Privacy Policy

Last updated: July 2, 2025

Controller: DEPI MEDIA FZE

Address: Al Shmookh Business Center, 1st Floor - Al Ettehad St, P.O.Box: 7073, Umm Al Quwain, United Arab Emirates

Email: hello@beatjar.com

TRN: 100232198000003

DEPI MEDIA FZE ("we", "our", or "us") operates BeatJar.com, a service offering personalized AI-generated songs. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and UAE data protection laws.

1. Information We Collect

We collect the following categories of personal data:

  • Identifiers: Name, email address, song recipient details, IP address
  • Personal Information: Contact details and custom song preferences
  • Transaction Data: Purchase information processed via Creem.io payment processor
  • Technical Data: Browser type, device type, operating system, referring URLs
  • Usage Data: Site activity, pages viewed, time spent on pages, click patterns
  • Song Content: Recipient information, occasion details, music preferences, and custom notes you provide
  • Cookies and Tracking Technologies: Session cookies, analytics cookies, and marketing pixels

2. How We Use Your Data

We process your personal data for the following purposes:

  • Order Fulfillment: Create and deliver your custom AI-generated songs
  • Communication: Send order confirmations, delivery notifications, and customer support
  • Payment Processing: Process payments securely through our payment partners
  • Service Improvement: Analyze usage patterns to enhance our website and services
  • Legal Compliance: Meet tax, financial reporting, and regulatory obligations
  • Marketing: Send promotional communications (with your consent where required)
  • Security: Protect against fraud, abuse, and security threats

We do not sell or rent your personal data to third parties.

3. AI and Automated Processing

BeatJar uses artificial intelligence and automated systems to create your custom songs:

  • Song Generation: AI technology creates personalized music based on your preferences and input
  • Content Processing: Your song details are processed by AI systems to generate unique compositions
  • Training Data: Our AI models are trained on publicly available music datasets and licensed content
  • Quality Enhancement: AI helps optimize song quality and personalization
  • Human Oversight: All AI-generated content undergoes human review before delivery
  • Bias Mitigation: We implement measures to reduce AI bias, though complete elimination cannot be guaranteed
  • Data Security: All AI processing is conducted securely with appropriate technical safeguards

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Performance of Contract: Processing necessary to fulfill your song order and deliver services
  • Legitimate Interest: Analytics, service improvement, fraud prevention, and customer support
  • Consent: Marketing communications, non-essential cookies, and optional features
  • Legal Obligation: Compliance with tax, financial reporting, and regulatory requirements
  • Vital Interests: Protection of health, safety, or security in emergency situations

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Payment Processors: Creem.io for secure payment processing
  • Cloud Infrastructure: Hosting and storage providers with appropriate security measures
  • Analytics Services: Google Analytics, Facebook Pixel, Pinterest Pixel for website optimization
  • Email Services: Resend.com for transactional and marketing emails
  • AI Services: OpenAI and other AI providers for song generation (data anonymized where possible)
  • Legal Authorities: When required by law, court order, or to protect our legal rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

All third-party processors are GDPR-compliant or operate under Standard Contractual Clauses or equivalent safeguards.

6. International Data Transfers

Your personal data may be processed outside the European Economic Area (EEA), including in:

  • United States: For AI processing, analytics, and cloud services
  • United Arab Emirates: Our primary business operations
  • Other jurisdictions: Where our service providers operate

We ensure appropriate safeguards through Standard Contractual Clauses, adequacy decisions, or equivalent mechanisms to protect your data during international transfers.

7. Your Privacy Rights

Under GDPR (EU Residents):

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for consent-based processing
  • Right to Complain: File complaints with your local Data Protection Authority

Under CCPA (California Residents):

  • Right to Know: Request information about personal data collection and use
  • Right to Delete: Request deletion of personal data
  • Right to Opt-Out: Opt out of sale/sharing (not applicable as we don't sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise your rights, contact us at hello@beatjar.com. We will respond within 30 days (GDPR) or 45 days (CCPA).

8. Data Retention

We retain personal data only as long as necessary for:

  • Service Delivery: Until your song is delivered and any support issues resolved
  • Legal Obligations: Tax records (7 years), financial records as required by law
  • Dispute Resolution: Until any disputes or claims are resolved
  • Marketing: Until you unsubscribe or withdraw consent
  • Analytics: Aggregated data may be retained indefinitely after anonymization

You may request earlier deletion by contacting us, subject to legal retention requirements.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for website functionality and security
  • Analytics Cookies: Google Analytics to understand site usage
  • Marketing Cookies: Facebook Pixel, Pinterest Pixel for advertising optimization
  • Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser or our cookie consent banner. Disabling certain cookies may affect website functionality.

10. Advertising and Marketing

We use various technologies for marketing and advertising:

  • Facebook Pixel: Tracks interactions for Facebook and Instagram advertising
  • Google Analytics & Ads: Website analysis and Google advertising campaigns
  • Pinterest Pixel: Pinterest advertising and audience building
  • Email Marketing: Customer communication via Resend.com
  • Remarketing: Show relevant ads to previous visitors

Data shared with advertising partners may include:

  • Website visit information and page views
  • Purchase behavior and conversion events
  • Device and browser information
  • Demographic data (when available and consented)
  • Custom audience data for lookalike targeting

11. Children's Privacy

BeatJar is intended for users aged 18 and over. We do not knowingly collect personal data from children under 18. If we become aware that we have collected data from a child, we will delete it promptly. Parents who believe their child has provided us with personal data should contact us immediately.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Limited access on a need-to-know basis
  • Regular Audits: Security assessments and vulnerability testing
  • Staff Training: Regular privacy and security training for employees
  • Incident Response: Procedures for data breach notification and response

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, as required by applicable law.

14. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or prominent website notice. Continued use of our services after changes constitutes acceptance of the updated policy.

15. Contact Us

For privacy-related questions, concerns, or to exercise your rights, contact us:

Email: hello@beatjar.com

Company: DEPI MEDIA FZE

Address: Al Shmookh Business Center, 1st Floor - Al Ettehad St

P.O.Box: 7073, Umm Al Quwain, United Arab Emirates

TRN: 100232198000003

EU Representative: If required by GDPR, we will appoint an EU representative and update this section with their contact details.