Privacy Policy

Muse Editor ("we," "our," or "us") is committed to protecting your privacy and writing this policy in plain language. It describes what we collect, why we collect it, who we share it with, and the rights you have over it.

This policy applies to museeditor.com and the Muse Editor application (collectively, the "Service"). By using the Service, you agree to the practices described here.

Definitions

Cookie: a small piece of data placed in your browser by a website. Muse Editor uses cookies only to keep you signed in and to protect form submissions against cross-site attacks. We do not use cookies for analytics, advertising, or tracking.
Company: "Company," "we," "us," and "our" refer to Muse Editor, the entity responsible for your information under this policy.
Country: Muse Editor is operated from Portugal.
You / User: the individual who registers for and uses the Service.
Personal Data: any information that directly or indirectly identifies a natural person.
Service: the Muse Editor website and application.
Processor: a third-party infrastructure provider that processes data on our instructions to deliver the Service (for example, our hosting provider or AI providers). Processors are listed under "Third-party processors" below.

What we collect

When you sign up and use Muse Editor, we collect:

Account information — your email address and a one-way (bcrypt-hashed) representation of your password. We cannot recover or reveal your password.
Manuscript content — every word, character profile, plot beat, world note, document, voice sample, and AI conversation you create within Muse. This is your creative work. We treat it as confidential.
Billing references — if you subscribe, Stripe processes the payment on its own servers. We store only the identifiers Stripe returns to us: your Stripe customer ID, subscription ID, plan tier, and subscription status. We never see or store your card number.
Usage logs — token counts and timestamps for AI calls, used to enforce credit limits and detect abuse. These records do not include the content of your AI calls; they record only the role (editor, writer, etc.), the model used, and the cost.
Technical data — your IP address and user agent are recorded in server logs for security and rate limiting.

We do not collect: your real name (unless you choose to put it in your manuscript), postal address, phone number, date of birth, social-media handles, demographic information, or anything else not listed above.

How we use what we collect

We use your data only to operate and improve Muse Editor:

To authenticate you and keep your account secure.
To store and serve your manuscript when you ask for it.
To send your text to the AI models you invoke (Claude, Gemini, etc.) so they can return results to you. This is described under "Third-party processors" below.
To process payments and manage your subscription via Stripe.
To send transactional email — password resets, trial reminders, billing notices, and important account updates.
To enforce per-tier credit limits.
To prevent abuse and respond to security incidents.

We do not use your data for advertising, profiling, behavioural targeting, or resale. We do not sell, rent, or trade personal data to any third party under any circumstances.

Third-party processors

Running Muse Editor requires sending some of your data to a small number of vetted infrastructure providers. They process the data on our instructions and are bound by their own privacy commitments.

Hetzner (Germany) — hosts our servers and database. Receives all of the data described above.
Anthropic (United States) — provides the Claude models used for editing, brainstorming, planning, and inline drafting. Receives excerpts of your manuscript and AI prompts.
Google (United States) — provides the Gemini models used for prose generation and continuity checks. Receives excerpts of your manuscript and AI prompts.
OpenRouter (United States) — routes requests to the Gemma and DeepSeek classifiers used internally. Receives excerpts of your manuscript and AI prompts.
Perplexity (United States) — handles real-world research queries. Receives your research questions.
OpenAI (United States) — generates embeddings used for search and retrieval. Receives excerpts of your manuscript.
Stripe (Ireland / United States) — processes payments. Receives your email address and card details, which it handles on its own infrastructure and under its own privacy policy.
Resend (United States) — delivers transactional email. Receives your email address and the message body.

Under each provider's standard API terms, the manuscript content we send is not used to train their models. Your creative work is processed solely to return a response to you and is not retained for model improvement.

Where your data lives

Muse Editor is operated from Portugal. Our database and stored files are hosted on Hetzner servers physically located in Germany (EU). The AI and email providers above process data in their own regions, which include the United States. Where data leaves the EU, we rely on the standard contractual clauses each provider publishes for international data transfers.

How long we keep it

Account and manuscript data — kept until you delete your account.
AI usage logs — retained as long as needed for billing reconciliation and abuse detection.
Server logs (IP, user agent) — rotated out on a short cycle.
Backups — encrypted and retained for a limited window for disaster recovery, then irrecoverable.

When you delete your account, we promptly remove your manuscript, characters, world bible, billing references, and email from our active systems. Data residing in encrypted backups ages out on the backup retention cycle.

How we protect it

All connections are encrypted in transit via TLS.
Passwords are stored only as bcrypt hashes — they cannot be recovered.
Server access is restricted to specific named operators using SSH keys.
Card details are handled exclusively by Stripe; they never touch our servers.

No system is invulnerable. If we ever experience a breach that affects your personal data, we will notify you without undue delay, and notify the relevant supervisory authority as required by law.

Your rights

You can, at any time:

Access — request a copy of everything we hold about you.
Correct — change your email or password in the app, or ask us to fix anything else.
Delete — close your account from the Account page (or email us). Your data is removed from active systems immediately; backups age out on their normal cycle.
Export — download your manuscripts and reference documents as .docx, .md, or PDF directly from the app.
Object or restrict — tell us not to process your data in specific ways. If you object to all processing, we cannot continue to provide the Service; you can close your account.

To exercise any of these rights, email hello@museeditor.com. We respond within 30 days. You may also lodge a complaint with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados, CNPD), or with your local EU/EEA supervisory authority.

Cookies

Muse Editor uses cookies only where they are strictly necessary to provide the Service. Specifically:

Session cookie — keeps you signed in while you use the app. It contains an encrypted reference to your session and is removed when you log out or when the session expires.
CSRF token — a security cookie that protects form submissions against cross-site request forgery. It is required for the app to function safely.

We do not use cookies for analytics, advertising, marketing, audience profiling, or any form of tracking. We do not load third-party scripts that set cookies on our domain. Payment is handled by Stripe on its own domain (stripe.com); any cookies set during checkout are governed by Stripe's own privacy policy, not ours.

Blocking and disabling cookies

Because our only cookies are strictly necessary for sign-in and security, blocking them will prevent you from signing in to Muse Editor or submitting forms within the app. We do not set any optional cookies that you could decline without losing access to the Service. Your browser provides controls for blocking or clearing cookies; consult your browser's help menu for details.

Local storage

Muse Editor uses your browser's local storage to remember interface preferences across visits. Specifically, we store: your chosen theme (light or dark), the width of the sidebar and the AI panel, and which sidebar sections you have collapsed or expanded. These values are written and read only by your browser. They are never transmitted to our servers, and they contain no personally identifying information. You can clear local storage at any time from your browser's settings.

We do not use any other tracking technologies — no pixels, no web beacons, no fingerprinting scripts.

Children

Muse Editor is not directed to children. We do not knowingly collect personal data from anyone under 16. If you are a parent or guardian and believe your child has registered, please contact us at hello@museeditor.com and we will delete the account.

Sale of business

If Muse Editor is acquired, merged, or sold, your data may transfer to the acquiring party as part of the transaction. The acquirer remains bound by this policy until they publish a revised one. You will be notified before any material change to how your data is processed, and given the option to delete your account before that change takes effect.

Changes to this policy

We may revise this policy as Muse changes. Material changes will be announced by email to registered users before they take effect. The "Updated" date at the top of this page reflects the most recent revision. If you continue to use the Service after a change, you accept the revised policy; if you don't, you can close your account.

California residents

The California Consumer Privacy Act (CCPA) gives California residents specific rights regarding their personal data. The categories of personal data we collect, the purposes for which we use it, and the third parties with whom we share it are all described above.

If you are a California resident, you may:

Know and access — request the categories and specific pieces of personal information we hold about you.
Delete — request that we delete personal information about you, subject to certain legal exceptions.
Equal service — exercise these rights without being denied service or charged a different price.

To exercise any of these rights, email hello@museeditor.com. We do not sell the personal information of any user, in California or elsewhere.

Governing law

This Privacy Policy is governed by the laws of Portugal. By using Muse Editor, you accept the exclusive jurisdiction of the courts of Portugal for any dispute arising under this policy, without prejudice to any non-waivable consumer rights you hold under the laws of your country of residence.

Contact

Questions, requests, or concerns about this policy? Email hello@museeditor.com.