Privacy Policy

Last updated: October 21, 2025

1. Introduction

Bump Lab is operated by All Day Global LLC.

Bump Lab ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our audio processing service.

This policy applies to all users of bumplab.ai and our related services.

2. Information We Collect

Account Information

  • Email address
  • Name (optional)
  • Password (encrypted)
  • Account creation date

Audio Files

  • Uploaded audio files
  • Processed audio files
  • File metadata (duration, format, size)
  • Processing settings and preferences

Payment Information

  • Payment method details (processed securely by Stripe)
  • Billing address
  • Transaction history

Note: We do not store full credit card numbers. All payment processing is handled securely by Stripe.

Usage Data

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and features used
  • Upload and download timestamps
  • Processing duration and status

Communications

  • Support ticket messages
  • Email correspondence
  • Feedback and survey responses

3. How We Use Your Information

Service Delivery

  • Process your audio files
  • Deliver processed files to you
  • Send transactional emails (order confirmations, download links)
  • Provide customer support

Service Improvement

  • Analyze usage patterns to improve our technology
  • Monitor and optimize processing performance
  • Debug technical issues
  • Develop new features

Communication

  • Send important service updates
  • Respond to your inquiries
  • Send marketing emails (only with your consent)

Legal Compliance

  • Comply with legal obligations
  • Prevent fraud and abuse
  • Enforce our Terms of Service
  • Protect our rights and property

4. How Long We Keep Your Data

Audio Files

7 days from processing completion, then automatically deleted.

Account Data

Until you delete your account, plus 30 days for backup purposes.

Transaction Records

7 years (required for tax and accounting purposes).

Usage Logs

90 days with full details, then anonymized for 2 years for analytics.

5. How We Share Your Information

Service Providers

We share data with trusted third parties who help us operate our service:

  • AWS - Cloud hosting, file storage, and processing
  • Stripe - Payment processing
  • SendGrid/Postmark - Email delivery
  • Google Analytics - Website analytics (with your consent)

We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights and safety.

6. Your Rights

Access

Request a copy of your personal data

Correction

Update or correct inaccurate information

Deletion

Delete your account and associated data (self-service available)

Export

Download your data in a portable format (JSON)

Opt-Out

Unsubscribe from marketing emails (one-click)

Object

Object to processing of your data for certain purposes

How to Exercise Your Rights:
Contact us or use the self-service tools in your account settings.

7. Data Security

We implement industry-standard security measures:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Secure authentication and access controls
  • Regular security audits and penetration testing
  • Employee security training
  • Limited access to personal data (need-to-know basis)

However, no system is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.

8. Cookies and Tracking

Essential Cookies

Required for the service to function (authentication, security)

Analytics Cookies

Help us understand how users interact with our site (requires consent)

Marketing Cookies

Used for advertising and retargeting (requires consent)

You can manage your cookie preferences through our cookie consent banner. See our Cookie Policy for details.

9. International Data Transfers

Our servers are located in the United States. If you access our service from outside the US, your data will be transferred to and processed in the United States. We use Standard Contractual Clauses (SCCs) approved by the European Commission to protect EU user data.

10. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected data from a child under 13, we will delete it immediately.

11. California Privacy Rights (CCPA)

California residents have additional rights:

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of sale of personal information (we don't sell data)
  • Right to non-discrimination for exercising these rights

To exercise your CCPA rights, contact us

12. European Privacy Rights (GDPR)

EU/EEA residents have rights under GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the new policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

14. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Privacy Inquiries: Contact Form

General Inquiries: Contact Form

Version 1.0 - Effective October 21, 2025