Welles

Legal

Privacy Policy

Last updated May 11, 2026

Welles is built by Lonely Hearts Club. This policy describes the data we collect when you use the Welles macOS app, the marketing site, and the hosted backend that powers AI features and shared recordings. Read it before you sign in; if there's anything you'd change, write to us at hello@lonelyheartsclub.xyz.

1. What we collect

  • Account data — your email address, the timestamp at which you signed up, and authentication tokens needed to keep you signed in across launches.
  • Usage events — counts of recordings made, AI features invoked, and exports queued, used to enforce free-trial limits and to bill metered AI usage. We do not log the content of your recordings or scripts in this stream.
  • Desktop app analytics — privacy-safe product events such as app opens, sign-in state, billing actions, recording starts/completions/failures, exports, hosted shares, and share updates. Signed-in accounts also send email address and display name, when available, to create a readable PostHog profile. These events can be turned off in Welles Settings.
  • Marketing-site analytics — page views, referrers, campaign parameters, and clicks on navigation, download, checkout, and contact links on welles.studio. If you enter an email to start checkout, we use it to create or update the same kind of readable PostHog profile. We use PostHog for this and respect browser Do Not Track signals.
  • Content you upload — when you create a hosted share, the rendered MP4 and any sidecar metadata (captions, edit state) are stored on our infrastructure for as long as the share link is active. You can delete a share at any time and the file is removed.
  • Payment data — handled entirely by Stripe. We never see your full card number; we receive a customer ID, the plan you subscribed to, and event metadata sufficient to grant you access.
  • Diagnostic data — anonymous error reports and performance traces if you opt in. Off by default.

2. What we don't collect

Local recordings live on your Mac in ~/Library/Application Support/Welles/Recordings. They are not uploaded anywhere unless you explicitly create a share or invoke an AI feature on them. We have no access to recordings that never leave your device. The macOS app does not send recording content, filenames, prompts, transcripts, share URLs, or share tokens to PostHog, and it does not run autocapture, session replay, or advertising analytics.

3. How we use your data

  • Authenticate you across sessions and devices.
  • Enforce free-trial limits and entitlements (one trial recording per account).
  • Process payments and manage subscriptions through Stripe.
  • Render shared videos when someone opens a share link.
  • Power AI features (script generation, voiceover, music) by sending only the data the model needs and only when you invoke them.
  • Investigate bug reports you send us, on a per-incident basis.

4. Subprocessors

We use a small set of trusted vendors to operate Welles — for authentication, payment processing, AI model inference, product and marketing analytics, and hosting. Each one only receives the data needed for the function it performs. The current list is available on request; email us at hello@lonelyheartsclub.xyz if you require it under a contractual sub-processor consent right and we'll send it along with notification when it changes.

5. Data retention

Your account, billing history, and usage events are retained while your account is active and for 12 months after deletion to satisfy tax, accounting, and abuse-prevention obligations. Hosted shares are retained until you delete the share or the account. Diagnostic data is retained for 30 days.

6. Your rights

Regardless of where you live, you can request access to, correction of, export of, or deletion of your data by emailing hello@lonelyheartsclub.xyz. We respond within 30 days. Residents of the EEA, UK, and California have additional rights under GDPR / UK GDPR / CCPA respectively, which we honour even when not legally required to.

7. Security

Data in transit is encrypted with TLS 1.2+. Authentication tokens are stored in macOS Keychain. Subscriber records and uploaded files are encrypted at rest by our hosting provider. We do not log full bearer tokens, payment instrument numbers, or content of AI prompts.

8. Children

Welles is not directed at anyone under 13 (16 in the EEA) and we do not knowingly collect data from children. If you believe we have, write to us and we'll delete it.

9. Changes to this policy

We'll update the "last updated" date when this policy changes. Material changes — like adding a new subprocessor that receives content data — get an email to your account address before they take effect.

10. Contact

Lonely Hearts Club LLC, Brooklyn, NY.
Email: hello@lonelyheartsclub.xyz