APIs.

6. Data Security

We implement industry-standard practices to protect your information:

  • Passwords are protected using secure PBKDF2 hashing.
  • Authentication sessions are protected via HttpOnly cookies to mitigate cross-site scripting (XSS) risks.
  • API credentials remain completely hidden in the server-side environment variables.

7. Your Rights (Data Deletion)

Because you have full control over your information, you have the right to review, modify, or permanently delete your account and its entire associated generation history at any time. Once deleted, your records are completely scrubbed from our SQLite database.

8. Contact Us

If you have any questions or concerns regarding your privacy on Neuorise, you can reach out directly to: jingwen.hu@exabyte.org.cn