Privacy Policy

Last Updated: February 1, 2026

Welcome to our website! This Privacy Policy explains how we collect, use, and protect your personal information when you visit our site (https://cutoff.dev), use our documentation, blog, subscription services, or engage with our community and support channels. Our Audio/MIDI framework itself, Cutoff, or any part of it (Cutoff AudioUI, Cutoff Fusion) does not collect any data—this policy applies only to the website and related services.

1. Who We Are

We are Tylium, providing the Cutoff framework and related services. Contact us at legal@tylium.io with questions.

2. What Data We Collect

We collect the following:

Authentication and Subscription Data: When you sign up or manage a subscription via our site, Clerk handles authentication. This includes your email address, account details, and session data stored in essential cookies (e.g., __clerk_db_jwt, __session, __client_uat).
Payment Data: Stripe processes payments for subscriptions, collecting payment details (e.g., card info) and setting a machine ID cookie (__stripe_mid) for fraud prevention. We don’t store your full payment data.
Usage Analytics: Cloudflare Web Analytics collects anonymized data (e.g., page views, visit counts) about site usage. No cookies are used, but IP addresses are processed and anonymized.
Community and Support Data:
- Discord: If you join our Discord server for community or commercial support, Discord collects data like your username, messages, and server activity per their Privacy Policy.
- GitHub: If you submit issues or contribute via GitHub, it collects data like your username and activity per their Privacy Statement.
Technical Data: We may log browser type or device info to keep the site running smoothly.

3. How We Use Your Data

Site Services: Clerk and Stripe enable subscriptions and access to premium features.
Site Improvement: Cloudflare’s anonymized analytics help us optimize performance.
Communication: We may email you about your account or updates (opt-out available for non-essential messages).
Support: Discord and GitHub facilitate community engagement and issue tracking.

4. Cookies and Tracking

We keep it minimal:

Essential Cookies:
- Clerk uses __clerk_db_jwt, __session, __client_uat, and clerk_active_org for login and subscriptions.
- Stripe uses __stripe_mid for secure payments.
- These are necessary for the site to work—no consent required, but you can block them via your browser (may break functionality).
Analytics: Cloudflare Web Analytics tracks usage without cookies, processing anonymized IP addresses.
No non-essential cookies (e.g., marketing) unless you opt in later.

5. Legal Basis (GDPR)

Essential Cookies: “Legitimate interest” for core site functions (auth, payments).
Analytics: “Legitimate interest” for anonymized site improvements.
Account Data: Contract fulfillment (subscriptions) or consent (emails).
Third-Party Services: Discord and GitHub process data under their own policies.

6. Sharing Your Data

We share only as necessary:

Clerk: Authentication and session management.
Stripe: Payment processing.
Cloudflare: Anonymized analytics.
Discord: Community and support interactions.
GitHub: Issue tracking and contributions.

No selling or sharing beyond legal requirements (e.g., court orders).

7. Your Rights

Under GDPR and similar laws:

Access, correct, or delete your data.
Restrict or object to processing.
Withdraw consent (where applicable).
Request portability.

Email legal@tylium.io to exercise these, or contact Discord/GitHub directly for their data. You can also complain to your local data protection authority.

8. Data Protection

We use HTTPS, Clerk’s encryption, and Stripe’s PCI compliance. Third parties (Discord, GitHub) have their own security—check their policies. No system is 100% secure—use at your own risk.

9. Data Retention

Account Data: Kept while active, deleted within 30 days of cancellation unless legally required.
Payment Data: Stripe retains records per their terms; we keep minimal accounting data.
Analytics: Cloudflare holds anonymized data up to 30 days.
Support Data: Discord and GitHub retain data per their policies.

10. Managing Cookies

Block or delete cookies via your browser—disabling essential ones breaks login/payments. Opt out of analytics with browser privacy tools (e.g., Do Not Track)—Cloudflare respects these where possible.

11. Third-Party Links

Our site links to Discord, GitHub, and external resources. We’re not responsible for their practices—review their policies.

12. Changes

We may update this policy—check back for the latest.

13. Contact

Reach us at legal@tylium.io.

Last Updated: February 1, 2026

2. What Data We Collect

We collect the following:

Authentication and Subscription Data: When you sign up or manage a subscription via our site, Clerk handles authentication. This includes your email address, account details, and session data stored in essential cookies (e.g., __clerk_db_jwt, __session, __client_uat).

Payment Data: Stripe processes payments for subscriptions, collecting payment details (e.g., card info) and setting a machine ID cookie (__stripe_mid) for fraud prevention. We don’t store your full payment data.

Usage Analytics: Cloudflare Web Analytics collects anonymized data (e.g., page views, visit counts) about site usage. No cookies are used, but IP addresses are processed and anonymized.

Community and Support Data:

Discord: If you join our Discord server for community or commercial support, Discord collects data like your username, messages, and server activity per their Privacy Policy.
GitHub: If you submit issues or contribute via GitHub, it collects data like your username and activity per their Privacy Statement.

Technical Data: We may log browser type or device info to keep the site running smoothly.

3. How We Use Your Data

Site Services: Clerk and Stripe enable subscriptions and access to premium features.

Site Improvement: Cloudflare’s anonymized analytics help us optimize performance.

Communication: We may email you about your account or updates (opt-out available for non-essential messages).

Support: Discord and GitHub facilitate community engagement and issue tracking.

4. Cookies and Tracking

We keep it minimal:

Essential Cookies:

Clerk uses __clerk_db_jwt, __session, __client_uat, and clerk_active_org for login and subscriptions.
Stripe uses __stripe_mid for secure payments.
These are necessary for the site to work—no consent required, but you can block them via your browser (may break functionality).

Analytics: Cloudflare Web Analytics tracks usage without cookies, processing anonymized IP addresses.

No non-essential cookies (e.g., marketing) unless you opt in later.

5. Legal Basis (GDPR)

Essential Cookies: “Legitimate interest” for core site functions (auth, payments).

Analytics: “Legitimate interest” for anonymized site improvements.

Account Data: Contract fulfillment (subscriptions) or consent (emails).

Third-Party Services: Discord and GitHub process data under their own policies.

7. Your Rights

Under GDPR and similar laws:

Access, correct, or delete your data.

Restrict or object to processing.

Withdraw consent (where applicable).

Request portability.

Email legal@tylium.io to exercise these, or contact Discord/GitHub directly for their data. You can also complain to your local data protection authority.

9. Data Retention

Account Data: Kept while active, deleted within 30 days of cancellation unless legally required.

Payment Data: Stripe retains records per their terms; we keep minimal accounting data.

Analytics: Cloudflare holds anonymized data up to 30 days.

Support Data: Discord and GitHub retain data per their policies.