The data it collects on law enforcement grounds is more vague. The policy says Muse Group will capture "data necessary for law enforcement, litigation and authorities' requests (if any)." It may share personal data with "any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary." Data may be shared with potential buyers too.
Users' personal data is stored on servers in the European Economic Area (EEA). However, Muse Group is "occasionally required to share your personal data with our main office in Russia and our external counsel in the USA." Muse Group noted that whenever personal data is "transferred outside the EEA to countries that are not deemed adequate by the European Commission, your Personal Data receives an adequate level of protection in accordance with [the European Union's General Data Protection Regulation]."
The policy states users' IP addresses are "stored in an identifiable way" for a day before they're hashed. That leaves users open to identification through law enforcement or government data requests.
All is not lost for Audacity users who value their privacy and pre-teens who tinker with audio in the app. Some users have been calling for a fork of the software, a new version of the app based on the source code. It wouldn't be surprising to see the community take Audacity in that direction.
Until that fork arrives, privacy-conscious users might want to find alternative software, or at least block Audacity from accessing the internet. After all, it's a desktop app that doesn't have any tangible online functions.