At HEATINC Marketplace ("we," "our," or "us"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.
1. Information We Collect
1.1 Information You Provide
When you register and use our Service, we collect:
- Account Information: Email address, username, full name, phone number
- Profile Information: User role (producer/artist), bio, profile picture
- Payment Information: Payment details for purchases and payout information for producers
- Content: Music tracks, artwork, descriptions, and metadata you upload
- Communications: Messages, support requests, and feedback you send us
1.2 Automatically Collected Information
When you use our Service, we automatically collect:
- Usage Data: Pages viewed, tracks played, search queries, features used
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Access times, error logs, performance data
- Cookies: Session cookies for authentication and functionality
1.3 Payment Information
Payment processing is handled by our third-party provider, Xendit. We do not store full credit card numbers on our servers. We receive transaction confirmations and payment status from Xendit.
2. How We Use Your Information
We use your information to:
- Provide, operate, and maintain the Service
- Process transactions and send transaction notifications
- Verify your identity and prevent fraud
- Send you email verification and account notifications
- Respond to your comments, questions, and customer service requests
- Analyze usage to improve our Service
- Enforce our Terms of Service and protect against misuse
- Comply with legal obligations
- Send you marketing communications (with your consent)
3. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and context:
- Contract: Processing necessary to provide the Service you requested
- Consent: You have given explicit consent (e.g., marketing emails)
- Legitimate Interests: Processing necessary for our legitimate business interests (fraud prevention, service improvement)
- Legal Obligation: Processing required by law
4. How We Share Your Information
We do not sell your personal information. We share your data only in these circumstances:
4.1 With Other Users
- Your username and public profile information are visible to other users
- Producers can see buyer information for their sales
4.2 Service Providers
- Xendit: Payment processing
- Cloudinary: Media storage and delivery
- MongoDB Atlas: Database hosting
- Email Service Provider: Transactional emails
4.3 Legal Compliance
We may disclose your information if required by law, court order, or to:
- Comply with legal obligations
- Protect our rights, property, or safety
- Investigate fraud or security issues
- Enforce our Terms of Service
5. Data Retention
We retain your personal information for as long as necessary to:
- Provide the Service to you
- Comply with legal obligations (tax records, transaction history)
- Resolve disputes and enforce agreements
When you delete your account, we will delete or anonymize your personal data within 30 days, except where we must retain it for legal compliance.
6. Your Privacy Rights
Depending on your location, you may have the following rights:
6.1 All Users
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and data
- Opt-out: Unsubscribe from marketing emails
6.2 GDPR Rights (EEA Users)
- Data Portability: Receive your data in a portable format
- Restriction: Request restriction of processing
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time
- Lodge a Complaint: File a complaint with your data protection authority
To exercise these rights, contact us at [email protected]
7. Cookies and Tracking
We use cookies and similar tracking technologies:
- Essential Cookies: Required for authentication and security
- Functional Cookies: Remember your preferences and settings
- Analytics Cookies: Help us understand how you use our Service
You can control cookies through your browser settings, but disabling essential cookies may limit functionality.
8. Data Security
We implement appropriate security measures to protect your data:
- Encryption of data in transit (HTTPS/TLS)
- Secure password hashing (bcrypt)
- Regular security updates and monitoring
- Access controls and authentication
- Rate limiting to prevent abuse
However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses approved by regulatory authorities.
10. Children's Privacy
Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
11. Third-Party Links
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read their privacy policies.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or prominent notice on our Service. Your continued use after changes constitutes acceptance of the updated policy.
Your Consent
By using HEATINC Marketplace, you consent to this Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use our Service.