← Back to Home

Privacy Policy

Last Updated: August 13, 2025
Effective Date: August 13, 2025
Version: 2.0 (GDPR & CCPA/CPRA Compliant)

Important: This Privacy Policy is compliant with the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and India's Digital Personal Data Protection Act (DPDPA) 2023. We are committed to protecting your privacy and personal data rights globally.

Musenex ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital art platform at musenex.com (the "Platform").

1. Data Controller and Contact Information

Data Controller: Musenex Platform
Email: privacy@musenex.com
Data Protection Officer: dpo@musenex.com
Address: Available upon request via contact form

2. Information We Collect

2.1 Personal Data (GDPR Article 4)

Legal Basis for Processing: Legitimate interests (Article 6(1)(f) GDPR), Contract performance (Article 6(1)(b) GDPR), Consent (Article 6(1)(a) GDPR)

We collect the following categories of personal information:

Data Category Examples Purpose Legal Basis (GDPR) Retention Period
Identity Data Name, username, profile information Account creation, platform functionality Contract (Art. 6(1)(b)) Account lifetime + 2 years
Contact Data Email address, communication preferences Communication, account verification Contract (Art. 6(1)(b)) Account lifetime + 2 years
Technical Data IP address, browser type, device info Security, analytics, performance Legitimate Interest (Art. 6(1)(f)) 24 months
Usage Data Platform interactions, preferences Service improvement, personalization Legitimate Interest (Art. 6(1)(f)) 24 months
Content Data Artwork uploads, comments, collections Platform services, community features Contract (Art. 6(1)(b)) Account lifetime + 5 years
Marketing Data Communication preferences, interests Marketing communications Consent (Art. 6(1)(a)) Until consent withdrawn + 1 year

2.2 Special Categories of Data

We do not intentionally collect special categories of personal data (racial origin, political opinions, religious beliefs, health data, biometric data, etc.) as defined under GDPR Article 9. If such data is inadvertently collected through user-generated content, it will be processed under the explicit consent legal basis.

2.3 Children's Data

Our Platform is not intended for children under 16 years of age (or under 13 in the US). We do not knowingly collect personal data from children under these ages without parental consent.

3. How We Use Your Information

We process your personal data for the following purposes:

4. Data Sharing and Transfers

4.1 Third-Party Sharing

We do not sell, rent, or trade your personal information to third parties. We may share your information in these limited circumstances:

4.2 International Data Transfers

GDPR Compliance: When we transfer personal data outside the European Economic Area (EEA), we ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Appropriate safeguards under GDPR Article 46

5. Data Security

We implement comprehensive security measures including:

Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy or as required by law. Retention periods are detailed in the table above.

5.1 DPDPA Compliance (India's Digital Personal Data Protection Act 2023)

As a Data Fiduciary under DPDPA, we ensure:

  • Lawful Processing: Processing personal data only with valid consent or legitimate grounds as specified in the Act
  • Notice Requirements: Providing clear and comprehensive privacy notices before data collection
  • Purpose Limitation: Using personal data only for specified, explicit, and legitimate purposes
  • Data Minimization: Collecting only necessary and proportionate personal data
  • Security Safeguards: Implementing reasonable security practices and procedures
  • Data Principal Rights: Facilitating exercise of rights including access, correction, and erasure
  • Grievance Redressal: Providing accessible grievance mechanisms
  • Breach Notification: Notifying the Data Protection Board and affected individuals of breaches

Cross-Border Data Transfer: When transferring data outside India, we ensure compliance with DPDPA requirements and government notifications.

6. Your Privacy Rights

6.1 GDPR Rights (EU/EEA Residents)

Under the GDPR, you have the following rights:

  • Right of Access (Article 15): Request copies of your personal data
  • Right to Rectification (Article 16): Correct inaccurate or incomplete data
  • Right to Erasure (Article 17): Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing (Article 18): Limit how we process your data
  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format
  • Right to Object (Article 21): Object to processing based on legitimate interests
  • Rights Related to Automated Decision-Making (Article 22): Not to be subject to automated decision-making
  • Right to Withdraw Consent: Withdraw consent at any time (where consent is the legal basis)

Response Time: We will respond to your request within one month (extendable to three months for complex requests).

6.2 CCPA/CPRA Rights (California Residents)

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have additional rights:

  • Right to Know: Know what personal information we collect, use, share, and sell
  • Right to Delete: Request deletion of personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt-out of the sale or sharing of personal information
  • Right to Limit: Limit the use and disclosure of sensitive personal information
  • Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights

Do Not Sell My Personal Information: We do not sell personal information. If this changes, we will provide an opt-out mechanism.

Response Time: We will respond to verifiable requests within 45 days (extendable to 90 days).

6.3 DPDPA Rights (Indian Residents)

Under India's Digital Personal Data Protection Act (DPDPA) 2023, Indian residents have the following rights as Data Principals:

  • Right to Information: Obtain information about personal data processing and purposes
  • Right to Correction and Erasure: Request correction of inaccurate data and deletion of personal data
  • Right to Grievance Redressal: Access to grievance redressal mechanisms
  • Right to Nominate: Nominate another person to exercise rights in case of death or incapacity
  • Consent Management: Free, specific, informed, unconditional, and unambiguous consent
  • Consent Withdrawal: Right to withdraw consent at any time

Data Fiduciary Obligations: We act as a Data Fiduciary under DPDPA and ensure:

  • Lawful processing with valid consent or legitimate grounds
  • Data minimization and purpose limitation
  • Reasonable security safeguards
  • Prompt breach notification
  • Grievance redressal within timelines

Response Time: We will respond to DPDPA requests within reasonable time as prescribed by the Data Protection Board of India.

6.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

7. Cookies and Tracking Technologies

We use cookies and similar technologies. You can manage cookie preferences through your browser settings. Our cookies include:

For detailed cookie information, see our Cookie Policy.

8. Automated Decision-Making and Profiling

We do not engage in automated decision-making or profiling that produces legal effects or significantly affects you without human oversight. Any automated processing is used only for:

9. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms:

10. Third-Party Services and Links

Our Platform may integrate with third-party services. We are not responsible for their privacy practices. Review their privacy policies:

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

12. Legal Basis Summary

Primary Legal Bases for Processing (GDPR):

  • Contract (Article 6(1)(b)): Account management, service provision
  • Legitimate Interests (Article 6(1)(f)): Security, analytics, platform improvement
  • Consent (Article 6(1)(a)): Marketing communications, non-essential cookies
  • Legal Obligation (Article 6(1)(c)): Compliance with applicable laws

13. Supervisory Authority

If you are an EU/EEA resident and believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

Contact Us

For any questions about this Privacy Policy or to exercise your privacy rights:

Response Time: We will respond to privacy-related inquiries within 30 days (or as required by applicable law).

This Privacy Policy is designed to comply with:

  • EU General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • California Privacy Rights Act (CPRA)
  • India's Digital Personal Data Protection Act (DPDPA) 2023
  • Other applicable privacy laws and regulations
.logo { font-size: 1.8rem; font-weight: 700; color: #667eea; text-decoration: none; } .back-link { color: #667eea; text-decoration: none; font-weight: 500; } .back-link:hover { text-decoration: underline; } .content { background: white; padding: 3rem; border-radius: 10px; box-shadow: 0 2px 10px rgba(0, 0, 0, 0.1); } h1 { color: #333; margin-bottom: 1rem; font-size: 2.5rem; } h2 { color: #333; margin: 2rem 0 1rem 0; font-size: 1.5rem; border-bottom: 2px solid #667eea; padding-bottom: 0.5rem; } h3 { color: #333; margin: 1.5rem 0 0.5rem 0; font-size: 1.2rem; } p { margin-bottom: 1rem; color: #666; } ul { margin: 1rem 0; padding-left: 2rem; } li { margin-bottom: 0.5rem; color: #666; } .last-updated { background: #f8f9fa; padding: 1rem; border-radius: 5px; margin-bottom: 2rem; border-left: 4px solid #667eea; } .contact-info { background: #e3f2fd; padding: 1.5rem; border-radius: 5px; margin-top: 2rem; } .contact-info h3 { color: #1976d2; margin-top: 0; }
Last Updated: August 13, 2025

Privacy Policy

At Musenex, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital art platform.

1. Information We Collect

Personal Information

When you register for an account or use our services, we may collect:

Artwork and Content

Usage Information

2. How We Use Your Information

We use the collected information to:

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only in these circumstances:

4. Data Security

We implement appropriate security measures to protect your personal information:

5. Your Rights and Choices

You have the following rights regarding your personal information:

6. Third-Party Services

Our platform may integrate with third-party services for:

These services have their own privacy policies, and we encourage you to review them.

7. International Data Transfers

Your information may be processed and stored in countries outside your residence. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable privacy laws.

8. Children's Privacy

Our platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. Cookies and Tracking

We use cookies and similar technologies to:

You can control cookie settings through your browser preferences.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.

11. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and how it's used, and the right to delete your personal information.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days.