POLICY · v3.2

Privacy at Session™ Vault.

True right now. Verifiable in your account. Your music, your keys, your call. We hold the ciphertext. You hold what unlocks it. Below: every piece of data that touches us, in the order it touches us, with no gloss.

EFFECTIVE JUN 12, 2026 LAST UPDATED MAY 09, 2026 READ TIME 9 MIN

The sixty-second version

  • Encryption happens on your laptop. We never hold the keys.
  • AI runs on hardware we own. Your audio never reaches a third-party model API.
  • We don't train on your music. Not now. Not later. Not for any reason.
  • Sign in with email, password, and 2FA.
  • Account metadata and billing data. That's our line.
  • Subpoenas get metadata. Encrypted files stay encrypted.

Who we are

Session™ Vault is a product of Capiscana, Inc., an Illinois corporation. We build a private home for the music you haven't released , and the music you have.

This policy covers vault.session.am, the iOS app, the Mac and Chrome companions, and the APIs they speak to. It does not cover third-party tools you choose to plug in , DAWs, distributors, mailing services. Those are governed by their own policies.

What we collect

Four buckets. They are not treated the same.

Your content , encrypted, opaque to us

  • Audio: masters, stems, Atmos renders, binaural derivatives
  • Text: lyrics, session notes, private credits, draft titles
  • Structure: folders, playlists, tags, cover art
  • Share recipients and the policies you attach to each share

When you turn on encryption, every byte above is sealed on your device with a key derived from your password. Our servers see ciphertext only. Our staff cannot decrypt it. There is no master override.

Account metadata , we can see this

  • Email, display name, tier, billing source
  • Login events, 2FA enrollments
  • Storage totals, file counts, last-active timestamps
  • Audit log entries , every share, every key rotation, every E2EE event, signed-chained so tampering is detectable

Operational telemetry , anonymized

  • Crash reports, latency distributions, performance counters
  • Feature-usage counters, scoped to active workspace , not user

Recipient signals , about people you share with

When you send a track to someone, the share landing logs opens, plays, listen-time, hashed IP, and a city/country lookup per recipient. This is data about your recipients, not you. We collect it on your behalf , you read it under Recipients and Hot Leads. Your NDA discloses it to them. We never repurpose or resell it.

We do not collect: behavioural ad signals, third-party trackers, location beyond city level, or any audio fingerprint that ties content to anyone outside your own catalog.

How encryption works

Every file gets a 256-bit AES key. That key is wrapped by your master key. Your master key is wrapped by a KEK derived from your password through 600,000 rounds of PBKDF2-SHA256. The math runs in your browser. The plaintext password never leaves the page.

SYMMETRICAES-256-GCM, 1 MB chunks, per-chunk nonces, AAD-bound
KEY DERIVATIONPBKDF2-HMAC-SHA256, 600,000 iterations, 32-byte random salt
MASTER KEY256-bit AES, generated in your browser, non-extractable CryptoKey
CONTENT KEYSRandom per track, wrapped with your master key
RECOVERY CODE32 chars Crockford Base32 (no I/L/O/U), generated client-side, shown once
ESCROW (OPT-IN)Master key wrapped against an air-gapped RSA-4096 hardware key
TRANSPORTTLS 1.3, HSTS preload, certificate transparency
INTEGRITYSRI on every cryptography script the page loads

Three ways back in: your password, your recovery code, or , if you opted in , a documented escrow request that decrypts against an offline key kept on hardware that has never seen a network. If you have none of those, you have nothing. We are not the friction here. The math is.

AI & analysis

Your audio gets analyzed in two places, depending on a switch you control.

End-to-end encryption on , zero analysis.

The server holds ciphertext. No BPM, no key, no genre, no separation , none of it is possible without the master key, and we don't have the master key. Lyrics, suggestions, cover art, stems, mixes: all skipped. The price of the strongest privacy tier is the loss of every server-side feature.

End-to-end encryption off , server-side analysis.

Workers on our control-plane host (Hetzner CCX23, Ashburn, Virginia) read bytes from B2, decrypt with the server-held account key, run the pipeline, write outputs back, and forget the plaintext when the worker exits. The audio is not retained beyond worker memory. It is not logged. It is not read by humans except where a documented incident requires it , and we tell you, by name, when that happens.

What the workers do:

  • Tempo, key, mood, energy
  • Genre classification (32 SV genres, every upload)
  • Lyric transcription, synced to playback
  • Stem separation, four-stem
  • Cover art generation (no-retention contract with our compute vendor)
  • AI Atmos, AI Mix Stereo, AI Mix Multi-Stem
  • AI Cleans: mute, reverse, or bleep explicit words at marked timestamps
  • Semantic search across your library
  • Bulk-edit intent parsing (no-retention contract)

Not used for training. Not sent to model APIs that retain inputs. The third-party calls we make (Gemini for cover art and bulk-edit parsing) run under contracts that prohibit retention or training.

Corpus training , the moat.

The AI Mix engine learns from the metadata in your catalog: ADM XML placement summaries for Atmos masters, LUFS and spectral aggregates for stereo. The walker runs locally on your hardware. The audio bytes never leave your machine. What lands on our servers is an encrypted summary, wrapped against a key you hold. We can't reconstruct your mixes from what we hold. We can't audition them. We can train your personal mix prior , and only yours , from what you give us.

Switch is at Settings → Privacy → Compute.

Sharing & recipients

Each share is a token. The track is wrapped to that token's policy: optional NDA gate, optional download lock, optional expiry, optional watermark. Revoke any of it at any time. Revocation rotates the token and severs streaming access on the next request.

Watermarked downloads carry an inaudible per-recipient stamp. If a track leaks, Leak Lookup matches the leak back to the stamp. We tell you who. You decide what.

Recipients see the NDA before they hit play, where you require one. The NDA is between you and them. Vault stores the signed timestamp, IP, and email , not as a party, as a witness.

Third parties

A short list. Audited. None of them have access to plaintext audio.

CLOUDFLARECDN, TLS termination, DDoS. In front of every request.
BACKBLAZE B2Primary object storage. Phoenix, AZ. Encrypted blobs only. Async-replicated to Frankfurt for DR.
HETZNERControl plane and AI workers. Ashburn, VA. SQLite database; auth, presign, billing, analysis.
STRIPESubscription billing. Email + payment metadata. Card numbers never reach us.
GOOGLE WORKSPACETransactional email , receipts, share notifications, security alerts.
GEMINI (GOOGLE)Cover art generation, bulk-edit parsing. No-retention contract.
MAXMIND GEOLITE2Country/city lookup for share analytics. Offline database; no per-request network call.

The full list, with DPA links and data-residency notes, lives at vault.session.am/legal/subprocessors. We email and post in-app at least 30 days before adding any new subprocessor.

Retention & deletion

Two paths.

Track-level.

Delete a track. It moves to Trash. Trash holds for 30 days, restorable with one click. After 30 days, the wrapping key is destroyed. Every ciphertext copy of that file , primary, replica, backup , becomes math nobody can solve. We call this cryptographic shred. It is irreversible.

Account-level.

Close your account at Settings → Account → Delete. We open a seven-day cooling-off window. Cancel during the window if you change your mind. After it closes, we destroy your master key, queue every track for shred, and purge billing records to the legal minimum (seven years for tax law, hash-only after that). The audit log keeps signed hashes , never plaintext entries , for 90 days for fraud and abuse, then drops them.

Your rights

GDPR, CCPA/CPRA, and the dozen state laws that have followed give you four moves: see what we hold, fix what's wrong, take a copy, ask us to delete it. Most of this is already a button.

Self-serve at Settings → Privacy → Data: export, correction, deletion. Export ships every account record we have, including the ciphertext , you keep your keys, you keep your music.

Anything not covered there: [email protected]. We respond inside the statutory window , 30 days for most requests, 45 if we need an extension and tell you why.

You can also lodge a complaint with your local data-protection authority. We won't take it personally.

Contact

Privacy & data requests: [email protected]
Security disclosures: [email protected]
Mailing address: Capiscana, Inc. · 2222 Chestnut Avenue, Suite 201 · Glenview, IL 60026 · USA

When this policy materially changes, you get an in-app banner and an email at least 30 days before it takes effect. The previous version stays archived at vault.session.am/legal/privacy/history.