Privacy Policy
Last updated: February 23, 2026
1. Overview
MusicYaa ("we", "us", or "our") operates the website musicyaa.com and the MusicYaa mobile application (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.
Summary
We collect only the information necessary to connect you with Latin music artists and event vendors. We never sell your personal data. Payments are processed securely through Stripe and we never store your full credit card details.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, and password when you create an account
- Profile Information: Phone number, profile photo, and bio (for artists and vendors)
- Booking Information: Event date, time, location, event type, and special requests
- Payment Information: Payment card details are collected and processed directly by Stripe; we only receive a tokenized reference, the last four digits, and card type
- Communications: Messages sent through our platform between clients, artists, and vendors
2.2 Information Collected Automatically
- Device Information: Browser type, operating system, and device identifiers
- Usage Data: Pages visited, features used, and interaction patterns
- Location Data: General location derived from IP address (we do not collect precise GPS location)
- Cookies: Session cookies for authentication and preferences
2.3 Information from Third Parties
- Authentication Providers: If you sign in with a third-party service, we receive your name and email from that provider
- Payment Processor: Stripe provides us with transaction status, payment confirmations, and payout details
3. How We Use Your Information
We use the information we collect for the following purposes:
- Provide the Service: Process bookings, facilitate payments, and connect clients with artists and vendors
- Account Management: Create and maintain your account, authenticate your identity
- Communications: Send booking confirmations, payment receipts, reminders, and platform messages
- Customer Support: Respond to your inquiries and resolve disputes
- Improvements: Analyze usage patterns to improve our Service and user experience
- Safety & Security: Detect and prevent fraud, abuse, and unauthorized access
- Legal Compliance: Comply with applicable laws, regulations, and legal processes
No Advertising
MusicYaa does not contain ads and we do not sell or share your personal information with advertisers or ad networks.
4. How We Share Your Information
We do not sell your personal information. We may share your information in the following limited circumstances:
4.1 With Other Users
When you make a booking, your name, event details, and contact information are shared with the artist or vendor you are booking. Similarly, artist and vendor profile information is visible to clients browsing the platform.
4.2 Service Providers
We share information with trusted third-party services that help us operate the platform:
| Provider | Purpose | Data Shared |
|---|
| Stripe | Payment processing | Payment card details, transaction amounts, billing address |
| Amazon Web Services (AWS) | Cloud hosting, authentication, data storage | All platform data (encrypted at rest and in transit) |
| Google Maps | Location services for event venues | Event addresses for map display |
| Amazon SES | Email delivery | Email addresses, notification content |
4.3 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
5. Data Security
We implement industry-standard security measures to protect your personal information:
- All data is encrypted in transit using TLS/HTTPS
- Data at rest is encrypted using AWS encryption services
- Payment processing is handled by Stripe, a PCI-DSS Level 1 certified provider
- Authentication is managed through AWS Cognito with secure password hashing
- Access to production systems is restricted and monitored
- We use AWS WAF (Web Application Firewall) to protect against common web threats
Important
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct any inaccurate or incomplete personal data
- Deletion: Request that we delete your personal data, subject to legal obligations
- Data Portability: Request a machine-readable copy of your data
- Opt-Out: Unsubscribe from marketing emails at any time using the link in our emails
- Account Deletion: Request complete deletion of your account and associated data by contacting us
6.1 California Residents (CCPA)
If you are a California resident, you have the right to know what personal information we collect, request deletion of your data, and opt out of the sale of your personal information. We do not sell personal information.
6.2 How to Exercise Your Rights
To exercise any of these rights, please contact us at privacy@musicyaa.com. We will respond to your request within 30 days.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes described in this policy:
| Data Type | Retention Period |
|---|
| Account information | Until account deletion requested |
| Booking records | 7 years (tax and legal compliance) |
| Payment records | 7 years (financial regulations) |
| Messages | 2 years after last activity |
| Usage analytics | 24 months (anonymized) |
When data is no longer needed, it is securely deleted or anonymized.
8. Children's Privacy
Our Service is not directed to anyone under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will delete such information.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.