Mythic Text is operated by Beyond All The Noise LP ("we," "us," "our," or "Company"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our Mythic Text API service (the "Service") and related websites, applications, and services.
1.1 Information You Provide
- Account Information: Name, email address, company name, billing information, and authentication credentials
- Content Data: Markdown files, text content, and formatting preferences you submit to our API
- Payment Information: Credit card details, billing address, and transaction history (processed by third-party payment processors)
- Communications: Messages, feedback, and support requests you send to us
- Profile Information: Optional profile details, preferences, and integration settings
1.2 Information We Collect Automatically
- Usage Data: API calls, request/response logs, feature usage, error logs, and performance metrics
- Device Information: IP addresses, browser type, operating system, device identifiers, and network information
- Log Data: Server logs, access times, pages viewed, referring URLs, and crash reports
- Cookies and Tracking: Session cookies, authentication tokens, and analytics data
- Geolocation Data: General location information derived from IP addresses
1.3 Information from Third Parties
- Integration Partners: Data from Zapier, webhooks, and other connected services
- Authentication Providers: Information from OAuth providers (Google, GitHub, etc.)
- Payment Processors: Transaction and billing information from payment providers
- Analytics Providers: Usage statistics and performance data
2.1 Service Provision
- Process API requests and convert markdown content to email formats
- Maintain user accounts and provide customer authentication
- Process payments and manage billing
- Provide customer support and respond to inquiries
- Monitor service performance and ensure reliability
2.2 Service Improvement
- Analyze usage patterns to improve service functionality
- Develop new features and enhance existing capabilities
- Conduct research and analytics to optimize performance
- Debug issues and fix technical problems
- Test new features and conduct A/B testing
2.3 Communication
- Send service-related notifications and updates
- Provide technical support and customer service
- Send security alerts and important service announcements
- Share product updates and new feature announcements (with consent)
- Respond to legal requests and regulatory requirements
2.4 Legal and Security
- Comply with legal obligations and regulatory requirements
- Prevent fraud, abuse, and unauthorized access
- Enforce our Terms of Service and other policies
- Protect the rights, property, and safety of users and third parties
- Investigate and respond to security incidents
3.1 We Do Not Sell Personal Information
We do not sell, rent, or trade your personal information to third parties for monetary consideration.
3.2 Service Providers
We share information with trusted third-party service providers who assist us in operating our service:
- Cloud Infrastructure: AWS, Google Cloud, or similar providers for hosting and data storage
- Payment Processing: Stripe, PayPal, or other payment processors
- Analytics: Google Analytics, Mixpanel, or similar analytics services
- Customer Support: Help desk and communication platforms
- Security: Security monitoring and fraud prevention services
3.3 Legal Requirements
We may disclose information when required by law or when we believe disclosure is necessary to:
- Comply with legal process, subpoenas, or court orders
- Respond to government requests or regulatory inquiries
- Enforce our Terms of Service or other agreements
- Protect the rights, property, or safety of our users or the public
- Prevent or investigate fraud, security breaches, or illegal activities
3.4 Business Transfers
In the event of a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity as part of the business assets.
4. Data Security
4.1 Security Measures
We implement comprehensive security measures to protect your information:
- Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Access Controls: Role-based access controls and principle of least privilege
- Authentication: Multi-factor authentication for administrative access
- Monitoring: 24/7 security monitoring and incident response
- Infrastructure: Secure cloud infrastructure with regular security audits
- Employee Training: Regular security training for all personnel
4.2 Data Processing Security
- API requests processed in secure, isolated environments
- Temporary processing data automatically deleted after completion
- Regular security assessments and penetration testing
- Incident response procedures and data breach protocols
5. Data Retention
5.1 Retention Periods
- Account Data: Retained for the duration of your account plus 30 days after closure
- Content Data: Processed content automatically deleted within 24 hours unless explicitly saved
- Log Data: API logs retained for 90 days for debugging and analytics
- Billing Data: Retained for 7 years for tax and legal compliance
- Support Communications: Retained for 3 years for quality assurance
- Security Logs: Retained for 1 year for security monitoring
5.2 Data Deletion
When retention periods expire or upon your request, we securely delete your information using industry-standard data destruction methods.
6. Your Rights and Choices
6.1 Account Management
- Access: View and download your account information and data
- Correction: Update or correct inaccurate personal information
- Deletion: Request deletion of your account and associated data
- Portability: Export your data in a structured, machine-readable format
- Restriction: Limit how we process your information
6.2 Communication Preferences
- Opt out of marketing communications (service communications may continue)
- Choose notification preferences and frequency
- Update communication channels and contact information
6.3 Exercising Your Rights
To exercise these rights, contact us through our contact page. We will respond within 30 days and may require identity verification.
7. Cookies and Tracking Technologies
7.1 Types of Cookies
- Essential Cookies: Required for authentication and basic functionality
- Analytics Cookies: Help us understand how users interact with our service
- Preference Cookies: Remember your settings and preferences
- Security Cookies: Detect suspicious activity and prevent fraud
7.2 Cookie Management
You can control cookies through your browser settings. Disabling essential cookies may affect service functionality.
7.3 Other Tracking Technologies
- Web beacons and pixels for analytics
- Local storage for application data
- Session tokens for authentication
8. Third-Party Integrations
8.1 Integration Partners
Our service integrates with third-party platforms including Zapier, webhooks, and other automation tools. When you use these integrations:
- You authorize data sharing with the integrated service
- The third party's privacy policy governs their use of your data
- We are not responsible for third-party data practices
- You can revoke integration access at any time
8.2 API Usage by Third Parties
If you integrate our API into your applications, you are responsible for complying with applicable privacy laws regarding your users' data.
9. International Data Transfers
9.1 Cross-Border Transfers
We may transfer your information to servers located outside your country of residence. When we do:
- We ensure adequate protection through appropriate safeguards
- We use Standard Contractual Clauses (SCCs) where required
- We comply with applicable data transfer regulations
- We maintain the same level of protection regardless of location
9.2 Data Processing Locations
Your data may be processed in the United States and other countries where our service providers operate.
10. Children's Privacy
10.1 Age Restrictions
Our service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13.
10.2 Parental Notice
If we learn that we have collected information from a child under 13 without parental consent, we will delete that information immediately.
10.3 Teen Users (13-17)
Users between 13-17 years old should have parental permission before using our service.
11. GDPR Compliance (European Users)
11.1 Legal Basis for Processing
- Contract Performance: Processing necessary to provide our service
- Legitimate Interest: Service improvement, security, and analytics
- Legal Obligation: Compliance with applicable laws
- Consent: Marketing communications and optional features
11.2 Your GDPR Rights
- Right to be informed about data processing
- Right of access to your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making
11.3 Data Protection Officer
For GDPR-related inquiries, contact us through our contact page with "GDPR" in the subject line.
11.4 Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.
12. CCPA/CPRA Compliance (California Users)
12.1 California Consumer Rights
If you are a California resident, you have the right to:
- Know: What personal information we collect, use, and share
- Access: Request a copy of your personal information
- Delete: Request deletion of your personal information
- Correct: Request correction of inaccurate information
- Opt-Out: Opt out of the sale or sharing of personal information
- Limit: Limit use of sensitive personal information
- Non-Discrimination: Equal service regardless of privacy choices
12.2 Personal Information Categories
We collect the following categories of personal information:
- Identifiers (name, email, IP address)
- Commercial information (purchase history, usage data)
- Internet activity (browsing history, interactions)
- Professional information (company, job title)
- Inferences drawn from other personal information
12.3 Sale and Sharing
We do not sell personal information. We may share information for business purposes as described in this policy.
12.4 Exercising California Rights
To exercise your California rights, contact us through our contact page with "California Privacy Rights" in the subject line.
13. Automated Decision-Making
13.1 Automated Processing
We use automated systems for:
- Content processing and format conversion
- Fraud detection and security monitoring
- Usage analytics and performance optimization
- Rate limiting and abuse prevention
13.2 Human Review
You have the right to request human review of automated decisions that significantly affect you.
14. Data Breach Notification
14.1 Incident Response
In the event of a data security incident:
- We will investigate and contain the incident immediately
- We will assess the risk to personal information
- We will notify affected users within 72 hours if required by law
- We will notify relevant authorities as required
- We will provide regular updates on our response
14.2 Notification Content
Breach notifications will include:
- Description of the incident and affected data
- Likely consequences and potential risks
- Measures taken to address the breach
- Recommended actions for affected users
- Contact information for further questions
15. Changes to This Policy
15.1 Policy Updates
We may update this Privacy Policy periodically to reflect:
- Changes in our data practices
- New legal requirements
- Service improvements and new features
- Industry best practices
15.2 Notification of Changes
We will notify you of material changes by:
- Updating the "Last Updated" date
- Sending email notifications for significant changes
- Posting notices on our website
- Requiring acceptance for material changes
15.3 Continued Use
Your continued use of our service after policy changes constitutes acceptance of the updated terms.
This Privacy Policy is effective as of January 1, 2025, and applies to all users of the Mythic Text service operated by Beyond All The Noise LP.