TunaTuna
Docs
Docs Download βeta

Privacy Policy

Effective date: March 23, 2026

This Privacy Policy explains how Brainbow v/ Mikkel Malmberg (“Brainbow”, “we”, “us”) handles personal data for Tuna (app and website).

1. Privacy approach

Tuna is designed to collect as little data as possible. We avoid collecting user content wherever possible.

In particular, Tuna does not intentionally collect:

  • search queries
  • clipboard contents
  • dictation transcripts
  • file contents

2. Data we process

A) Purchase and license data

If you purchase Pro, we process limited purchase and licensing data, such as:

  • email address you provide at checkout (optional)
  • Stripe checkout and session identifiers
  • license key metadata (stored as digest and prefix, not plaintext key in server records)
  • device activation records (for example device ID, optional device name, activation and refresh timestamps)

B) Optional app telemetry and app error reporting

If you leave telemetry sharing enabled in Tuna, the app may send limited pseudonymous product telemetry and crash/error diagnostics, including:

  • pseudonymous install identifier used for Tuna telemetry rotation
  • app version, platform, and build metadata
  • daily aggregated counters related to Pro limits and upgrade flow
  • crash reports, stack traces, and basic runtime diagnostics needed to debug failures

Turning off telemetry sharing in the app disables both Tuna’s aggregate usage telemetry and app-side Sentry crash/error reporting.

C) Website and service request metadata

When you use the website or app endpoints (for example downloads, store refresh, licensing, telemetry), or when Tuna’s website/server error monitoring records an exception, the relevant service necessarily processes technical request data such as:

  • IP address
  • user agent
  • request path, timestamp, and basic HTTP logs

3. Legal bases (GDPR)

Where GDPR applies, we process data under:

  • contract: to provide Tuna services you request (purchase, licensing, updates)
  • legitimate interests: to secure, operate, and improve Tuna with minimal analytics and abuse prevention
  • legal obligations: where required by applicable law (for example accounting/tax records)

4. Processors and third parties

We use service providers that process data on our behalf, including Stripe for payments and checkout, and Sentry for website/server error monitoring and optional app crash/error reporting.

These providers process data under their own terms/privacy notices and applicable data protection law.

5. International transfers

Your data may be processed outside your country (including outside the EEA). Where required, we rely on appropriate safeguards (such as contractual safeguards) for cross-border transfers.

6. Retention

We keep data only as long as needed for the purposes above, including licensing, support, security, abuse prevention, and legal/accounting obligations.

Then we delete or de-identify data where feasible.

7. Your rights (GDPR)

If GDPR applies, you may have rights to:

  • access
  • rectification
  • erasure
  • restriction
  • objection
  • data portability
  • withdraw consent (where processing is based on consent)

You also have the right to lodge a complaint with your local data protection authority.

To exercise rights, contact [email protected].

8. Security

We use reasonable technical and organizational measures to protect data. No system is perfectly secure.

9. Changes

We may update this Privacy Policy. We will post the updated version with a new effective date.

10. Contact

Privacy questions or requests: [email protected]