TYFRA

Privacy Policy

Last updated: 23 April 2026

Contact · tyfra.com — operated by Vuhze Technologies, Newcastle upon Tyne, England

This Privacy Policy explains how TYFRA (operated by Vuhze Technologies) collects, uses, and protects your personal data when you use our platform. We are committed to handling your information with care and in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We will never sell your personal data to any third party. Ever.

1. Who we are

TYFRA is operated by Vuhze Technologies, based in Newcastle upon Tyne, England. We are the data controller for personal data collected through tyfra.com.

For any questions or data requests, contact us at:

2. What data we collect

When you register or use TYFRA, we may collect:

  • Your name and email address
  • Your password (stored in encrypted form — we never store plain-text passwords)
  • Billing information (processed securely by our payment provider — we do not store your card details)
  • Profile information you choose to provide, such as your artist name, genre, or role in the music industry
  • Files and content you upload to the platform (tracks, stems, contracts, documents)
  • Usage data — which features you use, when you log in, pages visited
  • Technical data — IP address, browser type, device type, and session data for security and platform functionality

What we do not collect

  • We do not access, read, or analyse the content of files you upload unless you explicitly ask us to (for example, using the Learnea AI assistant on your own data)
  • We do not collect or store your payment card numbers — these are handled entirely by our payment processor
  • We do not collect data from children under 13. TYFRA is not intended for use by anyone under 13 years of age

3. Why we collect your data (lawful basis)

Under UK GDPR, we must have a lawful reason to process your personal data. Here is what applies to each type of processing.

To deliver our service (contract performance)

  • Running your account and providing platform features
  • Sending you transactional emails (password resets, invoices, account notifications)
  • Processing payments

To operate and improve our platform (legitimate interests)

  • Monitoring platform performance and fixing bugs
  • Detecting and preventing fraud or abuse
  • Improving features based on aggregated, anonymised usage patterns

To comply with the law (legal obligation)

  • Keeping financial records as required by HMRC
  • Responding to lawful requests from regulatory authorities

With your consent

  • Sending you marketing emails or newsletters (you can unsubscribe at any time)
  • Setting non-essential cookies

4. How long we keep your data

  • Account data: retained for as long as your account is active, plus 90 days after deletion to allow for recovery
  • Financial records: retained for 7 years as required by UK law
  • Support communications: retained for 2 years
  • Server logs (IP addresses, session data): retained for 90 days
  • Files you upload: deleted when you delete them or close your account (within 30 days)

5. Who we share your data with

We only share your data with third-party service providers who help us run TYFRA, and only to the extent necessary for that purpose. We do not sell, rent, or trade your data.

Our current data processors include

  • Render.com — our hosting provider (servers based in the EU/US)
  • Amazon Web Services (SES) — for sending transactional and notification emails
  • Our payment processor — for handling subscription billing (card data never touches our servers)

All processors are bound by data processing agreements and are obligated to keep your data secure.

We may also disclose your data if:

  • Required to do so by law or by a court order
  • Necessary to protect the rights, property, or safety of TYFRA, our users, or the public

6. International transfers

Some of our service providers are based or process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place (such as UK adequacy decisions or Standard Contractual Clauses) to protect your data in line with UK GDPR requirements.

7. Your rights under UK GDPR

You have the following rights over your personal data. To exercise any of these, contact us at privacy@tyfra.com.

  • Right to access — you can request a copy of the personal data we hold about you
  • Right to rectification — you can ask us to correct inaccurate or incomplete data
  • Right to erasure — you can ask us to delete your data (subject to legal obligations)
  • Right to restrict processing — you can ask us to pause how we use your data
  • Right to data portability — you can request your data in a machine-readable format
  • Right to object — you can object to processing based on legitimate interests
  • Right to withdraw consent — where we rely on consent, you can withdraw it at any time

We will respond to all valid requests within 30 days. There is no charge for making a request.

8. Cookies

We use cookies to make the platform work and, with your consent, to understand how it is being used. See our Cookie Policy for full details.

Essential cookies (no consent required)

  • Session cookies — keep you logged in during your visit
  • Security cookies (CSRF tokens) — protect against cross-site request forgery attacks

Optional cookies (with your consent)

  • Analytics cookies — help us understand which pages and features are most useful

9. Security

We take the security of your data seriously. We use industry-standard measures including:

  • Encrypted connections (HTTPS/TLS) across the entire platform
  • Encrypted password storage (hashed and salted — we cannot see your password)
  • Access controls — staff access to personal data is limited to what is necessary
  • Regular security monitoring

No system is 100% secure. In the unlikely event of a data breach that is likely to affect your rights, we will notify you and the Information Commissioner's Office (ICO) within 72 hours as required by UK GDPR.

10. Complaints

If you are unhappy with how we have handled your data, please contact us first at privacy@tyfra.com and we will do our best to resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator:

11. Changes to this policy

We may update this policy from time to time. If we make significant changes, we will notify you by email or by a notice on the platform. The "last updated" date at the top of this document will always reflect when changes were made.

12. Contact us

If you have any questions about this Privacy Policy or how we handle your data: