MUSYNC LLC

PRIVACY POLICY

(Last Updated: April 1st, 2026)

Musync LLC ("Musync," "we," "our," or "us") values the privacy of individuals who use the Musync website ("Website"), mobile and web applications ("Software"), and related services (collectively, the "Services"). This Privacy Policy (the "Policy") describes the information that we gather from visitors, users, and others who access or use the Website, Software, and/or Services ("Users," "you," or "your"), how we use and disclose such information and the steps we take to protect such information. By using the Website, Software, and/or its Services, you consent to the privacy practices described in this Policy. Each of User, you, and Musync may be referred to as a "party" or the "parties" herein.

This Policy is incorporated into and is subject to the Musync Terms & Conditions, as updated from time-to-time. Capitalized terms used but not defined in this Policy have the meaning given to them in the Terms & Conditions.

I. This Policy is provided to help you understand

  1. the Personal Information (defined herein) we collect, how we collect it, how we use it, and how and why we share it;
  2. the applicable rights you have regarding your Personal Information; and
  3. how Musync protects your Personal Information.
  4. Personal Information does not include, and this Policy does not apply to, aggregate information or information that has been fully de-identified or anonymized in accordance with applicable law.
  5. For purposes of this Privacy Policy, the term "Services" is used in a broad sense to include the Website (including Musync.co, Musyncapp.com, and related domains), Software, and all related features and functionality. For clarity, use of the Musync Software is governed by the End User License Agreement (EULA), and the user rights and obligations relating to content and platform use are governed by the Terms & Conditions. In the event of any inconsistency, the applicable governing document shall control based on the subject matter.

II. Types of Personal Information We Collect

1. Personal Information

  1. While using the Services, we will ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Information").
  2. Personal Information includes, but is not limited to, your name, address, email address, phone number, age, company information, date of birth, and/or payment information (via processor). You may provide us with Personal Information when you register for an account to use the Services, make a purchase, contact customer support, sign up for marketing material, or otherwise communicate with us. Please note that if you choose not to share certain Personal Information with us, or refuse certain contact permissions, we might not be able to provide certain parts of the Services.
  3. Please note that there are places on the Website and/or Software where you may have to provide credit card information in order to complete a purchase. Any time we ask for a credit card number we transmit that card number using industry-standard encryption protocols, including Transport Layer Security (TLS).
  4. We consider user-generated content to be materials (text, image, video, musical scores, and related content) voluntarily supplied by Users in connection with the Services ("User Content"). User Content is private by default and is associated with the account used to submit it. Users may choose to share User Content with specific users, defined groups, or publicly within the Musync community. Content will only be made publicly accessible if a User explicitly selects a public or community-sharing option. Once content is made public, it may be accessible to third parties not covered under this Policy.
  5. Content submitted by users under the age of eighteen (18) is subject to additional visibility and sharing restrictions and is not made publicly accessible by default.

2. Usage Information

  1. We collect information about how you interact with and use the Services, such as device type, IP address, operating system, browser type, address of a referring website, activity on our Website and Software, device ID, access dates and times, location, information related to any transactions you make while utilizing the Services, and other system activity.
  2. We may collect certain information by automated means using technologies such as cookies, web beacons, pixels, browser analysis tools, server logs and mobile identifiers. In many cases the information we collect using cookies and other tools is only used in a non-identifiable manner without reference to Personal Information.
  3. For example, we may use information we collect to better understand Website traffic patterns and to optimize your experience. We track Users' use of the Services.
  4. We also may collect data on User interactions, including button clicks and screen time on particular pages. This data is used to understand User behavior, improve user experience, and enhance the functionality of our Services.
  5. Additionally, when you encounter certain errors while using the Website or Software, we automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred or what the nature of the error is. Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

3. Device Data

  1. Our Website and/or Software may access and collect data via your device's in-built tools, such as:
    1. Your identity
    2. Camera
    3. Microphone
    4. Contacts
    5. Storage, photos and/or media
    6. Notifications
    7. Background data refresh
    8. Mobile data
  2. When you install the Software or use your device's tools within the Software, we request permission to access this information. The specific data we collect can depend on the individual settings of your device and the permissions you grant when you install and use the Software.

4. Information Received from Third Parties

  1. If you choose to connect your account to another account of yours with a third-party service, we may receive or be granted access to information from such third-party service, including Personal Information.
  2. You can stop sharing your information from a third-party service with us by removing our access to that service.

5. Third-Party Cookies

  1. When you use the Services and visit the Website, we may also use third-party services, which use cookies to collect information about you for analytics or advertising purposes.
  2. Third parties may also use cookies, web beacons, or other devices to collect information when you use the Services.
  3. Musync does not control any cookies or other data collection tools that may be placed on the Website by a third party, and this Policy does not cover the use of such cookies and/or other data collection tools by any third party. We encourage you to read the privacy policies of such third parties to find out more about the information that may be collected by them and the choices you have regarding the collection, use and sharing of such information. You may be able to "opt out" of the collection and use of information through cookies or other tracking technology by actively managing the settings on your browser or mobile device. We do not engage in cross-site tracking, but we do not respond to browser-based 'Do Not Track' signals.

6. Children and Minors

  1. Children and Minors: Musync supports musicians of different ages and applies age-appropriate protections in accordance with applicable law.
  2. Independent Minor Accounts: Users who are at least thirteen (13) years of age and at or above the minimum age required to provide valid consent to personal data processing in their jurisdiction may create and manage their own account. By registering, such users represent that they meet these requirements. Musync applies enhanced privacy and safety protections to all minor accounts.
  3. Parent-Managed Child Accounts: Users below the minimum age required to provide valid consent may only access the Services through a parent- or legal-guardian-managed account. In such cases, the parent or guardian is the account holder and may authorize one or more child profiles with individual login credentials. The parent or guardian retains full control over account settings, data processing, and account deletion.
  4. Musync does not knowingly collect personal information from children below the applicable age threshold outside of a parent-managed account. If Musync becomes aware that an account does not comply with these requirements, Musync may suspend, reclassify, or delete the account.

7. Sensitive Personal Information

  1. We ask that you do not submit or disclose any Sensitive Personal Information (such as social security numbers, information related to racial or ethnic origin, political opinions, religion, health, biometric or genetic data, criminal background, or trade union membership) through the Services.
  2. Where required by applicable law, Musync will only process Sensitive Personal Information based on a valid legal basis, which may include your explicit consent or other lawful grounds.
  3. Musync reserves the right to delete or restrict processing of Sensitive Personal Information submitted in violation of this Policy.

8. Survey Data

  1. We also occasionally ask Users to complete surveys that we use for internal research. Please be aware that advertisers or websites that have links to our Website or Software may collect Sensitive Personal Information or Personal Information about you and the information collection practices of those third-party websites are not covered by this Policy.

9. Additional Information We May Request or Send

  1. You may be invited via email to provide feedback on your experience by completing a web-based Musync Feedback Form ("Feedback Form"). The Feedback Form may be used to enhance the information provided on the Services and/or to let us know your thoughts on our Services. Any feedback you provide will be summarized with that of other Users. Your feedback will not be publicized in a way that is attributable to you by name, email address or other identifiable forms. You may elect not to receive future feedback invitation emails by following the "unsubscribe" instructions at the bottom of the Feedback Form. If you express interest in receiving offers or information from Musync, we may occasionally send you emails or direct mail about products and services that we feel may be of interest to you. Only Musync (or agents working on behalf of Musync) will send you these direct mailings and only if you opt in to receive these offers.

10. Musync reserves the right to disclose your personal information to law enforcement officials with a subpoena, as required by applicable law or legal process.

III. How We Use Your Information to Provide, Maintain, and Improve the Services

1. We may use your information for the purposes of, including, but not limited to:

  1. communicate with you if you contact us directly or sign up for marketing or other promotional material;
  2. perform our obligations under the contract we have entered into with you;
  3. provide customer service and process any transactions;
  4. send you confirmations, updates, security alerts, and support and administrative messages;
  5. detect and prevent fraud;
  6. operate, protect, and optimize the Services and your experience, such as by performing analytics and conducting research;
  7. troubleshoot and protect against errors;
  8. personalize and improve the Services, including to recognize and contact you across multiple devices;
  9. monitor and analyze usage and trends and otherwise measure the effectiveness, and quality of the Services;
  10. advertise and market our Services, including delivering interest-based ads, cross-device linking and analyzing the performance of such activities; and
  11. develop new features.

2. Sharing Your Information

  1. If you use the Services, you are authorizing us to, including, but not limited to, share information:
    1. that you direct us to disclose to others;
    2. with our third-party business partners, vendors, contractors, and consultants who perform services on our behalf or who help us provide the Services, such as accounting, legal, managerial, technical, marketing, or analytic services;
    3. if required to do so by law or in the good-faith belief that such action is necessary to comply with local, state, federal or international laws, or to respond to a court order, judicial or other governmental subpoena or warrant or in the event of bankruptcy proceedings;
    4. if we believe in good faith that doing so is reasonably necessary or appropriate to protect the rights, property or safety of Musync, our users, our employees, copyright owners, third parties or the public, including without limitation to protect Musync or our users from fraudulent, abusive, inappropriate or unlawful use of the Services;
    5. to enforce or apply this Policy, our Terms & Conditions, license agreements or other policies or agreements;
    6. in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition or in any other situation where information may be disclosed or transferred as one of the business assets of Musync; and
    7. nothing herein restricts the sharing of aggregated or anonymized information, which may be shared with third parties without your consent. This Policy in no way restricts or limits our collection and use of aggregate or de-identified information.

3. User Scores, Sharing, and AI Processing

  1. User Scores - Musync allows Users to upload, create, and store musical scores and related materials ("User Scores").
  2. Ownership - Users retain ownership of their User Scores, subject to the limited license granted to Musync to operate the Services.
  3. Sharing and Visibility - User Scores are private by default and are only accessible: to the User; to specific users or groups designated by the User; or to the public if the User elects to share them. Musync does not share User Scores with other users or third parties unless directed by the User or required by law.
  4. AI Processing - Musync may process User Scores using automated systems, including artificial intelligence, to enable core functionality and improve the Services. For clarity, processing includes use of User Scores to enable core functionality such as rendering, synchronization, personalization, and feature improvements. Processing does not include the use of User Scores to train generalized artificial intelligence or machine learning models unless explicitly stated in this Policy.
  5. AI Training – Private vs Public Content - Private User Scores are not used to train generalized AI models without explicit User consent. Public or community-shared User Scores may be used to train and improve AI models.
  6. De-Identified Data - Musync may use aggregated or de-identified data derived from User Scores to improve the Services, provided such data cannot reasonably be used to identify any individual or reconstruct, replicate, or approximate the original User Scores.
  7. Security - Musync applies access controls and safeguards to protect User Scores from unauthorized access.

4. Links to Third-Party Websites and the Services

  1. The Website may contain links to other websites. We are not responsible for the practices employed by websites or services linked to or from the Website, Software, nor the information or content provided to or contained therein.
  2. Please remember that when you use a link to go from the Website to another website, this Policy does not apply to those third-party websites or services.
  3. Your browsing and interaction on any third-party websites or service, including those that have a link on theirs, or from our Website or Software, are subject to that third party's own rules and policies. Please read those rules and policies before proceeding.

5. Tell a Friend.

  1. If you choose to use our referral service to tell a friend about our Website or Software, we will ask you for your friend's name and email address. We will automatically send your friend a one-time email inviting him or her to visit the Website. We store this information for the sole purpose of sending this one-time email and tracking the success of our referral program. Your friend may contact us at legal@musync.co to request that we remove this information from our database.

6. Minor-Specific Safeguards

  1. For users under the age of eighteen (18), Musync applies privacy-protective defaults, data minimization, restricted discoverability, and disables targeted advertising and profiling.
  2. Notwithstanding the foregoing, Musync does not engage in targeted or interest-based advertising, profiling, or cross-device tracking for users under the age of eighteen (18).

IV. Your Rights Regarding Personal Information

We consider the privacy of your Personal Information very important and are committed to handling your Personal Information with care. You have certain rights regarding your Personal Information, which include:

  1. Right to Access: We acknowledge your right to access the Personal Information that we maintain about you. You have the right to obtain a list of the categories of Personal Information collected about you as well as other related information along with the source of the information. You also have the right to know the categories of information shared (or sold) to third parties and the purpose for such sharing as provided for in this Policy.
  2. Right to Deletion (i.e. the Right to be Forgotten): We acknowledge your right to delete certain Personal Information that we may have collected about you.
  3. Right to Opt-out of Sharing: You may have the right to opt-out of sharing certain Personal Information with third parties for direct marketing purposes.
  4. Right to Amend/Rectify: You have the right to amend or rectify any inaccuracies that you have identified with the information that we have about you. We process Personal Information only for the purposes for which it was collected and in accordance with this Policy or any applicable service-specific privacy notice. We periodically review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Information needed to provide or improve our Services. We take reasonable steps to ensure that the Personal Information we process is accurate, complete, and current, but we depend on our Users to update or correct their Personal Information whenever necessary.
  5. Right to Object/Restrict/Withdrawal Consent: You have the right to object to the processing of your Personal Information if it is being processed under legitimate interests such as for direct marketing. You also have the right to withdraw your consent for the processing of your Personal Information at any time. We will cease processing of your information unless there is a legitimate purpose or requirement by law. We will primarily rely on your consent or legitimate interests for any use or disclosures that are not required by law.
  6. Right to Non-Discrimination: We will not discriminate or penalize you for exercising your rights.
  7. Shine the Light: In addition to the rights discussed above, you have the right to request information from us regarding the manner in which we share certain Personal Information as defined by applicable law or statute with third parties and affiliates for the purpose of direct marketing.
    1. To receive this information, send us a request using the contact details provided in Section XV of this Policy. All requests must include "Privacy Rights Request" in the subject line of the email and include your name, street address, city, state and ZIP code within the body of your email.
  8. For more information on how you can request your right to access, amend/rectify, delete or opt-out of the Personal Information we collect, use, or disclose, please contact us at the email address provided under Section XV of this Policy.
  9. Your Rights (EEA/UK/Switzerland): In addition to the rights described above, users located in the EEA, United Kingdom, and Switzerland have the following rights under applicable data protection laws:
    1. Right of access – to obtain a copy of your Personal Information (or personal data, as defined under applicable law)
    2. Right to rectification – to correct inaccurate or incomplete data
    3. Right to erasure – to request deletion of your Personal Information (or personal data, as defined under applicable law)
    4. Right to restrict processing – to limit how your data is used
    5. Right to data portability – to receive your data in a structured format
    6. Right to object – to object to certain processing (including legitimate interests)
    7. Right to withdraw consent – where processing is based on consent
  10. You also have the right to lodge a complaint with your local data protection authority.

V. How We Protect Your Information

  1. We are committed to ensuring the security of your data. We implement a variety of security measures to maintain the safety of your Personal Information. These measures include encryption, access controls, and secure servers to protect your data from unauthorized access, alteration, disclosure, or destruction. We also conduct regular security assessments and updates to safeguard your information. Further, we maintain reasonably appropriate administrative, physical, technical, organizational measures and security controls to protect Personal Information, and to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction. We will only keep your Personal Information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, governmental, regulatory or reporting requirements. We may also retain and use your Personal Information for as long as necessary to resolve disputes and/or enforcement of our rights. Specifically, personal data will typically be retained for a minimum period (for example, at least three (3) months after a User stops using the Services), unless deletion is requested earlier or required by law. Backup copies of your data may also be stored for additional security and recovery purposes. Where we rely on your consent to process your Personal Information, you have the right to decline consent and/or, if provided, to withdraw consent at any time. This will not affect the lawfulness of processing prior to the withdrawal of your consent.
  2. We limit access to Personal Information to our employees, agents, contractors and other third parties who have a business need to know. They will only process Personal Information on our instructions, and they are subject to a duty of confidentiality. We have implemented procedures to handle any suspected Personal Information breach and will, to the extent legally permissible, notify you and any applicable regulator of a breach as legally required.
  3. Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception, interference or other type of misuse. To protect the confidentiality of information maintained in your account, you must keep your password confidential and not disclose it to any other person. You are solely responsible for all uses of the Website, Software or Services by any person using your password. Please advise us immediately by contacting us as set forth in Section XV if you believe your password has been misused or if you suspect a security breach.
  4. In the event of a data security incident involving personal information, Musync will take appropriate steps to investigate, mitigate, and notify affected individuals and relevant authorities where required by applicable law.

VI. Data Retention

  1. We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements.
  2. Retention periods vary depending on the type of data and purpose of processing. For example:
    1. Account information is retained while your account is active and for a reasonable period thereafter
    2. Usage and analytics data may be retained in aggregated or de-identified form
    3. Certain information may be retained longer where required by law or for legitimate business purposes
  3. When personal information is no longer needed, we take reasonable steps to delete or de-identify it.

VII. International Transfers

1. European Users

  1. If you choose to use the Services from the EU, the UK, Switzerland or other regions of the world with laws governing data collection and use that may differ from U.S. law, please note that you are transferring your Personal Information outside of those regions to the U.S. for storage and processing. By providing information through the Services, you acknowledge that your information may be transferred to, stored in, and processed in the United States and other jurisdictions, in accordance with applicable legal safeguards described in this Policy.
  2. As described in this Policy, we may share Personal Information with third parties and may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  3. The legal grounds for our processing your Personal Information for the purposes in this Policy are as follows:
    1. where applicable, you have provided consent, which you may withdraw at any time by emailing us at the email address provided in Section XV;
    2. it is necessary for our contractual relationship;
    3. the processing is necessary for us to comply with our legal or regulatory obligations; and
    4. the processing is in our legitimate interest as a provider of the Services (for example, to protect the security and integrity of our systems and to provide you with customer service and the core functionality of the Services).

2. Other International Transfers

  1. If you are located outside the U.S., the EU, the UK and Switzerland, and you choose to provide Personal Information to us, we may transfer your Personal Information to the U.S. and process it there (or any other country where we operate or may have co-locations). When you provide Personal Information, it may be sent to servers located in the U.S. and other countries around the world. If you reside or are located within the EU, the UK or Switzerland and such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as you would have within the EU, the UK or Switzerland to the extent reasonably feasible under applicable law.
  2. Where personal information is transferred internationally, including to the United States, Musync relies on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms, as applicable.

VIII. California Privacy Rights

This section applies to California residents and supplements this Privacy Policy. It describes your rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the 'CCPA'). California residents have the right to:

  1. Request access to the personal information we collect about you
  2. Request deletion of your personal information
  3. Request correction of inaccurate personal information
  4. Opt out of the sale or sharing of personal information (if applicable)
  5. Limit the use and disclosure of sensitive personal information (if applicable)
  6. Not be discriminated against for exercising these rights

California law permits California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those third parties. See Section XV for where to direct such requests. We do not share your Personal Information with third parties for their own direct marketing purposes without your prior consent. Accordingly, you can prevent disclosure of your Personal Information to third parties for their direct marketing purposes by withholding consent.

We do not sell or share personal information as defined under the CCPA for cross-context behavioral advertising.

IX. New York Residents

  1. The Stop Hacks and Improve Electronic Data Security (N.Y. Gen Bus. Law § 899-bb, "SHIELD" Act) provides additional privacy rights to New York residents as stated below.
  2. Private Information. SHIELD expands the definition of this term to include account numbers, biometric information, credit/debit card numbers, access codes, usernames, email addresses, passwords and security questions and answers.
  3. Breach. A breach is now considered more broadly, and it refers to the unauthorized access of data that compromises the security of private information.
  4. Scope. The SHIELD Act expands the scope to any person or business that handles private information of a New York resident.
  5. Security Requirements. The Act requires companies to adopt reasonable safeguards to protect the integrity of private information.
  6. Musync complies with or exceeds the requirements of the SHIELD Act in the following ways:
    1. The administrative safeguards in respect of the SHIELD Act used by Musync include conducting periodic risk assessments, training employees in security program best practices and procedures, designation of a key engineering leader to maintain accountability for the security program to carefully select subcontractors and flow-down safeguards by contract to them and adjust our security protocols as the demands of the business evolve.
    2. The physical safeguards employed by Musync in respect of the SHIELD Act include routine assessment of information storage and disposal risk, maintaining our current systems to prevent, detect and respond to any unauthorized intrusion, disposal or its functional equivalent, of private information within a reasonable amount of time if requested by the consumer.
    3. Lastly, for technical safeguards, Musync will continually identify risks in its network to extend commercially reasonable and possible, identify risks in information processing, transmission and storage, detect and respond to system failures or attacks and consistently monitor and test the effectiveness of its system procedures.

X. COPPA

  1. Musync complies with the Children's Online Privacy Protection Act (COPPA) and does not knowingly collect personal information from children under 13 without appropriate parental consent.

XI. General Privacy Law Compliance

  1. Musync strives to comply with applicable data privacy laws across the jurisdictions in which it operates, including the United States and Canada. Similarly, Canada conforms to the Personal Information Protection and Electronic Documents Act ("PIPEDA"). Musync strives to conform to all of these laws and regulations to the best of its commercially reasonable ability, reflected in its internal policies and procedures centered around collection, use and disclosure of personal information. In all endeavors, Musync employs best practices in protecting Personal Information for all customers.

XII. Accessing and Modifying Your Information

  1. If you have an account on the Website or Software, you can access and modify your Personal Information associated with your account in your profile settings or by emailing us at the email address in Section XV below.
  2. You may "opt out" of receiving marketing or promotional emails from us by following the instructions in those emails or by emailing us at the email address provided in Section XV below. If you opt out, we may still send you non-promotional emails, such as emails about your account or our ongoing business relations (i.e. account verification, transactional communications, changes/updates to features of the Services and technical and security notices).

XIII. Changes and Updates to the Policy

  1. This Policy is current as of the Effective Date set forth above. We reserve the right to change the provisions of this Policy at any time. Please revisit this page periodically to stay aware of the most current language. Your continued use of the Website, Software and its Services after the revised Policy has become effective indicates that you have read, understood, and agreed to the most current version of this Policy, as posted on the Website.

XIV. Document Inconsistencies

  1. In the event of any inconsistency regarding AI usage, the Privacy Policy shall control with respect to personal data processing and AI-related data usage, and the Terms shall control with respect to user rights and permissions.

XV. Contact

  1. Please contact us with any questions regarding this Policy or to submit a request related to your Personal Information to:

Musync LLC.

Attn: Legal Department

422 Main Street, #1091

Lombard, IL 60148

legal@musync.co

XVI. Governing Law

  1. Musync LLC is a Delaware limited liability company. This Privacy Policy shall be governed by the laws of the State of Delaware, without regard to its conflict of law principles. Disputes relating to this Privacy Policy are subject to the dispute resolution provisions set forth in the Musync Terms & Conditions, including binding arbitration where applicable.

XVII. Terms & Conditions

  1. Musync's Terms & Conditions are incorporated herein by reference in relation to a User's use of the Website, Software and/or its Services. Musync reserves the right to modify its Terms & Conditions in its reasonable discretion from time to time.

XVIII. Business Transfers

  1. If Musync or its assets are acquired, or in the unlikely event that Musync discontinues business or enters into a bankruptcy, Musync would include data, including your Personal Information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this Policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.