Privacy Policy - Aqusmatiq Audio

Effective Date: January 23, 2026
Last Updated: January 23, 2026
Company: Aqusmatiq Audio
Website: aqusmatiq.com
Contact: aqusmatiq@aqusmatiq.com

1. Introduction & Scope

Aqusmatiq Audio (“we,” “us,” “our,” or “Company“) is committed to protecting your privacy and ensuring a transparent relationship with our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you:

Visit our website (aqusmatiq.com)
Purchase or download our audio plugins (VST/AU/AAX)
Subscribe to our email list
Participate in our Discord community
Interact with our customer support

This Privacy Policy applies to all visitors and users (“Users,” “you,” or “your“) of aqusmatiq.comand related services.

Important: If you do not agree with our privacy practices, please do not use our website or services.

2. Legal Basis & Jurisdiction

Jurisdiction: This Privacy Policy is designed to comply with:

GDPR (General Data Protection Regulation, EU 2016/679) for EU/EEA residents
Italian Privacy Code (Codice della Privacy, Legislative Decree 196/2003 as amended)
CCPA (California Consumer Privacy Act) for California residents
Applicable laws in your jurisdiction of residence

Data Controller: Aqusmatiq Audio
Contact: aqusmatiq@aqusmatiq.com

If you have data privacy questions, contact us at: aqusmatiq@aqusmatiq.com (response time: 7 business days)

3. Categories of Personal Data We Collect

3.1 Data Collected Directly from You

When you visit aqusmatiq.com:

Email address (if you sign up for our email list or contact support)
Name (optional, for personalized communication)
Country/Location (for regional offers, GDPR/CCPA compliance)
Purchase history (items purchased, transaction dates, order amounts)
Support messages (when you email aqusmatiq@aqusmatiq.com)
Account information (if you create an account for plugin downloads)

When you purchase a plugin:

Payment information (via Stripe): Credit card last 4 digits, expiration date, billing address
Transaction ID (for order tracking)
License key (for activation/download authentication)

When you join our Discord community:

Discord username (public within the server)
Messages (text, images, attachments you post)
Interaction data (reactions, channel participation)
Profile information (avatar, display name, status)

3.2 Data Collected Automatically

Website analytics (via Google Analytics 4):

IP address (anonymized after 13 months)
Browser type (Chrome, Safari, Firefox, etc.)
Operating system (Windows, macOS, iOS, Android)
Device type (mobile, desktop, tablet)
Pages visited (session flow through aqusmatiq.com)
Duration of visits (time spent on each page)
Referral source (where you came from: Google, email, social media, etc.)
Event data (button clicks, downloads, form submissions)

Email marketing (via Brevo):

Email open rates (when you open our emails)
Click-through rates (links you click in emails)
Subscription status (active, unsubscribed, bounced)
Send times & frequency (personalized for engagement)

Cookies & similar tracking technologies:

Session cookies (temporary, for website functionality)
Analytical cookies (Google Analytics, understand user behavior)
Marketing cookies (optional, if you consent—see Section 6)

3.3 Data from Third Parties

We may receive data about you from:

Payment processors (Stripe): Transaction and fraud prevention data
Email service providers (Brevo): Delivery status, bounce information
Social media (if you share our content): Aggregated analytics, no personal identification
Community platforms (Discord): Moderation logs, user reports

4. Legal Basis for Processing (GDPR Article 6)

We process your personal data based on one or more of these legal bases:

Data Category	Processing Purpose	Legal Basis
Email	Newsletter, product updates, promotions	Consent (you opt-in)
Purchase history	Order fulfillment, license activation	Performance of contract
Support messages	Customer support, troubleshooting	Legitimate interest (resolve issues)
Analytics (GA4)	Website optimization, user experience	Legitimate interest (understand behavior)
IP address	Fraud prevention, security	Legitimate interest (protect system)
Discord participation	Community moderation, safety	Legitimate interest (enforce terms)
Payment data	Billing, tax compliance	Legal obligation (financial records)

5. How We Use Your Data

We use collected personal data for the following purposes:

5.1 Service Delivery

✅ Process plugin purchases and license activations
✅ Send download links and license keys
✅ Provide technical support via email or Discord
✅ Resolve billing disputes and refund requests
✅ Maintain account security (if applicable)

5.2 Communication & Marketing

✅ Send product updates, feature announcements, and new releases (with your consent)
✅ Promotional emails (soft launch pricing, seasonal discounts—opt-out anytime)
✅ Educational content (tutorials, production tips, synthesis guides)
✅ Community announcements (Discord #announcements channel)
✅ Respond to your inquiries and support requests

5.3 Product Improvement

✅ Analyze user behavior (which features are used, pain points)
✅ Track bug reports and feature requests (Discord #bugs, #features channels)
✅ Conduct A/B testing on website and email campaigns
✅ Identify technical issues (crashes, compatibility problems)
✅ Plan roadmap updates based on demand signals

5.4 Legal & Compliance

✅ Comply with tax obligations (invoice retention, EU VAT, local laws)
✅ Respond to legal requests (law enforcement, court orders)
✅ Enforce terms of service and prevent fraud
✅ Maintain financial records (payment history, license registration)

5.5 Legitimate Business Interests

✅ Prevent unauthorized access or plugin piracy
✅ Monitor community health (remove spam, enforce Discord rules)
✅ Identify technical improvements (website performance, load times)
✅ Assess market demand (pricing strategy, release timing)

6. Your Consent & Opt-Out Options

6.1 Email Marketing

How you’re added to our email list:

You opt-in on our landing page (explicit consent checkbox)
You explicitly request updates (support email request)

Your rights:

✅ Unsubscribe anytime: Click the “Unsubscribe” link in any email (instant removal)
✅ Manage preferences: Choose email types (announcements, promotions, tutorials)
✅ Request data deletion: Email aqusmatiq@aqusmatiq.com (14-day response)

Opt-out does NOT affect:

Order confirmation emails (transactional, required)
Support responses (you initiated contact)
Critical security alerts (plugin issues affecting your use)

6.2 Cookies & Analytics Tracking

Our cookie policy:

✅ Essential cookies (mandatory): Session functionality, login persistence
✅ Analytical cookies (optional): Google Analytics—you can opt-out

How to disable cookies:

Browser settings: Most browsers allow you to disable or delete cookies
Google Analytics opt-out: Visit Google Analytics Opt-Out Browser Add-On
Brevo email tracking opt-out: Unsubscribe from email list (see Section 6.1)

Important: Disabling cookies may limit website functionality (e.g., login, plugin download).

6.3 Discord Community Data

By joining our Discord server, you consent to:

✅ Public visibility of your username and messages in community channels
✅ Message moderation by our team (spam removal, ToS enforcement)
✅ Storage of messages for community records

Your rights in Discord:

✅ Delete your own messages (within Discord app)
✅ Leave the server anytime
✅ Request data deletion: Email aqusmatiq@aqusmatiq.com + Discord account ID

7. Data Sharing & Third Parties

We never sell or rent your personal data. We may share data with trusted third parties for limited purposes:

7.1 Essential Service Providers (Data Processors)

Provider	Data Shared	Purpose	Jurisdiction
Stripe	Email, payment method, billing address	Process payments, fraud prevention	USA (Privacy Shield/SCCs compliant)
Brevo	Email address, engagement metrics	Email marketing, list management	EU (Brevo HQ France)
Google Analytics	IP address, browser, pages visited	Website analytics, behavior tracking	USA (Google Analytics 4 anonymizes IPs after 13 months)
WordPress hosting provider	Website logs, visitor data	Website stability, security	[Verify your host]
Discord	Username, messages, profile data	Community platform, moderation	USA (Discord Inc.)

7.2 Disclosure for Legal Reasons

We may disclose your data if required by law:

✅ Court orders or legal process
✅ Government/regulatory requests
✅ Protecting against fraud or security threats
✅ Enforcing our terms of service

We will notify you of legal requests when legally permitted.

7.3 Business Transfers

If Aqusmatiq Audio is acquired or merged, your data may be transferred as part of the transaction. We will notify affected users with 30 days’ notice.

8. Data Retention & Deletion

8.1 Retention Periods

Data Type	Retention Period	Reason for Retention
Email list	Until you unsubscribe (or request deletion)	Marketing, product updates
Purchase history	7 years	Tax compliance (EU law), invoice archival
Support emails	3 years	Resolve disputes, reference previous issues
Google Analytics data	13 months (anonymized)	Website optimization, trend analysis
Brevo email metrics	3 years	Email campaign effectiveness
Discord messages	Indefinite (until deleted by user)	Community record, moderation history
Payment data (Stripe)	7 years	Financial/tax records
IP logs	90 days	Security, fraud detection

8.2 How to Request Data Deletion

You have the right to request deletion of your personal data (GDPR Article 17, “Right to Be Forgotten”):

To request deletion:

Email aqusmatiq@aqusmatiq.com
Include: Your full name, email address, data type (email list, purchase history, Discord account)
We will respond within 14 days

What we’ll do:

✅ Delete your email from our list
✅ Anonymize your purchase history (keep record without name/email for tax compliance)
✅ Remove your Discord account data (you manage via Discord settings)
✅ Confirm deletion in writing

Exceptions (we may retain data even after deletion request):

❌ Tax/legal obligations (financial records must be kept 7 years)
❌ Active support tickets (until resolved)
❌ Fraud investigation or security threats
❌ Contractual obligations

9. International Data Transfers (GDPR)

9.1 Data Transfers to the USA

Some of our service providers are USA-based:

Stripe (USA): Complies with Privacy Shield / Standard Contractual Clauses (SCCs)
Google Analytics (USA): Google Analytics 4 anonymizes data after 13 months
Discord (USA): Complies with GDPR-adequate safeguards

Safeguards:

✅ We use Standard Contractual Clauses (SCCs) for all USA transfers
✅ Data minimization (we limit what we share)
✅ Encryption in transit and at rest
✅ Regular audits of processor compliance

If you have concerns about international transfers, contact us at aqusmatiq@aqusmatiq.com.

9.2 Data Transfers Within EU

Brevo (France) and hosting within EU may occur. EU data stays within EU by default (no international transfer).

10. Your Rights Under GDPR & Local Laws

If you are a resident of the EU, EEA, or under similar data protection laws, you have the following rights:

10.1 Right of Access (GDPR Article 15)

Right: Request a copy of your personal data
How: Email aqusmatiq@aqusmatiq.com with “Right of Access” in subject
Response time: 14 days
Deliverable: We’ll send you a copy of your data in machine-readable format (CSV or JSON)

10.2 Right to Rectification (GDPR Article 16)

Right: Request correction of inaccurate data
How: Email aqusmatiq@aqusmatiq.com with corrections needed
Response time: 14 days
Example: “My email address is misspelled, please correct to [new email]”

10.3 Right to Erasure (GDPR Article 17)

Right: Request deletion of your data (“Right to Be Forgotten”)
How: See Section 8.2
Exceptions: Tax records, legal obligations

10.4 Right to Restrict Processing (GDPR Article 18)

Right: Ask us to limit how we use your data (e.g., “Don’t use for marketing”)
How: Email aqusmatiq@aqusmatiq.com with restrictions
Response time: 14 days
Note: We may still process for legal/contractual reasons

10.5 Right to Data Portability (GDPR Article 20)

Right: Receive your data in a structured, machine-readable format
How: Email aqusmatiq@aqusmatiq.com with “Data Portability” in subject
Response time: 14 days
Deliverable: CSV or JSON file with your data

10.6 Right to Object (GDPR Article 21)

Right: Object to marketing emails, analytics tracking, or processing based on legitimate interest
How: Click “Unsubscribe” in emails, or email aqusmatiq@aqusmatiq.com
Response time: Immediate (for marketing), 14 days (for other objections)

10.7 Right to Lodge a Complaint

Right: File a complaint with your Data Protection Authority if you believe we violated your rights
Contacts by country:
- 🇮🇹 Italy: Garante per la Protezione dei Dati Personali (https://www.garanteprivacy.it/)
- 🇩🇪 Germany: Bundesdatenschutzbeauftragte (https://www.bfdi.bund.de/)
- 🇫🇷 France: CNIL (https://www.cnil.fr/)
- [Other EU countries: Check your national DPA website]

11. Children & Minors

Our services are NOT intended for children under 13 years old.

✅ We do not knowingly collect personal data from children under 13
✅ Audio plugins (VST/AU) are professional tools not intended for minors
✅ If we discover a child has provided data, we will delete it immediately

If you are a parent/guardian and believe your child submitted data, contact us immediately at aqusmatiq@aqusmatiq.com.

12. Data Security Measures

We implement reasonable security measures to protect your personal data:

12.1 Technical Safeguards

✅ HTTPS/SSL encryption: All data in transit is encrypted (256-bit SSL)
✅ Database encryption: Payment/personal data at rest is encrypted (AES-256)
✅ Firewalls & intrusion detection: Network-level protection
✅ Regular security audits: Quarterly vulnerability assessments
✅ Secure password policies: Hashed passwords, no plain-text storage

12.2 Administrative Safeguards

✅ Access control: Only authorized staff can access sensitive data
✅ Confidentiality agreements: Employees sign NDAs
✅ Data minimization: We collect only what’s necessary
✅ Incident response plan: Breach notification within 72 hours (GDPR requirement)

12.3 Important Disclaimer

No security is 100% guaranteed. While we implement industry-standard safeguards, we cannot guarantee absolute security. Use strong, unique passwords and enable two-factor authentication where available.

13. Cookies & Tracking Technologies

13.1 Types of Cookies We Use

Cookie Type	Purpose	Duration	Your Control
Session cookies	Login persistence, form data	Session (until browser closes)	Required for functionality
GA4 analytics	Website traffic analysis, behavior	13 months	Optional (see Section 6.2)
Brevo email cookies	Email open/click tracking	1 year	Optional (unsubscribe to disable)
Third-party social	Track shares on social media	Varies	Depends on social platform

13.2 How to Manage Cookies

Browser controls:

Chrome: Settings → Privacy → Cookies → Delete cookies
Safari: Preferences → Privacy → Manage website data
Firefox: Preferences → Privacy → Cookies & Site Data

Disable Google Analytics:

Install Google Analytics Opt-Out Add-On

14. Third-Party Links & Services

Our website may contain links to third-party websites (e.g., YouTube for tutorials, KVR for reviews, social media). We are not responsible for the privacy practices of third-party sites.

⚠️ Check their privacy policies before providing data
⚠️ Examples: YouTube, Twitter, Reddit, KVR Audio, Product Hunt
⚠️ Disclaimer: Aqusmatiq Audio is not liable for third-party privacy breaches

15. Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, law, or other factors.

How we notify you:

✅ Major changes: Email notification to registered users (14 days’ notice)
✅ Minor changes: Update posted on aqusmatiq.com (last updated date changed)
✅ No material changes to your rights: No notification required

Your responsibility:

Review this page periodically for updates
Continued use of aqusmatiq.com after updates means acceptance

16. Contact Us

Data Privacy Officer / Contact:

📧 Email: aqusmatiq@aqusmatiq.com
🌐 Website: aqusmatiq.com
🏢 Company: Aqusmatiq Audio
📍 Location: Rome, Italy

Response time:

Data privacy requests: 14 days (GDPR requirement)
Support inquiries: 48 hours
Deletion requests: 14 days

17. Additional Information by Jurisdiction

17.1 GDPR (EU/EEA)

All rights listed in Section 10 apply to you
You may lodge complaints with your Data Protection Authority
Standard Contractual Clauses protect USA data transfers

17.2 CCPA (California)

If you are a California resident, you have the right to:

Know what personal data we collect
Request deletion of data
Opt-out of data sales (we do not sell data)
Non-discrimination for exercising CCPA rights

To exercise CCPA rights, email: aqusmatiq@aqusmatiq.com with “CCPA Request” in subject.

17.3 Italy (Codice della Privacy)

Italian residents benefit from enhanced GDPR protections under Italian law. Additionally:

Garante per la Protezione dei Dati Personali oversees compliance
Right to withdraw consent at any time
Special protections for children (minors under 16 need parental consent)

18. Summary: Quick Reference

Question	Answer
What data do you collect?	Email, name, purchase history, analytics (IP, browser), payment info (via Stripe), Discord messages
How do you use my data?	Process purchases, send emails, improve website, customer support, analytics, legal compliance
Do you sell my data?	❌ No. Never. We may share with service providers (Stripe, Brevo, Google Analytics)
How long do you keep my data?	Varies: email (until unsubscribe), purchases (7 years for tax), analytics (13 months), Discord (until deleted)
Can I delete my data?	✅ Yes. Email aqusmatiq@aqusmatiq.com (some data retained for legal reasons)
How do I unsubscribe from emails?	✅ Click “Unsubscribe” in any email (instant removal)
Do you use cookies?	✅ Yes: essential (required), analytics (optional), marketing (optional)
What are my rights?	Access, correction, deletion, portability, objection, complaint to DPA (see Section 10)
How do I contact you?	https://aqusmatiq.com/contact/

19. Appendix: Data Processing Schedule (GDPR Article 28)

This section is for Data Processing Agreements with third-party service providers.

Data Processors (acting on our instructions):

Processor	Data Category	Location	Agreement Status
Stripe	Payment, billing	USA	Standard Contractual Clauses (SCCs) in place
Brevo	Email, subscribers	EU (France)	EU Data Processing Agreement
Google (GA4)	Analytics, IP address	USA	Google Analytics Terms & SCCs
WordPress hosting	Website data, logs	[Specify]	Hosting Agreement with DPA
Discord	User profiles, messages	USA	Discord Terms of Service