1. Scope and Applicability

This Privacy Policy applies to all products, features, applications, technologies, software, and services offered by MvMusics Inc., including but not limited to: the MvMusics website and platform (mvmusics.com and all subdomains); music distribution services; MvStudio AI creative tools; the MvMusics Marketplace; copyright verification and certificate services; analytics and reporting tools; wallet and payment processing; APIs, SDKs, and integrations; and any other services provided by MvMusics (collectively, the "Services"). This Policy applies to all users, visitors, and any person who accesses or interacts with the Services in any capacity. This Policy supplements, and does not replace, our Terms of Service and DMCA Policy. In the event of a conflict between this Policy and any other agreement, this Policy governs with respect to privacy matters.

2. Information We Collect

2.1 Information You Provide Directly. When you register, use our Services, or communicate with us, we collect: (a) full legal name, display name, stage name, and any aliases; (b) email address, phone number, and mailing address; (c) date of birth and age verification information; (d) government-issued identification documents (for KYC verification and withdrawal processing); (e) payment and billing information, including credit/debit card numbers, bank account details, and billing addresses; (f) tax identification numbers (SSN, EIN, ITIN, VAT ID, or equivalent); (g) audio recordings, musical compositions, lyrics, cover artwork, music videos, and all associated metadata; (h) artist biographies, photographs, social media profiles, and promotional materials; (i) communications you send to us, including support tickets, feedback, and correspondence; (j) survey responses, contest entries, and beta program feedback; (k) information provided during KYC/identity verification processes; (l) any other information you voluntarily submit through the Services.

2.2 Information Collected Automatically. When you access the Services, we automatically collect: (a) IP address (IPv4 and IPv6), including approximate geolocation derived from IP; (b) browser type, version, and configuration; (c) operating system and version; (d) device type, manufacturer, and model; (e) screen resolution and display characteristics; (f) hardware specifications including processor, memory, and GPU information; (g) installed browser plugins and extensions; (h) language and locale preferences; (i) timezone and system clock information; (j) referring URLs and exit pages; (k) pages visited, features used, and navigation paths; (l) click patterns, scroll behavior, and interaction events; (m) session duration, frequency, and timing; (n) network connection type and speed; (o) unique device identifiers and advertising identifiers.

2.3 Browser Fingerprinting and Device Intelligence. We employ browser fingerprinting and device intelligence technologies to create a unique identifier for your device based on a combination of browser attributes, hardware characteristics, and software configurations. This includes but is not limited to: canvas fingerprinting, WebGL fingerprinting, audio context fingerprinting, font enumeration, screen properties, and navigator properties. We use these technologies to: detect and prevent fraudulent account creation; identify multiple accounts operated by the same individual; prevent abuse of invitation and registration systems; enhance security and protect against unauthorized access; and enforce our Terms of Service, including prohibited conduct provisions. You acknowledge and consent to the use of these fingerprinting technologies as a condition of using the Services.

2.4 Cookies and Similar Technologies. We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies. See Section 10 for details.

2.5 Information from Third Parties. We may receive information about you from: (a) digital service providers (DSPs) including streaming data, download counts, and revenue reports; (b) payment processors (Stripe) including transaction history and fraud signals; (c) distribution partners (LabelGrid) including catalog status and delivery confirmations; (d) identity verification providers; (e) public databases and commercially available sources; (f) social media platforms when you link accounts; (g) other users who provide your information (e.g., collaborator credits, split recipients); (h) law enforcement and government agencies.

3. How We Use Your Information

We use the information we collect for any purpose related to the operation of the Services, including but not limited to: (a) providing, maintaining, operating, and improving the Services; (b) processing transactions, distributing content to DSPs, and managing your catalog; (c) calculating, reporting, and distributing royalties and revenue; (d) processing payments, managing wallet balances, and facilitating withdrawals; (e) verifying your identity and conducting KYC/AML compliance checks; (f) communicating with you about your account, transactions, and the Services; (g) sending marketing communications, promotional offers, and newsletters (subject to opt-out); (h) detecting, investigating, and preventing fraud, abuse, security incidents, and violations of our Terms; (i) enforcing our Terms of Service, DMCA Policy, and other agreements; (j) generating analytics, reports, and business intelligence; (k) conducting research and development to improve our products and services; (l) personalizing your experience and providing recommendations; (m) training and improving artificial intelligence and machine learning models, including MvStudio AI; (n) creating aggregated and anonymized datasets for analysis; (o) complying with legal obligations, responding to legal process, and cooperating with law enforcement; (p) protecting the rights, property, and safety of MvMusics, our users, and the public; (q) facilitating mergers, acquisitions, restructuring, or sale of assets; (r) any other purpose disclosed at the time of collection or with your consent.

4. Information Sharing and Disclosure

4.1 Digital Service Providers (DSPs). To distribute your content, we share with DSPs (including but not limited to Spotify, Apple Music, YouTube Music, Amazon Music, Deezer, Tidal, TikTok, Instagram/Facebook, Pandora, iHeartRadio, and others): your artist name, legal name, content metadata, audio files, cover artwork, lyrics, ISRC codes, UPC codes, release information, and any other data required by the DSP. Each DSP has its own privacy policy governing how it handles your data. MvMusics has no control over DSP data practices.

4.2 Payment Processors. We share with Stripe and other payment processors: your name, email, billing address, payment method details, transaction amounts, and tax information as necessary to process payments and comply with financial regulations.

4.3 Distribution Partners. We share with LabelGrid and other distribution infrastructure providers: your artist information, content metadata, audio files, and distribution instructions necessary to deliver your content to DSPs.

4.4 Service Providers. We share information with third-party service providers who perform services on our behalf, including: cloud hosting (infrastructure providers), email delivery, analytics, customer support tools, identity verification services, content delivery networks (CDNs), and AI/ML service providers. These providers are contractually obligated to use your information only as directed by us.

4.5 Legal and Compliance. We may disclose your information: (a) in response to lawful requests by public authorities, including subpoenas, court orders, search warrants, and national security or law enforcement requests; (b) to comply with applicable laws, regulations, and legal processes; (c) to enforce our Terms of Service, DMCA Policy, and other agreements; (d) to protect the rights, property, and safety of MvMusics, our users, or others; (e) to investigate potential violations of our Terms or applicable law; (f) to cooperate with DMCA and copyright infringement proceedings; (g) in connection with legal proceedings, including arbitration.

4.6 Business Transfers. In connection with a merger, acquisition, reorganization, bankruptcy, dissolution, sale of assets, or similar transaction, your information may be transferred to the acquiring entity. You will be notified via email or prominent notice on our Services of any such change.

4.7 Marketplace Transactions. When you participate in Marketplace transactions (buying or selling releases/licenses), certain information may be shared with counterparties as necessary to complete the transaction, including artist name, content details, and transaction terms.

4.8 Aggregated and De-identified Data. We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you, without restriction, for any purpose including industry research, marketing, and analytics.

4.9 With Your Consent. We may share your information with third parties when you have provided consent or directed us to do so.

5. Data Retention

5.1 Active Accounts. We retain your personal information for the duration of your account and for a commercially reasonable period thereafter. Specific retention periods include: (a) account registration data: retained for the life of the account plus seven (7) years after account closure or termination; (b) content and distribution records: retained indefinitely, as required by our distribution agreements with DSPs and for ongoing royalty calculation and reporting; (c) financial records and transaction history: retained for a minimum of seven (7) years as required by applicable tax, accounting, and financial regulations; (d) communications and support records: retained for five (5) years; (e) analytics and usage data: retained for three (3) years; (f) server logs: retained for one (1) year; (g) device fingerprint data: retained for the life of the account plus two (2) years.

5.2 Post-Termination. Upon account termination, we retain information as necessary for: (a) compliance with legal and regulatory obligations; (b) resolution of pending disputes, claims, or arbitration; (c) fraud prevention and detection of repeat infringers; (d) enforcement of our Terms of Service; (e) fulfillment of ongoing distribution obligations to DSPs; (f) royalty calculation and payment processing; (g) legitimate business purposes. Content already distributed to DSPs may continue to be available and generate data that we will collect and retain.

5.3 Deleted Content. When you request deletion of content, we will use commercially reasonable efforts to remove it from our active systems. However, content may persist in: (a) backup and disaster recovery systems; (b) CDN caches; (c) DSP platforms (which operate independently of MvMusics); (d) archived copies retained for legal compliance; (e) aggregated or anonymized datasets.

6. Data Security

We implement industry-standard technical and organizational security measures designed to protect your information, including: (a) encryption of sensitive data at rest using AES-256-GCM; (b) encryption of data in transit using TLS 1.2 or higher; (c) secure hashing of passwords using bcrypt with appropriate work factors; (d) role-based access controls and principle of least privilege; (e) regular security assessments and vulnerability scanning; (f) monitoring for unauthorized access and suspicious activity; (g) secure software development practices. HOWEVER, NO METHOD OF ELECTRONIC TRANSMISSION OR STORAGE IS COMPLETELY SECURE. WE CANNOT AND DO NOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR INFORMATION. YOU ACKNOWLEDGE THAT YOU TRANSMIT INFORMATION AT YOUR OWN RISK. MVMUSICS SHALL NOT BE LIABLE FOR ANY UNAUTHORIZED ACCESS, DATA BREACH, HACKING, OR OTHER SECURITY INCIDENT AFFECTING YOUR DATA, EXCEPT WHERE DIRECTLY CAUSED BY OUR GROSS NEGLIGENCE OR WILLFUL MISCONDUCT.

7. Your Rights and Choices

7.1 Access and Portability. You may request a copy of the personal information we hold about you. We will provide this in a commonly used, machine-readable format where technically feasible.

7.2 Correction. You may request correction of inaccurate or incomplete personal information. We may decline requests where we have a reasonable basis to believe the information is accurate.

7.3 Deletion. You may request deletion of your personal information. We may deny deletion requests where we have a legal basis or legitimate business need to retain the information, including for: compliance with legal obligations; completion of pending transactions; fraud prevention; dispute resolution; enforcement of agreements; and fulfillment of distribution obligations. Deletion of your account does not necessarily result in deletion of all data associated with your account.

7.4 Objection and Restriction. Where processing is based on legitimate interests, you may object to processing. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

7.5 Withdrawal of Consent. Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of prior processing.

7.6 Marketing Opt-Out. You may opt out of marketing communications by clicking the unsubscribe link in emails or contacting us. Opt-out does not apply to transactional or account-related communications.

7.7 How to Exercise Rights. To exercise any rights, email [email protected] with your request. We will verify your identity before processing. We will respond within thirty (30) days, or forty-five (45) days for complex requests. We may charge a reasonable fee for manifestly unfounded or excessive requests. We reserve the right to deny requests that are impractical, would compromise others' privacy, or are not required by applicable law.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA): (a) Right to Know: You may request the categories and specific pieces of personal information collected, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share. (b) Right to Delete: You may request deletion of personal information collected, subject to exceptions. (c) Right to Opt-Out of Sale/Sharing: MvMusics does not "sell" personal information as defined by the CCPA. If we share personal information for cross-context behavioral advertising, you may opt out. (d) Right to Non-Discrimination: We will not discriminate against you for exercising your rights. (e) Right to Correct: You may request correction of inaccurate information. (f) Right to Limit Use of Sensitive Information: You may limit use of sensitive personal information to what is necessary for the Services.

Categories of personal information collected in the preceding twelve (12) months include: identifiers; financial information; commercial information; internet and network activity; geolocation data; audio and visual information; professional information; and inferences drawn from the above. To submit a CCPA request, email [email protected] or call the contact number on our website. We will verify your identity using at least two pieces of information.

9. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following provisions apply: (a) Legal Bases: We process personal data under the following legal bases: performance of a contract (providing the Services); legitimate interests (fraud prevention, analytics, security, service improvement); consent (marketing, fingerprinting where required); and compliance with legal obligations. (b) Data Controller: MvMusics Inc. is the data controller for personal data processed through the Services. (c) Rights: In addition to the rights in Section 7, you have the right to lodge a complaint with your local supervisory authority. (d) Automated Decision-Making: See Section 12. (e) Data Protection Officer: For GDPR-related inquiries, contact [email protected].

We process data in the United States and other countries that may not have equivalent data protection laws. By using the Services, you consent to the transfer of your data to these countries. Where required by law, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Cookies and Tracking Technologies

10.1 Types of Cookies. We use: (a) Strictly Necessary Cookies: required for authentication, session management, security, and core functionality — these cannot be disabled; (b) Functional Cookies: remember your preferences, language settings, and display options; (c) Analytics Cookies: collect usage data to understand how users interact with the Services, including page views, feature usage, and navigation patterns; (d) Performance Cookies: monitor Service performance, load times, and error rates.

10.2 Local Storage and Session Storage. We use browser local storage and session storage for authentication tokens, user preferences, and application state management.

10.3 Your Choices. You may control cookies through your browser settings. Disabling cookies may affect the functionality of the Services. By continuing to use the Services after being informed of our cookie practices, you consent to the use of cookies as described herein.

11. International Data Transfers

MvMusics is based in the United States, and your information is processed and stored primarily in the United States. Your information may also be transferred to, stored in, and processed in any country where our service providers operate, including countries that may not provide the same level of data protection as your home country. By using the Services, you explicitly consent to the transfer of your information to the United States and other jurisdictions. Where required by applicable law, we implement appropriate transfer mechanisms including Standard Contractual Clauses (SCCs), data processing agreements, and other safeguards. MvMusics shall not be liable for any data protection differences between your jurisdiction and the jurisdictions where your data is processed.

12. Automated Decision-Making and Profiling

We use automated systems and algorithms for: (a) fraud detection and prevention (analyzing registration patterns, device fingerprints, and behavioral signals); (b) content quality assessment (metadata validation, audio analysis); (c) stream manipulation detection (analyzing streaming patterns for anomalies); (d) risk scoring for account verification and KYC processes; (e) AI-generated content through MvStudio AI; (f) revenue calculation and royalty distribution. These automated processes may affect your ability to use certain features or your account standing. You may request human review of significant automated decisions by contacting [email protected]. However, we reserve the right to rely on automated systems where necessary for fraud prevention, security, and Terms enforcement.

13. MvStudio AI and Machine Learning

When you use MvStudio AI features, your inputs (text prompts, audio samples, parameters) may be used to: (a) generate the requested AI output; (b) improve and train our AI/ML models; (c) develop new features and capabilities; (d) conduct research. AI-generated outputs may not be eligible for copyright protection. You acknowledge that inputs submitted to AI features may be processed by third-party AI service providers and may be retained for model improvement. We do not guarantee the privacy or confidentiality of inputs submitted to AI features beyond commercially reasonable security measures.

14. Data Breach Notification

In the event of a data breach that compromises the security, confidentiality, or integrity of your personal information, we will: (a) investigate the breach and take reasonable steps to contain it; (b) notify affected users by email or prominent notice on the Services within a commercially reasonable timeframe, or as required by applicable law; (c) notify relevant supervisory authorities where required by law (within 72 hours for GDPR-covered breaches). Our notification will describe the nature of the breach, the types of information involved, the steps we are taking, and how you can protect yourself. MvMusics shall not be liable for damages arising from a data breach except where directly caused by our failure to implement the security measures described in Section 6.

15. Children's Privacy

The Services are not intended for, directed at, or designed to attract children under the age of eighteen (18), or the age of majority in the applicable jurisdiction. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly. If you believe a child has provided personal information to us, contact [email protected]. Parents or guardians may not create accounts on behalf of minors.

16. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. There is no industry consensus on how to respond to DNT signals. At this time, MvMusics does not respond to or alter its practices upon receiving DNT signals. We will update this Policy if a uniform DNT standard is adopted.

17. Third-Party Links and Services

The Services may contain links to or integrations with third-party websites, services, and platforms (including DSPs, social media, and payment processors). We are not responsible for the privacy practices of third parties. We encourage you to read the privacy policies of any third-party services you access. MvMusics shall not be liable for any data collection, use, or disclosure by third parties.

18. Changes to This Policy

We reserve the right to modify, amend, or replace this Privacy Policy at any time, in our sole discretion. Changes become effective immediately upon posting to the Services. We will indicate the date of the most recent revision at the top of this page. For material changes, we may provide additional notice via email or prominent display on the Services, but we are not obligated to do so. Your continued use of the Services after any change constitutes your acceptance of the modified Policy. It is your responsibility to review this Policy periodically.

19. Contact Information

For privacy-related inquiries, data subject requests, or complaints: [email protected] · MvMusics Inc., Delaware, United States. For DMCA and copyright matters: [email protected]. For general legal inquiries: [email protected]. We will acknowledge receipt of your inquiry and respond within the timeframes required by applicable law.