← Back to home

Privacy Policy

Effective: March 10, 2026 — this.live LLC

1. Overview

this.live LLC ("we," "us," "our") operates multiple software products and services, including the this.live website, Beacon, Maestro, MaestroAPI, and future products (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect information across all Services.

Individual products may have product-specific privacy policies that supplement this document. Where a product-specific policy exists, it takes precedence for that product.

By using any of the Services, you agree to the practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account information: Name, email address, and password (hashed, never stored in plaintext) when you register for any product.
• Payment information: Processed by Stripe and/or PayPal. We receive only customer IDs and transaction confirmations. We never receive or store raw payment card numbers.
• Content you create: Prompts, messages, documents, configurations, and other content you enter into or generate through the Services.
• Communications: Emails, support requests, and feedback you send us.
• Waitlist and contact forms: Email addresses submitted for product waitlists or inquiries.

2.2 Information Collected Automatically

• Usage data: Features used, pages visited, timestamps, API calls made, and resource consumption.
• Device information: Browser type and version, operating system, IP address.
• Session data: Authentication tokens and session identifiers, stored server-side with appropriate expiry.

2.3 Information from Third Parties

Depending on the product, we may receive data from third-party services including Google (Places API), Stripe, PayPal, Twilio, and LLM providers (OpenAI, Anthropic, Google AI, and others). Each provider's privacy policy governs their data handling.

3. How We Use Your Information

• To provide, operate, maintain, and improve the Services
• To process payments and manage subscriptions
• To authenticate your identity and secure your account
• To send transactional communications (account confirmations, billing, security alerts)
• To send product updates and marketing communications (only with your consent; you may opt out at any time)
• To process AI requests and route them to appropriate models
• To monitor for abuse, fraud, and Terms violations
• To comply with legal obligations

We do not sell your personal information to third parties.

4. Data Processing and AI Services

Several of our products process your data through AI models:

• Beacon: Prompts and lead data are sent to OpenAI's API to generate content. OpenAI's API data is not used to train their models by default.
• MaestroAPI: Your prompts are routed to the optimal model (cloud or local). When routed to cloud providers, your data is subject to that provider's privacy policy. When routed to local models, your data stays on our infrastructure.
• Maestro (self-hosted): Data processed by self-hosted Maestro stays on your own infrastructure. We have no access to it.

We do not use your prompts, API inputs, or generated outputs to train our own models unless you explicitly opt in to a data sharing program.

5. Third-Party Services and Data Sharing

We share data with service providers strictly as necessary:

• Cloud LLM Providers (OpenAI, Anthropic, Google AI, and others): Prompts and context for AI processing. Each provider's privacy policy applies.
• Google (Places API): Search queries for lead discovery (Beacon).
• Stripe / PayPal: Payment processing. Both are PCI-DSS compliant.
• Twilio: SMS and voice communications (Beacon).
• Railway: Application hosting and database services.
• Cloudflare: DNS, CDN, and DDoS protection for this.live.

We may disclose information if required by law, regulation, subpoena, court order, or governmental request, or if necessary to protect our rights or the safety of others.

6. Data Security

• All passwords are hashed with bcrypt and never stored in plaintext.
• All data is transmitted over HTTPS (TLS 1.2+).
• API keys and credentials are stored in encrypted vaults.
• Database access is restricted and not publicly accessible.
• We implement rate limiting, CSRF protection, and security headers.
• Administrative access requires multi-factor authentication.

No system is 100% secure. If you discover a security vulnerability, please disclose it responsibly to security@mail.this.live.

7. Data Retention

• Account data: Retained for the life of your account plus 30 days after deletion.
• API logs: Request metadata retained for up to 90 days. Prompt content is not logged by default.
• Payment records: Retained for 7 years per applicable tax and financial recordkeeping laws.
• Waitlist submissions: Retained until the product launches or you request removal.
• Usage analytics: Aggregated data retained indefinitely. Individual-level data retained up to 12 months.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of your personal information.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Restriction: Request restriction of processing in certain circumstances.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing for specific purposes.

To exercise any right, contact legal@mail.this.live. We will respond within 30 days and may request identity verification.

9. California Residents (CCPA/CPRA)

California residents have additional rights under the CCPA as amended by the CPRA:

• Right to know what personal information is collected, used, shared, or sold.
• Right to delete personal information.
• Right to opt out of the sale or sharing of personal information.
• Right to correct inaccurate personal information.
• Right to limit use of sensitive personal information.
• Right to non-discrimination for exercising privacy rights.

We do not sell or share personal information as defined by the CCPA/CPRA. Contact legal@mail.this.live to exercise your rights.

10. International Data Transfers

The Services are operated from the United States. If you access them from outside the US, your information will be transferred to and processed in the United States, where data protection laws may differ from your jurisdiction. By using the Services, you consent to this transfer.

11. Cookies and Tracking

The this.live website does not use cookies or tracking scripts. Product applications (such as Beacon) use session cookies strictly necessary for authentication. We do not use third-party tracking cookies, behavioral advertising, or analytics trackers across any of our properties.

Do Not Track: We honor DNT browser signals. We do not engage in cross-site tracking.

12. Children's Privacy

The Services are not directed at individuals under 18. We do not knowingly collect personal information from children under 13 (or under 16 in applicable jurisdictions). If you believe we have collected information from a child, contact legal@mail.this.live and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy periodically. For material changes, we will notify registered users by email at least 30 days before the change takes effect. The effective date at the top of this page indicates when the policy was last revised.

14. Contact

Questions or concerns? Contact us at legal@mail.this.live

this.live LLC
Storrs Mansfield, CT