Musa Guide Privacy Policy

Part A: Introduction

1. About This Policy

1.1 This Privacy Policy explains how Musa Guide Limited ("Musa Guide", "we", "us", or "our") collects, uses, shares, and protects personal data when you use our services.

1.2 This Privacy Policy applies to:

(a) Platform Users: Museums, cultural institutions, and other organisations that use the Musa Guide platform to create and manage AI-powered audio tours ("Customers"); and

(b) Visitors: Individuals who access tours created using the Musa Guide platform ("Visitors").

1.3 This Privacy Policy should be read alongside our Platform Terms (for Customers) and Visitor Terms (for Visitors), which govern your use of our services.

2. Who We Are

2.1 Musa Guide Limited is a company registered in England and Wales with company number 16307651.

2.2 Registered address: 86-90 Paul Street, London, EC2A 4NE, United Kingdom.

2.3 UK VAT number: GB490382284.

2.4 We also operate through our United States subsidiary, Musa Guide Inc., where applicable.

2.5 For privacy questions or requests, contact us at: hi@musa.guide .

3. Data Controller

3.1 Musa Guide Limited is the data controller for personal data collected and processed to provide our services, except where stated otherwise in this Privacy Policy.

3.2 For payments processed by Stripe, Stripe acts as our processor and may act as an independent controller for certain anti-fraud and compliance activities. Where Stripe acts as merchant of record, Stripe may be an independent controller for billing and tax purposes.

3.3 For purchases made through Apple App Store or Google Play, Apple and Google act as independent controllers for store account data, billing information, and fraud checks under their own terms and privacy policies.

3.4 For AI processing, our AI providers (such as Google, OpenAI, ElevenLabs, MiniMax, and others) act as processors or independent controllers depending on their own terms.

3.5 Where Customers upload personal data as part of Customer Content, the Customer acts as data controller and Musa Guide acts as data processor for that data, processing it on behalf of the Customer solely to provide the Platform.

Part B: Data We Collect

4. Data Collected from Platform Users (Customers)

4.1 When you use the Musa Guide platform as a Customer, we may collect:

(a) Account information: Name, email address, organisation name, job title, and login credentials;

(b) Billing information: Billing address, payment method details (processed by our payment providers), and transaction history;

(c) Customer Content: Text, scripts, images, videos, audio files, artwork information, and other materials you upload to create tours;

(d) Usage data: How you interact with the platform, features used, tours created, and analytics accessed;

(e) Communications: Emails, support requests, and feedback you send us; and

(f) Technical data: IP address, browser type, device information, and access logs.

5. Data Collected from Visitors

5.1 When you access tours as a Visitor, we may collect:

(a) Account information: Email address (if provided), and account identifiers;

(b) Anonymous identifiers: Device or session identifiers for visitors who have not provided an email;

(c) Authentication data: Temporary tokens such as magic link tokens;

(d) Payment information: Billing country and payment status (payment details are processed by our payment providers);

(e) Tour interaction data: Which tours you access, prompts you submit, AI responses received, and how you navigate tours;

(f) Technical data: IP address, device information, browser type, operating system, app version, and language settings;

(g) Location data: Approximate location derived from IP address or, for location-bound tours, more precise location data if you grant permission; and

(h) Communications: Support emails and feedback.

6. Voice Input Data

6.1 Some features allow you to ask questions or interact using voice input. If you use these features:

(a) We capture audio through your device's microphone when you activate the voice feature;

(b) Audio is transmitted to third-party transcription providers to convert speech to text;

(c) Transcribed text is processed like any other prompt to generate AI responses;

(d) Raw audio is not stored longer than necessary to provide the transcription and deliver the service, except as set out in Section 6.2; and

(e) Transcripts may be retained as part of your tour interaction data.

6.2 We may retain voice recordings for a limited period for:

(a) Investigating suspected fraud, abuse, or violations of our terms;

(b) Resolving technical issues or disputes;

(c) Complying with legal obligations; and

(d) Maintaining the security and integrity of our services.

6.3 Do not share sensitive personal information, financial details, or confidential information through voice input. We are not liable for information you voluntarily disclose.

7. Automatically Collected Data

7.1 We automatically collect certain data when you use our services, including:

(a) Log data: Access times, pages viewed, errors encountered, and referring URLs;

(b) Device data: Device type, operating system, browser type, screen resolution, and unique device identifiers;

(c) Network data: IP address and, where relevant for location-bound tours, network-based location signals; and

(d) App data: For mobile apps, app version, crash reports, and performance data.

8. Data from Third Parties

8.1 We may receive data from:

(a) Payment processors: Payment status, fraud signals, and transaction confirmations from Stripe, Apple, or Google;

(b) AI providers: Generated responses and processing metadata; and

(c) Analytics providers: Aggregated usage patterns and performance metrics.

Part C: How We Use Your Data

9. Purposes of Processing

9.1 We use personal data to:

(a) Provide our services: Create accounts, deliver tours, process payments, and enable platform features;

(b) Personalise experiences: Tailor tour content and AI responses based on your interactions;

(c) Process payments: Complete transactions and prevent fraud;

(d) Communicate with you: Send access links, receipts, service updates, and respond to support requests;

(e) Improve our services: Analyse usage patterns, fix bugs, develop new features, and train and improve our AI systems;

(f) Ensure security: Detect and prevent fraud, abuse, and unauthorised access;

(g) Comply with law: Meet legal, tax, and regulatory obligations;

(h) Defend legal claims: Establish, exercise, or defend legal claims; and

(i) Create Aggregated Data: Generate anonymised, aggregated insights as described in Section 15.

10. Legal Bases for Processing (UK and EU)

10.1 We process personal data on the following legal bases:

(a) Contract: Processing necessary to perform our contract with you (to provide the platform and services);

(b) Legitimate interests: Processing necessary for our legitimate interests (to improve our services, ensure security, prevent fraud, conduct analytics, and create Aggregated Data), where those interests are not overridden by your rights;

(c) Legal obligation: Processing necessary to comply with legal requirements (such as tax and accounting obligations); and

(d) Consent: Where you have given explicit consent (such as for marketing emails and non-essential cookies). You may withdraw consent at any time.

11. AI Processing

11.1 When you interact with AI features (such as asking questions, chatting with a guide, or using voice input), we send your prompts, transcripts, and related technical data to our AI providers to generate responses.

11.2 AI providers include Google, OpenAI, ElevenLabs, MiniMax, and others, which may change from time to time. These providers act as processors or independent controllers depending on their own terms.

11.3 We may use de-identified prompts and outputs to operate and improve our services and AI systems. We do not use your data for third-party advertising.

11.4 In our mobile apps, we disclose where personal data will be shared with third-party AI providers and, where required by law or app store rules, request your permission before doing so.

11.5 Business customers who need different AI data handling terms should contact us to discuss enterprise arrangements.

Part D: Data Sharing

12. Service Providers

12.1 We share personal data with service providers who process data on our behalf, including:

(a) Supabase: Database and authentication;

(b) Vercel: Hosting, performance analytics, and logging;

(c) OpenRouter: AI request routing;

(d) AI model providers: Google, OpenAI, ElevenLabs, MiniMax, and others for AI inference;

(e) Email providers: Such as Resend for transactional and marketing email delivery;

(f) Error and performance monitoring: Log processing, error tracking, and performance monitoring services; and

(g) Amazon Web Services: Infrastructure hosting.

12.2 For Customers, a list of current sub-processors is available upon request.

12.3 Service providers may change from time to time. We will update this Privacy Policy to reflect material changes to our primary service providers.

13. Payment Processors

13.1 We use the following payment processors:

(a) Stripe: Processes payments. Depending on the transaction, Musa Guide Limited (UK) or Musa Guide Inc. (US) may be the merchant of record, or Stripe may act as the merchant of record and handle billing, tax collection, and returns;

(b) Apple App Store: Processes payments for purchases made through our iOS app, where Apple acts as merchant of record under Apple Media Services terms; and

(c) Google Play: Processes payments for purchases made through our Android app, where Google acts as payment provider under Google Play Terms of Service.

13.2 Your checkout page and receipt will clearly show who is processing your payment.

14. Other Disclosures

14.1 We may disclose personal data:

(a) To comply with legal obligations, court orders, or government requests;

(b) To protect the rights, property, or safety of Musa Guide, our users, or others;

(c) In connection with a merger, acquisition, or sale of assets (data may transfer to the successor entity); and

(d) With your consent or at your direction.

15. Aggregated Data

15.1 We create Aggregated Data by combining, anonymising, and de-identifying data so that it does not identify any individual, Customer, or specific Tour.

15.2 Aggregated Data may include usage patterns, behavioural trends, demographic insights, visitor flow analysis, and statistical analyses derived from Platform usage and Visitor interactions.

15.3 Musa Guide owns all Aggregated Data. We may use, analyse, publish, license, or sell Aggregated Data for any purpose, including:

(a) Research and academic purposes;

(b) Industry reports and benchmarking;

(c) Provision to government bodies, cultural sector organisations, and tourism authorities;

(d) Commercial licensing to third parties; and

(e) Marketing and promotional purposes.

15.4 Aggregated Data does not identify you personally. The creation and use of Aggregated Data is not subject to data subject rights such as access, deletion, or portability.

16. International Transfers

16.1 Our primary hosting and databases are currently located in the United States (Supabase), with frontend hosting on Vercel's global edge network. Data storage locations may change from time to time.

16.2 Where personal data is transferred outside the UK or European Economic Area, we rely on:

(a) Standard Contractual Clauses (with UK Addendum where applicable);

(b) Transfers to countries with an adequacy decision; or

(c) Other lawful transfer mechanisms.

16.3 AI providers may process data in countries outside the UK or EEA, including the United States. We use reasonable efforts to engage providers that maintain appropriate data protection safeguards.

Part E: Data Retention & Security

17. Data Retention

17.1 We retain personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required by law.

17.2 Specific retention periods:

(a) Tour interaction data (prompts, logs): 12 months, then anonymised or deleted;

(b) Purchase and tax records: At least 6 years as required by law;

(c) Voice audio: Deleted after transcription and delivery, except where retained for safety or legal purposes as described in Section 6.2;

(d) Support emails: Up to 24 months;

(e) Backups: 7 to 30 days depending on configuration; and

(f) Customer Content: Retained while the account is active and for a reasonable period after termination.

17.3 If you request deletion, we delete data from production systems. Residual data in backups is not actively used and is deleted when the backup expires.

18. Data Security

18.1 We use reasonable technical and organisational measures to protect personal data, including:

(a) Encryption in transit and at rest (where supported);

(b) Access controls and role-based access;

(c) Short-lived authentication tokens;

(d) Rate limiting;

(e) Daily encrypted backups;

(f) Monitored infrastructure with tested restore procedures;

(g) Separate staging and production environments;

(h) Code review and automated testing; and

(i) Continuous dependency review.

18.2 Production is hosted on Supabase (AWS-grade infrastructure). Frontend is served on Vercel's edge network.

18.3 No method of transmission or storage is completely secure. We cannot guarantee absolute security.

Part F: Your Rights

19. Your Data Protection Rights

19.1 Under applicable data protection laws, you may have the following rights:

(a) Access: Request a copy of the personal data we hold about you;

(b) Correction: Request correction of inaccurate or incomplete data;

(c) Deletion: Request deletion of your personal data in certain circumstances;

(d) Restriction: Request that we restrict processing of your data in certain circumstances;

(e) Objection: Object to processing based on legitimate interests;

(f) Portability: Request a copy of your data in a structured, machine-readable format; and

(g) Withdraw consent: Where processing is based on consent, withdraw that consent at any time.

19.2 To exercise your rights, email hi@musa.guide . We may ask for information to verify your identity.

19.3 We aim to respond to requests within 30 days. If we cannot fulfil a request, we will explain why.

19.4 You have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO).

Part G: Specific Disclosures

20. Children's Privacy

20.1 Our Platform services for Customers (museums and cultural institutions) require users to be at least 18 years of age. Our Visitor services (accessing tours) are not directed to anyone under 16 years of age.

20.2 We do not knowingly collect personal data from children under 16.

20.3 If you believe we have collected data from a child under 16, contact hi@musa.guide and we will delete it.

21. California Privacy

21.1 If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

21.2 We do not sell or share personal information for cross-context behavioural advertising.

21.3 We honour applicable browser-level opt-out signals such as Global Privacy Control (GPC).

22. Cookies and Analytics

22.1 We use only essential cookies at this time, including:

(a) Authentication cookies set by Supabase; and

(b) Language or locale preference cookies.

22.2 Stripe may set its own cookies on checkout pages for security and payment processing.

22.3 We currently use Vercel Web Analytics, which is privacy-friendly and does not use cookies.

22.4 If we introduce non-essential cookies, we will request consent in the UK and EU before setting them.

22.5 Our mobile apps do not currently use third-party advertising SDKs, and we do not use them to track you across other apps or websites.

23. Marketing

23.1 We only send marketing emails with your consent.

23.2 Every marketing email includes an unsubscribe link. You can also email hi@musa.guide to opt out.

23.3 We may still send transactional messages (receipts, access links, service updates) even if you opt out of marketing.

24. Automated Decision-Making

24.1 We do not make automated decisions that produce legal or similarly significant effects on you.

25. Mobile App Permissions

25.1 Our iOS and Android apps may request permission to access:

(a) Microphone: For voice questions and input;

(b) Camera: For QR code scanning (images are processed in real-time and not stored);

(c) Location: For location-bound tours (to confirm you are at or near the venue); and

(d) Notifications: For service alerts and updates.

25.2 You can change these permissions in your device settings at any time. Our apps respect your choices.

Part H: Changes & Contact

26. Changes to This Policy

26.1 We may update this Privacy Policy from time to time by posting the revised version at https://musa.guide/privacy .

26.2 The "Last updated" date at the top will be revised to reflect the most recent changes.

26.3 We encourage you to review this Privacy Policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

26.4 For material changes, we will endeavour to notify you via email or through the services.

27. Contact Us

27.1 For privacy questions, requests, or complaints, contact us at:

Email: hi@musa.guide

Address: Musa Guide Limited 86-90 Paul Street London, EC2A 4NE United Kingdom

— End of Privacy Policy —