Privacy Policy

We collect different types of information to provide you with the best possible service and ensure the security of your account.

Information You Provide Directly

• Account Information: Name, email address, username, password, profile photo, and artist bio
• Artist Profile Data: Stage name, genre, social media links, biography, and promotional materials
• Payment Information: Bank account details, PayPal email, tax identification numbers (processed securely through our payment partners)
• Music Content: Audio files, artwork, metadata (song titles, album names, release dates), and lyrics
• Communication Data: Messages sent through our support system, feedback, and survey responses

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on platform, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers, and screen resolution
• Location Data: General geographic location based on IP address (country and city level)
• Performance Analytics: Stream counts, listener demographics, engagement metrics, and revenue data

We use your personal information for the following purposes, always in accordance with applicable data protection laws:

Service Delivery & Account Management

• Creating and maintaining your user account
• Processing and distributing your music to streaming platforms (Spotify, Apple Music, YouTube Music, etc.)
• Calculating and processing royalty payments
• Providing customer support and responding to your inquiries
• Sending important service updates, security alerts, and account notifications

Analytics & Performance Tracking

• Generating analytics reports on stream counts, listener demographics, and revenue
• Identifying trending content and providing performance insights
• Improving our recommendation algorithms and platform features
• Conducting research to understand user behavior and preferences

Marketing & Communication

• Sending promotional emails about new features, services, or opportunities (with your consent)
• Sharing industry news, tips, and best practices for artists
• Conducting surveys to gather feedback and improve our services

We use cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and provide personalized content.

Types of Cookies We Use

• Essential Cookies: Required for the platform to function properly (login sessions, security features)
• Analytics Cookies: Help us understand how users interact with our platform (Google Analytics, Mixpanel)
• Preference Cookies: Remember your settings and preferences (language, theme, display options)
• Marketing Cookies: Track advertising campaign effectiveness and deliver relevant ads (with your consent)

Third-Party Cookies

Some third-party services we integrate may set their own cookies:

• Payment processors (Stripe, PayPal)
• Analytics providers (Google Analytics)
• Social media platforms (when you share content)

We share your data with trusted third parties only when necessary to provide our services. We never sell your personal information to advertisers or data brokers.

Streaming Platforms

We share your music and associated metadata with streaming services to distribute your content:

• Spotify, Apple Music, YouTube Music, Amazon Music, Deezer, Tidal
• TikTok, Instagram, Facebook (for music library integration)

These platforms have their own privacy policies governing how they handle your music and listener data.

Payment Processors

• Stripe: Processes credit/debit card payments and bank transfers
• PayPal: Handles PayPal account withdrawals
• Wise (TransferWise): Facilitates international payments

We do not store your complete payment card details. Payment processors handle this data securely under PCI-DSS compliance standards.

Service Providers & Partners

• Cloud Storage: Amazon Web Services (AWS) for secure file storage
• Email Services: SendGrid, Mailchimp for transactional and marketing emails
• Analytics: Google Analytics, Mixpanel for usage tracking
• Customer Support: Zendesk, Intercom for support ticket management

We implement industry-standard security measures to protect your personal and financial information from unauthorized access, disclosure, alteration, or destruction.

Technical Security Measures

• Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.3 (HTTPS)
• Data Storage: Personal data is encrypted at rest using AES-256 encryption
• Secure Authentication: Passwords are hashed using bcrypt with strong salt values
• Two-Factor Authentication (2FA): Optional 2FA available for enhanced account security
• Access Controls: Role-based access restrictions limit employee access to sensitive data

Operational Security

• Regular security audits and vulnerability assessments
• Employee training on data protection and security best practices
• Incident response procedures for potential data breaches
• Regular backups with secure, encrypted storage
• Network monitoring and intrusion detection systems

Payment Security

• PCI-DSS Level 1 compliant payment processing
• Tokenization of payment card data (we never store full card numbers)
• Secure payment gateway integration with Stripe and PayPal

You have significant control over your personal data. We respect your rights and provide tools to exercise them easily.

Your Data Rights (GDPR & CCPA Compliant)

• Right to Access: Request a copy of all personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete information in your profile
• Right to Erasure ("Right to be Forgotten"): Request deletion of your account and associated data
• Right to Data Portability: Download your data in a machine-readable format (JSON, CSV)
• Right to Restrict Processing: Limit how we process your data under certain circumstances
• Right to Object: Opt out of marketing communications and certain data processing activities
• Right to Withdraw Consent: Revoke previously given consent at any time

How to Exercise Your Rights

• Account Settings: Access your dashboard to update profile information, change privacy settings, and manage preferences
• Data Export: Use the "Download My Data" feature in Account Settings to receive a complete copy of your information
• Email Preferences: Unsubscribe from marketing emails using the link in any promotional message
• Account Deletion: Request account deletion through Settings > Privacy > Delete Account
• Contact Us: Email privacy@singwithmerecords.com for any data-related requests

Marketing Preferences

You can control marketing communications at any time:

• Unsubscribe from promotional emails via the link at the bottom of each email
• Manage email preferences in Account Settings > Notifications
• Opt out of SMS notifications through your account dashboard

SingWithMe Records operates globally, and your data may be transferred to and processed in countries outside your residence.

Data Transfer Mechanisms

• EU-US Data Privacy Framework: We comply with the EU-US and Swiss-US Data Privacy Framework principles
• Standard Contractual Clauses (SCCs): We use EU-approved SCCs when transferring data to countries without adequacy decisions
• Adequate Safeguards: All international transfers include appropriate technical and organizational security measures

Data Storage Locations

Your data may be stored and processed in the following regions:

• European Union (primary data center: Frankfurt, Germany)
• United Kingdom (London data center)
• United States (AWS cloud infrastructure)
• Canada (backup and redundancy systems)

SingWithMe Records is not intended for use by children under the age of 16. We do not knowingly collect personal information from children.

• Users must be at least 16 years old to create an account
• We do not knowingly solicit or collect data from anyone under 16
• If we discover we have collected data from a child under 16, we will delete it immediately
• Parents or guardians who believe we may have collected information from a child should contact us at privacy@singwithmerecords.com

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

Retention Periods

• Active Accounts: Data retained as long as your account is active
• Deleted Accounts: Most data deleted within 30 days; some data retained for legal compliance (tax records: 7 years)
• Analytics Data: Aggregated, anonymized data may be retained indefinitely for research purposes
• Transaction Records: Financial records retained for 7 years to comply with tax and accounting regulations
• Support Communications: Retained for 3 years to maintain service quality and resolve disputes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

• We will notify you of material changes via email or through a prominent notice on our platform
• The "Last Updated" date at the top of this policy indicates when it was last revised
• Continued use of our services after changes constitute acceptance of the updated policy
• Previous versions of this policy are available upon request