Privacy Policy

Last updated April 12, 2026

This Privacy Notice for Innertune Media Inc. (“we,” “us,” or “our”) describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services, including when you visit innertune.com, use our mobile application (Innertune: Listen Affirmations), or engage with us in other related ways.

Questions or concerns? Contact us at privacy@innertune.com.

Summary of Key Points

  • We collect personal information you provide and some data automatically when you use our services.
  • We do not process sensitive personal information.
  • We do not collect information from third parties.
  • We share information only in specific situations with specific categories of third parties.
  • You have rights to access, correct, and delete your data depending on your jurisdiction.

1. What Information Do We Collect?

Personal information you disclose to us

We collect personal information you voluntarily provide when you register, express interest in our products, participate in activities, or contact us. This may include:

  • Names, email addresses, billing addresses, phone numbers, mailing addresses, usernames, passwords
  • Debit/credit card numbers (handled by Stripe and PayPal — see their privacy notices)
  • Social media login data (if you register via Facebook, X, or similar)

Application data

If you use our app, we may collect geolocation data, mobile device access (bluetooth, camera, microphone, storage, etc.), device data (ID, model, OS, IP address), and push notification permissions — all subject to your device settings.

Information automatically collected

We automatically collect log and usage data (IP address, browser type, pages viewed, timestamps), device data, and location data when you visit our services. We also use cookies and similar tracking technologies — see our Cookie Policy.

Google API

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2. How Do We Process Your Information?

We process your information to:

  • Facilitate account creation, authentication, and management
  • Deliver services and respond to inquiries
  • Send administrative and marketing communications (you can opt out at any time)
  • Fulfill and manage orders and payments
  • Deliver targeted advertising and analyze usage trends
  • Protect our services through fraud monitoring and prevention
  • Comply with legal obligations

3. Legal Bases for Processing

EU / UK (GDPR)

We rely on consent, performance of a contract, legitimate interests (e.g., marketing, analytics, fraud prevention), legal obligations, and vital interests.

Canada

We rely on express or implied consent, and may process without consent in exceptional cases permitted by law (fraud detection, legal proceedings, safety, etc.).

4. When and With Whom Do We Share Your Information?

We may share data with third-party vendors who perform services on our behalf (ad networks, AI platforms, analytics, payment processors, data storage, social networks, etc.) under contracts that protect your information. We may also share in connection with business transfers, with business partners, or when you interact with public areas of our services.

5. Third-Party Websites

Our services may link to third-party websites. We are not responsible for their privacy practices. We encourage you to review their policies before providing any personal information.

6. Cookies and Tracking Technologies

We use cookies and similar technologies (web beacons, pixels) to maintain security, fix bugs, save preferences, and assist with analytics and advertising. See our Cookie Policy for details. We use Google Analytics, including Remarketing and Demographics features — you can opt out at tools.google.com/dlpage/gaoptout.

7. Artificial Intelligence Products

We offer AI-powered features through third-party providers including Anthropic and OpenAI. Your input, output, and related personal information may be processed by these providers. You must not use AI Products in violation of their terms and policies.

8. Social Logins

If you register via a social media account, we receive profile information (name, email, profile picture, etc.) from that provider. We use it only as described in this notice and are not responsible for the provider's own use of your data.

9. How Long Do We Keep Your Information?

We retain personal information only as long as necessary to fulfill the purposes set out in this notice or as required by law. Our general retention periods are:

  • Account data: Duration of your account, plus 30 days after deletion
  • Payment and transaction records: 7 years (tax and accounting legal requirements)
  • Support and communications records: 2 years from last contact
  • Analytics data: 26 months (per Google Analytics defaults)
  • Marketing preferences and consent records: Duration of account plus 5 years
  • Legal compliance records: As required by applicable law (typically 7 years)

When data is no longer needed, we delete or anonymize it. If immediate deletion is not possible (e.g., backup archives), we isolate the data from further processing until deletion is possible.

10. How Do We Keep Your Information Safe?

We implement appropriate technical and organizational security measures. However, no internet transmission or storage technology is 100% secure. You access our services at your own risk and should do so in a secure environment.

10A. International Data Transfers

Our Services are hosted in the United States and United Kingdom. If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, please be aware that your personal information may be transferred to and processed in countries outside your jurisdiction that may not have the same data protection laws.

Where required, we rely on one or more of the following transfer mechanisms:

  • Adequacy decisions issued by the European Commission (e.g., EU-US Data Privacy Framework) or the UK Secretary of State
  • Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to countries without an adequacy decision
  • The UK International Data Transfer Agreement (IDTA) for transfers from the UK where no adequacy decision applies

You may request a copy of the applicable transfer safeguards by contacting us at privacy@innertune.com.

11. Do We Collect Information from Minors?

We do not knowingly collect data from or market to children under 18. If you become aware of any data collected from a minor, please contact us at privacy@innertune.com.

12. Your Privacy Rights

Depending on your location (EEA, UK, Switzerland, Canada, or US states), you may have rights to access, correct, delete, or port your personal information, to restrict or object to processing, and to withdraw consent. To exercise these rights, submit a request to privacy@innertune.com.

To opt out of marketing emails, click “unsubscribe” in any email. To opt out of SMS, reply “STOP”. For cookie opt-outs, see our Cookie Policy.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to lodge a complaint with your local data protection supervisory authority. A list of EEA supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en. The UK supervisory authority is the Information Commissioner's Office (ICO) at https://ico.org.uk.

13. Do-Not-Track Features

We do not currently respond to DNT browser signals as no uniform standard has been finalized. California law requires this disclosure.

We also recognize the Global Privacy Control (GPC) signal as a valid opt-out request for the sale and sharing of personal information where required by applicable law (including the CCPA/CPRA).

14. US Residents — Specific Rights

Residents of California, Colorado, Connecticut, Utah, and Virginia may have additional rights including the right to know, access, correct, delete, and opt out of targeted advertising or sale of personal data. To exercise these rights, email privacy@innertune.com. California residents may also invoke the “Shine the Light” law (Civil Code § 1798.83) by writing to us.

California residents may also submit a “Do Not Sell or Share My Personal Information” request by emailing privacy@innertune.com with the subject line “CCPA Opt-Out Request.” We will process your request within 15 business days.

We have not sold personal information to third parties for commercial purposes in the preceding twelve months.

15. Other Regions

Australia & New Zealand: We comply with the Australian Privacy Act 1988 and New Zealand's Privacy Act 2020. Complaints may be directed to the Office of the Australian Information Commissioner or the Office of New Zealand Privacy Commissioner.

South Africa: Complaints regarding our processing may be directed to the Information Regulator at enquiries@inforegulator.org.za.

16. Updates to This Notice

We may update this notice from time to time. The “Last updated” date at the top will reflect any changes. We encourage you to review this notice regularly.

17. How to Contact Us

Innertune Media Inc.
1245 Boul Jean-Baptiste-Rolland O
Saint-Jerome, Québec J7Y 4Y7, Canada
privacy@innertune.com

18. Reviewing, Updating, or Deleting Your Data

To request access to, correction of, or deletion of your personal information, email us at privacy@innertune.com. We will respond in accordance with applicable data protection laws.