Privacy Policy

Last updated: May 2025

pdf2midi ("we", "our", "the Service") is operated by Ilya Ogurtsov. This policy explains what data we collect, why, and how long we keep it.

1. Data we collect

• Anonymous visitors: a randomly generated session ID stored in your browser, a one-way hash of your IP address (we never store the raw IP), and a counter of how many free conversions you have used.
• Signed-in users: your Google account email address, Google user ID, and display name, received via Google OAuth 2.0 (OpenID Connect). We do not receive or store your Google password.
• Paying users: a Stripe customer ID linking you to your payment history. Card numbers are processed exclusively by Stripe and never touch our servers.
• Uploaded files: PDF files you upload for conversion and the resulting MIDI/MusicXML files.

2. How we use it

• To perform the sheet-music conversion you requested.
• To enforce free-tier conversion limits.
• To manage credit balances and subscription status for paying users.
• To prevent abuse (rate limiting by IP hash).

3. Data retention

• Uploaded PDFs and conversion results are automatically deleted 24 hours after a successful conversion.
• Anonymous session data expires after 30 days of inactivity.
• Account data (email, Google ID) is kept while your account is active. You may request deletion by emailing us.
• Payment records are retained as required by Stripe and applicable financial regulations (typically 7 years).

4. Third-party services

• Google OAuth 2.0 — for sign-in. Subject to Google's Privacy Policy.
• Stripe — for payment processing. Subject to Stripe's Privacy Policy.
• Audiveris — open-source OMR engine (AGPL-3.0) running on our servers. No data is sent to third parties during conversion.

5. Your rights (GDPR)

If you are in the EU/EEA you have the right to access, correct, or delete your personal data, and to object to processing. To exercise these rights, email us at fireprophet.io@gmail.com. We will respond within 30 days.

6. Cookies

We do not use tracking cookies. The Chrome extension stores session state in chrome.storage.session (cleared when you close the browser) and chrome.storage.local (encrypted refresh token).

7. Contact

Questions? Email fireprophet.io@gmail.com.