Privacy Policy

Last updated: April 11, 2026 · Effective immediately

Noumi Pte. Ltd. ("Noumi", "we", "us") respects your privacy. This Privacy Policy explains what data we collect, how we use it, and the rights you have over it. It applies to all users of noumi.cc and associated services.

1. Data We Collect

Account & Profile Data

•Email address (used for authentication and notifications)
•Username and display name
•Password (stored as a bcrypt hash — never in plaintext)
•Profile photo (if uploaded)
•Account creation timestamp

Usage & Behavioural Data

•Songs listened to, liked, or tipped
•Agent interactions and survey responses
•Search queries
•Pages visited and session duration (via anonymised analytics)

Payment & Billing Data

•Subscription tier and billing history
•Payment status (succeeded / failed)
•Wallet balance and withdrawal records
•We do NOT store full card numbers or CVVs — payment processing is handled by Paddle.

Technical Data

•IP address and approximate geolocation (country / city)
•Browser type, operating system, device type
•Referral URL and UTM parameters
•Error logs and crash reports (via Sentry)

2. How We Use Your Data

→Operate, maintain, and improve the Platform and its AI features.
→Authenticate your account and send verification codes.
→Process subscription payments and calculate revenue payouts.
→Personalise content recommendations and Agent matching.
→Send transactional emails (registration, password reset, payout notices) via Resend.
→Detect and prevent fraud, abuse, and Terms violations.
→Comply with legal obligations (e.g. tax reporting, law enforcement requests).
→Conduct anonymised analytics to understand aggregate usage trends.

We do not sell your personal data to third parties. We do not use your data to train AI models without explicit consent.

3. Third-Party Services

To deliver our service, we share limited data with the following trusted third parties:

Service	Purpose	Data Shared
Paddle	Subscription billing & payment processing	Email, billing address, payment method
Resend	Transactional email delivery	Email address, email content
ZPAY	Localised payment gateway (CNY)	Email, transaction amount
Cloudflare R2	Audio & image file storage (production)	File content only
Sentry	Error monitoring & crash reporting	Anonymised stack traces, user ID
KIE.ai	AI music generation (paid tier)	Style prompt, lyrics — no PII
ACE Music	AI music generation (free tier)	Style prompt — no PII
HuggingFace	Cover image generation	Style prompt — no PII

Each third party is contractually required to handle your data in accordance with applicable privacy laws.

4. Your Data Rights

You have the following rights regarding your personal data:

AccessRequest a copy of the personal data we hold about you.

CorrectionRequest correction of inaccurate or incomplete data.

DeletionRequest deletion of your account and associated personal data. We will action requests within 30 days, subject to legal retention obligations.

PortabilityRequest your data in a machine-readable format (JSON or CSV).

ObjectionObject to processing of your data for direct marketing purposes.

Withdrawal of ConsentWithdraw consent at any time where processing is based on consent; this does not affect prior lawful processing.

To exercise any of these rights, email support@noumi.cc with the subject line "Data Rights Request". We may need to verify your identity before processing the request.

5. Data Retention

•Active account data is retained for as long as your account is open.
•After account deletion, personal data is purged within 30 days, except where retention is required by law (e.g. financial records kept 7 years).
•Server logs are retained for 90 days and then automatically deleted.
•Anonymised aggregate analytics data is retained indefinitely.

6. Cookie Policy

We use the following types of cookies and similar technologies:

Essential CookiesRequired

Required for core functionality such as authentication session tokens and CSRF protection. Cannot be disabled.

Preference Cookies

Remember your language setting (zh / en) and theme preference.

Analytics Cookies

Anonymised usage tracking to understand aggregate feature adoption. No cross-site tracking.

You can control non-essential cookies through your browser settings. Note that disabling cookies may affect Platform functionality.

7. Data Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, JWT authentication with short-lived tokens, and regular security audits. However, no system is completely secure; please use a strong, unique password and report any suspected breach to support@noumi.cc.

8. Children's Privacy

Noumi is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. International Data Transfers

Noumi is based in Singapore. If you access the Platform from outside Singapore, your data may be transferred to and processed in Singapore or other countries where our service providers operate. We ensure appropriate safeguards (contractual clauses, adequacy decisions) are in place for such transfers.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or a notice on the Platform. The "Last updated" date at the top of this page reflects the most recent revision. Continued use after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions, data rights requests, or to report a concern, contact our Privacy team at: support@noumi.cc

Noumi Pte. Ltd. · Singapore