MOOSYC, Inc. (“MOOSYC”, “we”, “us”, or “our”) is committed to protecting personal data and respecting the privacy rights of individuals in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable data protection laws.

This GDPR Policy explains how we collect, use, store, disclose, and protect personal data when you access or use MOOSYC’s websites, applications, platforms, and services (collectively, the “Services”).

By using MOOSYC, you acknowledge and agree to the practices described in this policy.

1. Data Controller

For the purposes of the GDPR, the data controller is:

MOOSYC, Inc.
169 Madison Ave, Suite 65784
New York, NY 10016
United States

Email: privacy@moosyc.com

MOOSYC has not appointed a Data Protection Officer at this time. If required by law, this policy will be updated accordingly.

2. Personal Data We Process

We may process the following categories of personal data:



• Identification data (name, email address, username, account identifiers)

• Account data (login credentials, artist or label profile information)

• Transaction data (billing details, payout information, invoices, payment history)

• Content data (music metadata, collaborator details, rights and ownership information)

• Usage data (IP address, device information, log data, analytics, platform interactions)

• Communications (support requests, emails, messages, feedback)

• Marketing data (preferences, consent status, campaign interactions)


  
  

We only process personal data that is necessary to operate, secure, and improve the Services.

3. Purposes and Legal Bases of Processing

MOOSYC processes personal data for the following purposes and lawful bases under Article 6 of the GDPR:



• Provision and operation of the Services (contractual necessity)

• Account creation and management (contractual necessity)

• Payments, payouts, invoicing, and accounting (contractual necessity and legal obligation)

• Customer support and communications (contractual necessity and legitimate interests)

• Platform security, fraud prevention, and abuse detection (legitimate interests)

• Analytics and product improvement (legitimate interests)

• Marketing communications (legitimate interests or consent, where required)

• Legal compliance and enforcement of rights (legal obligation)


  
  

Where processing is based on consent, consent may be withdrawn at any time.

4. Legitimate Interests

Where processing is based on legitimate interests, those interests include:

• Operating, maintaining, and improving the MOOSYC platform

• Ensuring security, reliability, and integrity of the Services

• Preventing fraud, abuse, and unauthorised use

• Communicating with users regarding the Services

• Growing the business in a proportionate and privacy-respecting manner



We always balance these interests against your fundamental rights and freedoms.

5. Data Sharing and Recipients

Personal data may be disclosed to:

• Service providers and processors acting on our behalf

• Payment processors and financial institutions

• Infrastructure, hosting, analytics, and security providers

• Professional advisers, auditors, and legal authorities where required by law

All processors are contractually bound to process personal data only on our instructions and in compliance with GDPR requirements.

MOOSYC does not sell personal data.

6. International Data Transfers

Personal data may be transferred to and processed in countries outside the European Union or the United Kingdom, including the United States.

Where required, such transfers are safeguarded using appropriate mechanisms, including:

• Standard Contractual Clauses approved by the European Commission

• UK International Data Transfer Addendum or IDTA



You may request additional information regarding these safeguards by contacting us.



7. Data Retention

We retain personal data only for as long as necessary to:



• Provide and maintain the Services

• Fulfil contractual and legal obligations

• Resolve disputes and enforce agreements



When personal data is no longer required, it is securely deleted or anonymised.



8. Your Rights Under GDPR

If you are located in the EU or the UK, you have the right to:



• Access your personal data

• Rectify inaccurate or incomplete data

• Request erasure of personal data, subject to legal limitations

• Restrict processing

• Object to processing based on legitimate interests

• Request data portability, where applicable

• Withdraw consent at any time



Requests may be submitted by emailing privacy@moosyc.com.



9. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where an alleged infringement occurred.



10. Security Measures

MOOSYC implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure.

Access to personal data is restricted to authorised personnel on a need-to-know basis.

11. Updates to This Policy

We may update this GDPR Policy from time to time to reflect changes in law, technology, or our data processing practices.
Material changes will be communicated where required by law. Continued use of the Services constitutes acceptance of the updated policy.

12. Contact

For questions, requests, or concerns regarding this GDPR Policy or the processing of your personal data, contact:

MOOSYC, Inc.

169 Madison Ave, Suite 65784

New York, NY 10016

United States

Email: privacy@moosyc.com