Last updated: April 22, 2026
When you create an AudioClients account, we collect your email address and a password (hashed, never stored in plain text). During onboarding you provide your name, professional credits, engineering niche, and style notes — all used solely to personalize outreach emails on your behalf.
AudioClients connects to your Google account using OAuth 2.0. We request only the following scopes:
https://www.googleapis.com/auth/gmail.send — to send outreach emails you have personally composed and approved, from your own Gmail addresshttps://www.googleapis.com/auth/userinfo.email— to display which Google account you have connected (e.g. “Connected as you@gmail.com”)We never read, download, store, or index your inbox. We do not request or use gmail.readonly, gmail.modify, or any other Gmail scope beyond the two listed above.
How Google user data is used.The access token and refresh token returned by Google are stored encrypted in our Supabase Postgres database (AWS-hosted) and are used exclusively to call the Gmail API’s messages.send endpoint when you explicitly click Send on a message you have reviewed. No automated or scheduled sending occurs without your per-message approval.
How Google user data is shared.Your Google user data is never sold, shared, or transferred to any third party for advertising, analytics, or other purposes. We do not use Google user data to train or improve any AI / ML models. The only third-party recipients of email content are (a) Google’s own Gmail SMTP servers (to deliver the message) and (b) Anthropic’s Claude API (to help draft message text before you review it — no tokens or raw Gmail API data are sent to Anthropic).
How to revoke.You can disconnect your Gmail integration at any time from the Settings page. This deletes our stored tokens and calls Google’s token revocation endpoint. You can also revoke our app at any time via myaccount.google.com/permissions.
Limited Use compliance.AudioClients’ use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
If you connect Spotify, we use the Spotify Web API to search for artists and retrieve public data (name, genre, monthly listeners, top tracks, profile image). We store this data to populate your discovery pipeline. We do not access your personal Spotify listening history, playlists, or saved tracks.
AudioClients collects publicly available information about artists you discover: names, genres, listener counts, public contact emails (found via web search), social media handles, and publicly posted social media content. This data is used to generate personalized outreach emails and to build communication profiles that help tailor your messaging.
We use Anthropic’s Claude API to generate outreach emails, analyze artist communication styles, and extract writing preferences from your edits. The data sent to Anthropic includes artist names, genres, your feedback observations, and email content. We do not send your personal credentials, passwords, or authentication tokens to any AI provider.
Replies to your outreach are received via a subdomain you configure on your own domain (e.g. mail.yourdomain.com), processed by Resend’s inbound email service, and stored in our database. We store the sender address, a text snippet of the reply, and the timestamp. We do not read or store the full contents of your personal email inbox.
All data is stored in Supabase (hosted on AWS) with row-level security policies ensuring users can only access their own data. Authentication tokens are stored encrypted. All traffic is served over HTTPS. We do not sell, rent, or share your personal data with third parties except as described above (Anthropic for AI processing, Google for email sending, Resend for reply handling).
Your data is retained as long as your account is active. You can request deletion of your account and all associated data by contacting us at the email below. We will process deletion requests within 30 days.
We use essential cookies for authentication (session tokens managed by Supabase Auth). We do not use analytics cookies, advertising cookies, or third-party tracking.
You have the right to access, correct, or delete your personal data at any time. You can disconnect your Gmail and Spotify integrations from the Settings page. To request a full data export or account deletion, contact us.
For privacy questions or data requests, email privacy@audioclients.com.