Adieu Sounds - Privacy Policy
1. Who We Are
Adieu Sounds (“we,” “our,” or “us”) operates the website adieusounds.com and adieu.team and related services, including digital music products, producer resources, and event registrations (collectively, the “Services”).
- Data Controller (outside the EEA/UK): Adieu Sounds, 3133 Maple Dr NE Ste 240 #1246 Atlanta, GA 30305 USA.
-
Data Protection Officer (DPO): drew@adieusounds.com / drew@adieu.team
-
Global Privacy Office: drew@adieusounds.com / drew@adieu.team
2. Scope & Global Compliance Commitment
We design our privacy programme to meet or exceed requirements in all jurisdictions where we operate or have users, including:
-
GDPR/UK GDPR, ePrivacy Directive, Swiss nFADP
-
US state privacy laws (e.g., CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA, ICPA, TDPA, MCDPA, FLDPA, DELPPA) IAPPBloomberg Law
-
PIPEDA (Canada), LGPD (Brazil), Privacy Act 1988 (Australia), PDPA (Singapore, Thailand), POPIA (South Africa), PDPB (India, draft), and the 140-plus national data-protection statutes now in force worldwide IAPP
Because legal obligations differ by region, Sections 13–17 provide jurisdiction-specific supplements that prevail where they grant stronger rights.
3. Information We Collect
Category |
Examples |
Source |
Legal Basis (GDPR/UK GDPR) |
Account & Contact Data |
name, stage name, email, postal address, phone |
you |
Contract; Legitimate Interest |
Purchase & Payment Data |
product, order ID, limited card/BTC details via PCI-DSS-compliant processor |
you / processor |
Contract; Legal Obligation |
Content & Usage Data |
sample-pack downloads |
you |
Contract; Legitimate Interest |
Device & Analytics Data |
IP, browser type, OS, referral URLs, events, cookies, pixels |
automatic |
Consent (where required); Legitimate Interest |
Marketing & Social Data |
preferences, survey responses, social-media handles |
you |
Consent; Legitimate Interest |
We do not intentionally collect data about children under 13 (or 16 in the EEA). If we become aware we have done so, we delete it promptly.
4. How & Why We Use Your Data
Purpose |
Typical Processing Activities |
Legal Basis |
Provide, maintain, and secure the Services |
account creation, authentication, fraud prevention, breach detection |
Contract; Legitimate Interest |
Fulfil purchases & deliver digital goods |
licensing downloads, order confirmations, ticket issuance |
Contract |
Customer support & community engagement |
responding to messages, Discord/Slack channels, testimonials (with consent) |
Legitimate Interest; Consent |
Marketing & personalisation |
sending newsletters, showing relevant products, remarketing ads |
Consent (where required); Legitimate Interest |
Compliance & legal obligations |
tax/VAT, accounting, sanctions screening, responding to lawful requests |
Legal Obligation; Legitimate Interest |
Automated decision-making is limited to basic fraud filters and cookie-based ad delivery; none produces legal or similarly significant effects on you.
5. Cookies, Pixels & Similar Tech
We use:
-
Strictly Necessary Cookies – site core functions, always active.
-
Analytics Cookies (e.g., Plausible, GA4 with IP anonymisation).
-
Advertising Pixels (Meta, TikTok, Google) – disabled until you consent via our Cookie Banner (powered by Ketch.com).
Browser “Do Not Track” signals are honoured as an opt-out of analytics and advertising cookies.
6. Sharing & International Transfers
Recipient Type |
Typical Examples |
Safeguards |
Service Providers |
hosting (Shopify), payments (Shopify Payments, PayPal, Apple Pay), email (Omnisend), analytics (Plausible) |
DPAs, SCCs, ISO 27001 |
Business Partners |
affiliate platforms |
DPAs, confidentiality clauses |
Legal / Government |
tax authorities, courts, police |
statutory requirements |
Corporate Transactions |
mergers, asset sales |
contractual requirement to continue protections |
Cross-border Transfers: Data moves from your region to the USA and other countries. Where local law deems destination protections “inadequate,” we rely on:
-
EU & UK Standard Contractual Clauses (2021/914/EU & IDTA) plus transfer impact assessments.
-
APEC CBPR/PRP certification in 2025 (pending).
-
Binding Corporate Rules for intra-group transfers (if applicable).
7. Data Retention
We keep data only as long as needed for the purposes above, plus:
-
Transactional records: 7 years (tax & accounting).
-
Marketing consent logs: until you withdraw + 5 years.
-
Back-ups & logs: rotated ≤ 24 months.
When retention ends, we securely delete or irreversibly anonymise the data.
8. Your Rights
Depending on where you live, you may have some or all of these rights:
Global Right |
EU/UK |
US (CCA, CO, CT, UT, VA, etc.) |
Brazil LGPD |
Canada PIPEDA |
Others |
Access |
✔ |
✔ |
✔ |
✔ |
✔ |
Rectification / Correction |
✔ |
✔ (if inaccurate) |
✔ |
✔ |
✔ |
Deletion / Erasure |
✔ |
✔ |
✔ |
✔ (if no longer justified) |
✔ |
Portability |
✔ |
✔ (when feasible) |
✔ |
(informal) |
varies |
Restrict / Object / Opt out |
✔ |
Opt-out of sale/ads |
✔ |
– |
✔ |
Limit use of Sensitive Data |
✔ |
✔ |
✔ |
– |
varies |
Non-discrimination |
n/a |
✔ |
n/a |
n/a |
varies |
Withdraw consent at any time |
✔ |
✔ |
✔ |
✔ |
✔ |
Lodge complaint with authority |
✔ |
– (state AG) |
✔ |
✔ |
✔ |
To exercise any right, email drew@adieusounds.com. We will verify your identity (or your authorised agent) and respond within the timeframe your law specifies (e.g., 30 days EU/UK, 45 days California).
9. California & Other US State Supplements
-
No Sale of Personal Information: We do not “sell” or “share” personal information as defined by CCPA/CPRA.
-
Sensitive Personal Information (artistic biometric data, precise geolocation) is processed only with notice and the ability to limit its use.
-
Metrics: Annual California transparency metrics are published in our CCPA Report.
-
Universal Opt-Out Signals (GPC) honoured automatically.
Other state residents (e.g., Colorado, Virginia, Utah, Connecticut, Delaware, Florida, Tennessee, Indiana, Montana, Nebraska, Iowa) have similar rights; see the State Privacy Addendum for details.
10. EEA/UK Specifics
-
Legal Bases: contract, legitimate interest, consent, legal obligation, vital interest.
-
Right to Object: Where we rely on legitimate interests (Art 6 (1)(f)), you may object; we will cease unless we demonstrate compelling legitimate grounds.
-
Representative & DPO: see Section 1.
-
Supervisory Authority: You may complain to your local authority or the Belgian DPA (Lead SA).
11. Brazil LGPD
-
Controller (Art. 41): AdieuSounds.
-
Encarregado (DPO): drew@adieusounds.com.
-
International Transfers: SCCs or ANPD-approved mechanisms.
12. Canada (PIPEDA & Provincial Acts)
We rely on implied consent to process data necessary to fulfil your purchases; express consent for marketing. Data may be stored in the USA; contractual safeguards protect it from unauthorised access.
13. APAC & Other Jurisdictions
Where local law (e.g., Australia Privacy Act, Singapore/Thailand PDPA, Japan APPI, South Korea PIPA, South Africa POPIA) provides stronger rights, we honour them. Users may contact the regional authority or our DPO.
14. Children’s Privacy
The Services are not directed to children under 13 (or under 16 in jurisdictions where consent must come from a parent/guardian). We do not knowingly collect such data. Contact us if you believe a child’s data has been provided.
15. Third-Party Links & Services
Our site may contain links to third-party platforms (e.g., Shopify storefronts, YouTube tutorials). We are not responsible for their privacy practices. Review their policies before providing personal information.
16. Changes to This Policy
We may update this Privacy Policy to reflect legal, technical, or business changes. When we do, we will:
-
Post the new version at adieusounds.com/pages/privacy-policy
-
Change the “Effective date” at the top; and
-
Where required, seek your consent for material changes (e.g., new processing purposes).
17. Contact Us
Adieu Sounds
3133 Maple Dr NE Ste 240 #1246
Atlanta, GA 30305 USA
Email: drew@adieusounds.com / drew@adieu.team
Tel: +1 (770) 765-7367
For unresolved EU/EEA matters, contact the Belgian Data Protection Authority at contact@apd-gba.be. For UK matters, contact the ICO at ico.org.uk.