Privacy Policy

1 Who We Are

Layerhouse LLC operates layerhouse.io, a curated royalty-free music library for YouTubers, podcasters, indie game developers, and filmmakers.

For privacy-related inquiries, you can reach us at privacy@layerhouse.io.

When we say “we”, “us”, or “Layerhouse”, we mean Layerhouse LLC. When we say “you” or “your”, we mean you, the user of our platform.

2 Information We Collect

2.1 Information You Provide

• –Account information: name, email address, password
• –Profile information: display name, bio, avatar, website
• –Artist information: additional details if you apply as an artist
• –Payment information: processed securely by Stripe — we store only a Stripe customer ID, never card details
• –Communications: messages you send to our support team

2.2 Information Collected Automatically

• –Usage data: pages visited, features used, tracks played and downloaded
• –Device data: browser type, operating system, screen resolution
• –Log data: IP address, access times, referring URLs
• –Cookie data: see Section 5 for details

2.3 Information from Third Parties

• –Stripe: payment confirmation, subscription status
• –Supabase: authentication tokens (when using social login)

3 How We Use Your Information

We use your information only for the purposes described here. We do not use your data for targeted advertising.

• –Provide and maintain the Layerhouse platform
• –Process subscriptions, payments, and artist payouts
• –Generate license records for your downloads
• –Calculate royalty distributions for artists
• –Send transactional emails (download confirmations, billing receipts)
• –Send product updates and feature announcements (you can opt out)
• –Detect and prevent fraud, abuse, and security threats
• –Improve the platform through anonymized, aggregated analytics
• –Respond to your support requests
• –Comply with legal obligations

4 How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only in these limited circumstances:

4.1 Service Providers

We share data with providers who help us operate the platform:

4.2 Artists

Artists can see aggregate download counts and play counts for their tracks. They cannot see individual user identities or personal data.

4.3 Legal Requirements

We may disclose information if required by law, subpoena, court order, or to protect the rights, safety, or property of Layerhouse, our users, or the public.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify you before your data is subject to a different privacy policy.

5Cookies & Tracking

We use cookies and similar technologies to keep you logged in and improve your experience.

We do not use advertising cookies or tracking pixels. We do not participate in cross-site tracking networks.

Our analytics provider is PostHog (US Cloud). We capture pageviews, conversion events like checkout cancellations, and basic device/session info. PostHog receives your IP address for geo-resolution. After you sign in, we associate events with your account ID and email. We honor the Do Not Track browser signal and never use this data to target advertising. To opt out, enable Do Not Track in your browser, or contact privacy@layerhouse.io to request data deletion.

5.1 Managing Cookies

You can manage cookie preferences in your account settings or through your browser settings. Disabling essential cookies may prevent you from using the platform.

6 Data Retention

We retain your data only as long as needed for the purposes described in this policy.

6.1 Account Deletion

When you delete your account, we remove your personal data within 30 days. Some data may persist in encrypted backups for up to 90 days. License records are retained in anonymized form to protect artists’ royalty calculations.

7 Your Rights

Regardless of where you live, you have the following rights:

• –Access: Request a copy of the personal data we hold about you
• –Correction: Request correction of inaccurate or incomplete data
• –Deletion: Request deletion of your account and personal data
• –Portability: Request your data in a machine-readable format
• –Objection: Object to processing of your data for specific purposes
• –Withdrawal: Withdraw consent for optional data processing at any time

To exercise any of these rights, email privacy@layerhouse.io or use the data export feature in your account settings. We will respond within 30 days.

8 GDPR (EU Users)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR).

8.1 Legal Basis for Processing

• –Contract: Processing necessary to provide the service you signed up for (account management, downloads, licensing)
• –Legitimate interest: Security, fraud prevention, platform improvement
• –Consent: Marketing emails (you can withdraw anytime via account settings) and optional analytics (you can withdraw anytime via Do Not Track browser setting)
• –Legal obligation: Tax records, legal compliance

8.2 International Transfers

Your data is processed in the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for transfers outside the EEA.

8.3 Data Protection Authority

You have the right to lodge a complaint with your local data protection authority if you believe we are processing your data unlawfully.

9 CCPA (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA).

9.1 Your CCPA Rights

• –Right to know: What personal information we collect, use, and share
• –Right to delete: Request deletion of your personal information
• –Right to opt-out: Opt out of the sale of personal information (we don’t sell your data, so this right is automatically satisfied)
• –Right to non-discrimination: We will not discriminate against you for exercising your rights

9.2 How to Make a Request

Submit CCPA requests to privacy@layerhouse.io. We will verify your identity before processing the request. You may also designate an authorized agent to make requests on your behalf.

10Children’s Privacy

Layerhouse is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete that information promptly.

Users between 13 and 18 may use Layerhouse with parental or guardian consent. If you are a parent or guardian and believe your child has provided personal information without your consent, contact us at privacy@layerhouse.io.

11 Data Security

We implement industry-standard security measures to protect your data:

• –All data transmitted over HTTPS/TLS encryption
• –Passwords hashed using bcrypt (via Supabase Auth)
• –Database access restricted by Row-Level Security (RLS) policies
• –Payment processing handled entirely by Stripe (PCI DSS compliant)
• –Regular security reviews and dependency updates
• –Access to production systems limited to essential personnel

No system is 100% secure. If you discover a security vulnerability, please report it to security@layerhouse.io.

12 Third-Party Services

Our platform integrates with third-party services. Each has its own privacy policy:

We encourage you to review the privacy policies of these services. Layerhouse is not responsible for the privacy practices of third parties.

13 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• –Email notification to the address associated with your account
• –A prominent notice on the platform at least 30 days before changes take effect
• –Updating the "Last Updated" date at the top of this page

Your continued use of the platform after changes take effect constitutes acceptance of the updated policy. If you disagree with the changes, you may delete your account.