StudioSphere Privacy Policy

Effective Date: 2025-12-14

Last Updated: 2025-12-14

At StudioSphere, privacy is a foundational design principle. This Privacy Policy ("Policy") explains how StudioSphere ("we", "our", "us") collects, uses, retains, discloses, and protects personal information in accordance with Quebec's Act respecting the protection of personal information in the private sector (Law 25), as well as applicable Canadian and international privacy laws.

By using StudioSphere's website, applications, APIs, and related services (collectively, the "Services"), you acknowledge that you have read and understood this Policy.

1. Person Responsible for Personal Information

In accordance with Law 25, the person responsible for the protection of personal information is:

Paul Blouin
Founder, StudioSphere
📧 privacy@studiosphere.space

This individual is responsible for ensuring compliance with applicable privacy legislation and for responding to requests regarding personal information.

2. Privacy Governance and Principles

StudioSphere maintains internal governance policies and practices governing the lifecycle of personal information, including its collection, use, retention, destruction, and protection.

Our guiding principles include:

  • Privacy by Design: Privacy considerations are embedded into system architecture and product decisions.
  • Data Minimization: Only information necessary to deliver the Services is collected.
  • Transparency: We clearly explain our practices and purposes.
  • User Control: Users retain control over their personal information.
  • Security by Default: Appropriate safeguards protect information at all stages.

3. Personal Information We Collect

3.1 Account Information

When you create an account, we collect:

  • Name or display name
  • Email address
  • Encrypted password credentials
  • Authentication data from third-party identity providers (e.g., Google, Apple), if used

StudioSphere does not store raw passwords, payment card numbers, or OAuth secrets.

3.2 Usage and Technical Information

We may collect limited technical information, including:

  • Device type and browser version
  • IP address (used solely for security, fraud prevention, and abuse mitigation)
  • Session timestamps and high-level usage metrics

IP addresses are retained only for the minimum period necessary for security purposes and are subsequently anonymized or deleted.

3.3 User-Generated Content

Content uploaded or shared through the Services (including audio files, notes, messages, and metadata) remains the property of the user.

This content is processed solely to:

  • Provide playback, synchronization, and collaboration features
  • Enable secure access and backup for user retrieval

StudioSphere does not analyze creative content for advertising, profiling, or artificial intelligence training.

3.4 Communications

We may collect:

  • In-app chat messages and reactions within collaborative sessions
  • Communications sent to our support channels

These communications are accessible only to intended participants and authorized support personnel.

3.5 Payment Information

Payments are processed by third-party payment processors (e.g., Stripe). StudioSphere does not collect or store credit card numbers or banking details.

4. Purposes of Collection

Personal information is collected and used strictly for the following purposes:

  • Account creation, authentication, and management
  • Delivery of collaborative and real-time audio features
  • Security, fraud prevention, and abuse detection
  • Service reliability, maintenance, and improvement
  • Communication of essential service-related notices

Personal information is not used for targeted advertising, resale, or profiling.

5. Consent

By creating an account or using the Services, users provide free, informed, and specific consent to the collection and use of their personal information for the purposes described in this Policy.

Users may withdraw their consent at any time, subject to legal or contractual restrictions, by contacting privacy@studiosphere.space. Withdrawal of consent may limit or prevent access to certain Services.

6. Data Retention and Destruction

Personal information is retained according to defined retention criteria based on:

  • The purposes for which it was collected
  • Legal and regulatory obligations
  • Contractual requirements

When personal information is no longer required, it is securely destroyed or irreversibly anonymized. Upon account deletion, personal information is removed from active systems within 30 days, unless retention is required by law.

7. Data Security Safeguards

StudioSphere implements physical, administrative, and technical safeguards appropriate to the sensitivity of the information, including:

  • Encryption of data in transit and at rest
  • Role-based access controls
  • Secure authentication mechanisms
  • Continuous monitoring and vulnerability management

8. Confidentiality Incidents (Data Breaches)

In the event of a confidentiality incident involving personal information, StudioSphere will:

  1. Assess whether the incident presents a risk of serious injury to affected individuals;
  2. Take reasonable measures to reduce the risk and prevent recurrence;
  3. Notify affected individuals when required by law;
  4. Notify the Commission d'accès à l'information du Québec (CAI) when required;
  5. Maintain an internal register of confidentiality incidents.

9. Disclosure and Service Providers

Personal information may be disclosed only in the following circumstances:

  • With user consent (e.g., collaboration invitations);
  • To service providers who support the operation of the Services (hosting, payment processing), under contractual obligations ensuring confidentiality and security;
  • When required by law or a valid legal order.

StudioSphere does not sell or trade personal information.

10. International Transfers of Personal Information

Personal information may be processed or stored outside Quebec or Canada.

Before transferring personal information outside Quebec, StudioSphere conducts a privacy impact assessment evaluating the legal framework and privacy protections of the destination jurisdiction and implements appropriate safeguards.

11. Automated Decision-Making

StudioSphere does not use personal information to make automated decisions that produce legal or similarly significant effects on users.

12. User Rights

Subject to applicable laws, users have the right to:

  • Access their personal information;
  • Request correction of inaccurate information;
  • Request deletion of personal information;
  • Withdraw consent;
  • Receive their personal information in a structured, commonly used, and machine-readable format (data portability).

Requests may be submitted to privacy@studiosphere.space.

13. Children and Minors

StudioSphere is not intended for children.

In Quebec, users under the age of 14 may only use the Services with the consent of a parent or legal guardian. If we become aware that personal information of a minor has been collected without proper consent, it will be promptly deleted.

14. Policy Updates

This Policy may be updated from time to time. Material changes will be communicated through the Services or by email prior to taking effect.

15. Contact Information

For privacy-related inquiries, access requests, or complaints:

Privacy Officer: Paul Blouin
📧 privacy@studiosphere.space
🌐 https://studiosphere.space

Summary:

Your data remains yours. StudioSphere collects minimally, protects rigorously, and operates with transparency in compliance with Law 25.