Data Protection

Privacy Policy

Your privacy is our priority. Learn how we collect, use, and protect your personal information in compliance with Canadian, US, and international privacy laws.

GDPR Compliant CCPA/CPRA Compliant PIPEDA Compliant Quebec Law 25 US Privacy Laws International Standards

1. Introduction and Scope

SoundStudioPro ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered music generation platform and services (collectively, the "Service").

This Privacy Policy applies to all users of our Service, regardless of their location, and is designed to comply with applicable privacy laws including:

  • Canada: Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Quebec: Act Respecting the Protection of Personal Information in the Private Sector (Law 25)
  • United States: California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Utah Consumer Privacy Act (UCPA), Connecticut Data Privacy Act (CTDPA), and other state privacy laws
  • European Union: General Data Protection Regulation (GDPR)
  • International: Other applicable privacy and data protection laws

By using our Service, you consent to the collection and use of your information as described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us, including:

  • Account Information: Name, email address, username, password, and profile information
  • Payment Information: Credit card details, billing address, and payment history (processed securely through third-party payment processors)
  • Communication Data: Messages, feedback, and support requests you send to us
  • User Content: Music prompts, lyrics, descriptions, and other content you create or upload
  • Preferences: Music genres, styles, and other preferences you set in your account

2.2 Automatically Collected Information

We automatically collect certain information when you use our Service:

  • Usage Data: Pages visited, features used, time spent, and interaction patterns
  • Technical Data: IP address, browser type, device information, operating system, and screen resolution
  • Log Data: Server logs, error reports, and performance metrics
  • Cookies and Similar Technologies: Session cookies, persistent cookies, and local storage data

2.3 Third-Party Information

We may receive information from third-party sources, including:

  • Social media platforms (if you connect your account)
  • Payment processors and financial institutions
  • Analytics and advertising partners
  • Public databases and directories

3. How We Use Your Information

3.1 Primary Uses

We use your information for the following primary purposes:

  • Service Provision: To provide, maintain, and improve our AI music generation services
  • Account Management: To create and manage your account, process payments, and provide customer support
  • Content Generation: To generate music and lyrics based on your inputs and preferences
  • Communication: To send you important updates, notifications, and respond to your inquiries
  • Security: To protect against fraud, abuse, and unauthorized access

3.2 Secondary Uses

We may also use your information for:

  • Analytics: To analyze usage patterns and improve our Service
  • Research: To develop new features and enhance AI capabilities
  • Marketing: To send promotional materials (with your consent)
  • Legal Compliance: To comply with applicable laws and regulations

Legal Basis for Processing (GDPR)

For users in the European Union, we process your personal data based on: (1) your consent, (2) performance of a contract, (3) legitimate interests, and (4) legal obligations. You may withdraw consent at any time.

4. Information Sharing and Disclosure

4.1 We Do Not Sell Your Personal Information

SoundStudioPro does not sell, rent, or trade your personal information to third parties for their marketing purposes.

4.2 Limited Sharing

We may share your information only in the following limited circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our Service (payment processors, hosting providers, analytics services)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Safety and Security: To protect our rights, property, or safety, or that of our users or the public
  • With Your Consent: When you explicitly authorize us to share your information

4.3 Data Processing Agreements

All third-party service providers are bound by contractual obligations to protect your information and use it only for specified purposes.

5. Data Security and Protection

5.1 Security Measures

We implement comprehensive security measures to protect your personal information:

  • Encryption: All data is encrypted in transit and at rest using industry-standard protocols
  • Access Controls: Strict access controls and authentication mechanisms
  • Regular Audits: Regular security assessments and vulnerability testing
  • Employee Training: Regular privacy and security training for all employees
  • Incident Response: Comprehensive incident response procedures

5.2 Data Retention

We retain your personal information only for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services

When we no longer need your information, we securely delete or anonymize it.

6. Your Privacy Rights

6.1 General Rights

Depending on your location, you may have the following rights regarding your personal information:

Right Description How to Exercise
Access Request a copy of your personal information Contact us or use your account settings
Correction Request correction of inaccurate information Update your account or contact us
Deletion Request deletion of your personal information Use account deletion feature or contact us
Portability Request transfer of your data to another service Contact us with specific requirements
Restriction Request limitation of data processing Contact us with specific restrictions
Objection Object to certain types of processing Contact us or use opt-out mechanisms

6.2 California Privacy Rights (CCPA/CPRA)

California Residents

Under the CCPA and CPRA, California residents have additional rights including the right to know what personal information is collected, the right to delete personal information, the right to opt-out of the sale of personal information, and the right to non-discrimination.

6.3 US State Privacy Laws

US Residents - State-Specific Rights

Residents of the following states have additional privacy rights under their respective laws:

  • Virginia (VCDPA): Right to access, correct, delete, and port personal data; right to opt-out of processing for targeted advertising
  • Colorado (CPA): Right to access, correct, delete, and port personal data; right to opt-out of processing for targeted advertising and profiling
  • Utah (UCPA): Right to access, delete, and port personal data; right to opt-out of processing for targeted advertising
  • Connecticut (CTDPA): Right to access, correct, delete, and port personal data; right to opt-out of processing for targeted advertising and profiling
  • Other States: We comply with privacy laws in all US states where they apply

6.3 Canadian Privacy Rights (PIPEDA)

Canadian Residents

Under PIPEDA, Canadian residents have the right to access their personal information, request corrections, and file complaints with the Privacy Commissioner of Canada.

6.4 Quebec Privacy Rights (Law 25)

Quebec Residents

Under Quebec's Law 25, Quebec residents have enhanced privacy rights including the right to be informed of automated decision-making, the right to data portability, the right to be forgotten, and the right to withdraw consent at any time. Quebec residents also have the right to file complaints with the Commission d'accรจs ร  l'information du Quรฉbec (CAI).

6.4 European Privacy Rights (GDPR)

European Union Residents

Under the GDPR, EU residents have comprehensive data protection rights including the right to be informed, right of access, right to rectification, right to erasure, right to restrict processing, right to data portability, right to object, and rights related to automated decision making.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

We use various types of cookies and similar technologies:

  • Essential Cookies: Required for basic website functionality
  • Performance Cookies: Help us understand how visitors interact with our website
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Provide insights into website usage and performance

7.2 Third-Party Cookies

We may use third-party services that place cookies on your device:

  • Google Analytics: Website analytics and performance monitoring
  • Payment Processors: Secure payment processing
  • Social Media: Social media integration and sharing features

7.3 Cookie Management

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service.

8. International Data Transfers

8.1 Cross-Border Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws.

8.2 Adequacy Decisions and Safeguards

For transfers from the European Union, we rely on:

  • Adequacy decisions by the European Commission
  • Standard contractual clauses approved by the European Commission
  • Other appropriate safeguards as required by law

8.3 Data Localization

We may store your data in multiple locations to ensure optimal service performance and compliance with local laws.

9. Children's Privacy

Age Restrictions

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

For users between 13 and 18 years of age, we require parental or guardian consent in accordance with applicable laws. We implement additional safeguards for users under 18, including:

  • Limited data collection and processing
  • Enhanced privacy controls
  • Parental access and control features
  • Educational content about online privacy

10. Third-Party Services and Links

10.1 Third-Party Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

10.2 Third-Party Service Providers

We use the following categories of third-party service providers:

  • Hosting and Infrastructure: Cloud hosting and server management
  • Payment Processing: Secure payment processing and billing
  • Analytics: Website analytics and performance monitoring
  • Customer Support: Help desk and customer service tools
  • Email Services: Transactional and marketing email delivery

11. Data Breach Notification

Breach Response

In the event of a data breach that affects your personal information, we will notify you and relevant authorities in accordance with applicable laws. Our response includes immediate containment, investigation, notification, and remediation measures.

We maintain comprehensive incident response procedures and regularly test our security measures to prevent and detect potential breaches.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated Privacy Policy on our website
  • Sending email notifications to registered users
  • Displaying prominent notices on our Service
  • Updating the "Last Updated" date

Your continued use of our Service after such changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Privacy Officer

Email: privacy@soundstudiopro.com

13.1 Data Protection Officer (GDPR)

For EU residents, you may also contact our Data Protection Officer at dpo@soundstudiopro.com for GDPR-related inquiries.

13.2 Regulatory Complaints

You have the right to file complaints with relevant data protection authorities:

  • Canada: Office of the Privacy Commissioner of Canada
  • Quebec: Commission d'accรจs ร  l'information du Quรฉbec (CAI)
  • European Union: Your local data protection authority
  • United States: State attorneys general or the Federal Trade Commission

Last Updated: July 26, 2025

This Privacy Policy is effective as of the date shown above.