Skip to main content
RITHM MUSIC ยท THEORY ยท MKยทI
SIGNAL
ROUTING OK
โ–บ LOG IN โ–ถ SIGN UP
PANEL ยท PRIVACY

Privacy Policy

Last updated: May 14, 2026

Overview

RITHM (rithm.games) is an independent music theory learning platform operated by Ryan Keys. This policy explains, in plain language, what personal information we collect when you use the site, why we collect it, who we share it with, and what choices you have. If anything here is unclear, email support@rithm.games and we will answer directly.

You can browse RITHM and play every game without creating an account. Creating an account is optional and exists to save your progress across devices.

Information We Collect

Information you give us

  • Account details โ€” when you register, we store your chosen username, your email address, and a hashed password. We never store your password in plain text.
  • Profile details โ€” anything you optionally add: profile picture, display name, bio, privacy preferences, and friend list.
  • Messages โ€” if you message another user, we store the message text and timestamps so the conversation can be displayed.
  • Subscription details โ€” if you upgrade to Pro, our payment processor (Stripe) stores your billing information. We store only a reference to your Stripe customer record and your current plan status. We do not see or store your card number.

Information we collect automatically

  • Game stats โ€” when you play, we record per-game and per-difficulty stats (attempts, correct answers, best streaks, accuracy, recent practice sessions). This is what drives leaderboards, achievements, and your personal progress.
  • Curriculum progress โ€” which lesson tasks you have completed in the 24-week curriculum.
  • Session and login data โ€” a session cookie that keeps you logged in, a CSRF cookie that protects forms from cross-site abuse, and the timestamp of your last activity (used to show whether friends are online).
  • Server logs โ€” standard request logs containing your IP address, browser user-agent, and the URL you visited. These are used to operate the site and diagnose errors. We do not maintain a long-term log of your browsing history.

How We Use Your Information

We use the information above only to:

  • Operate the site, keep you logged in, and save your progress.
  • Show leaderboards, achievements, and the friend system you opted into.
  • Send transactional email such as account verification, password resets, and (if you have a Pro subscription) billing receipts.
  • Diagnose bugs, monitor uptime, and improve the platform.
  • Display ads to non-Pro users (see Third-Party Services).

We do not sell your personal information, and we do not share it with third parties for their own marketing.

Cookies

RITHM uses a small number of cookies, all of which can be cleared from your browser at any time:

  • sessionid โ€” keeps you logged in. Set when you sign in; cleared when you log out.
  • csrftoken โ€” protects forms from cross-site request forgery. Required by the platform.
  • theme and other UI preferences โ€” stored in your browser's local storage, not on our servers, to remember whether you prefer dark or light mode and panel collapse states.
  • Google AdSense cookies โ€” when ads are served, Google may set cookies for ad delivery and measurement. Pro users do not see ads and are not served these cookies.

Third-Party Services

We use a small set of vetted third-party services. Each receives only the data necessary for its function:

  • Resend โ€” sends transactional email (verification, password resets, receipts). Receives the recipient's email address and the email body.
  • Stripe โ€” processes Pro subscription payments. Receives your billing details and a reference to your account. See Stripe's privacy policy for details.
  • Google AdSense โ€” serves ads to non-Pro users. Google may use cookies and your IP address to deliver relevant ads. You can manage Google's ad personalization at adssettings.google.com.
  • Cloudflare Turnstile โ€” a non-tracking CAPTCHA used on the signup form to block automated abuse.
  • Sentry โ€” receives error reports (stack traces, request paths, and a hashed user identifier) when something goes wrong, so we can fix bugs.
  • Hosting provider โ€” the site is served from Railway/Heroku-class infrastructure. Standard server logs are retained there.

Data Retention

Account data (profile, stats, curriculum progress) is kept as long as your account exists. Server request logs are kept for a rolling window of approximately 30 days for operational and security purposes. Stripe records are retained according to Stripe's own retention policies and applicable financial regulations.

Your Rights and Choices

  • Access and correction โ€” log in and visit your profile to view and edit your account details.
  • Privacy settings โ€” control whether your profile is public, friends-only, or private from your profile settings.
  • Account deletion โ€” email support@rithm.games from the address on file to request deletion of your account and associated data. We will confirm and complete the deletion within 30 days.
  • Marketing email โ€” RITHM does not send marketing email. The only email you will receive is transactional (verification, password resets, billing receipts).
  • Ad personalization โ€” opt out of personalized Google ads via Google Ad Settings, or remove ads entirely by upgrading to Pro.

If you are in the European Economic Area, the United Kingdom, or California, you may have additional rights under the GDPR, UK GDPR, or CCPA respectively, including the right to data portability and the right to object to certain processing. Contact us at support@rithm.games to exercise these rights.

Children

RITHM is suitable for general audiences, but the service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us and we will delete it.

Security

We use HTTPS everywhere, hash passwords with industry-standard algorithms, restrict access to production systems, and rely on reputable hosting and payment infrastructure. No internet service is perfectly secure, but we take the protection of your data seriously.

Changes to This Policy

If we change this policy, the "Last updated" date at the top will change with it. Material changes will be announced on the site or by email to registered users.

Contact

Questions about this policy or your data should go to support@rithm.games.