DEMO - Not operational

Privacy Policy

Last Updated: December 19, 2025

1. Introduction

Authenta Invest Series 396, LLC ("Authenta Invest," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Platform, including Music.co.im and Internetmusic.fans.

By using the Platform, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Platform.

2. Information We Collect

2.1 Personal Information You Provide

  • Account Information: Name, email address, phone number, date of birth, country of residence
  • Identity Verification (KYC): Government-issued ID, proof of address, biometric data, accredited investor verification documents
  • Financial Information: Bank account details, cryptocurrency wallet addresses, payment processor information, tax identification numbers
  • Copyright Information: Copyright ownership documentation, metadata for registered works, split share arrangements, licensing terms
  • Communication Data: Messages, support tickets, consultation requests, feedback submissions

2.2 Information Automatically Collected

  • Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
  • Usage Data: Pages visited, time spent on pages, navigation paths, features used, transaction history
  • Location Data: Geolocation based on IP address for jurisdiction-specific content and regulatory compliance
  • Blockchain Data: Wallet addresses, transaction hashes, smart contract interactions, gas fee payments
  • Cookies and Tracking: Session cookies, preference cookies, analytics cookies (see Cookie Policy for details)

2.3 Information from Third Parties

  • KYC/AML Providers: Identity verification results, risk screening reports, sanctions list checks
  • Payment Processors: Transaction confirmations, payment method details, fraud detection signals
  • Banking Partners: Account verification status, transaction processing information
  • Copyright Databases: Public copyright registry data, rights verification information

3. How We Use Your Information

  • Platform Operations: Process copyright registrations, facilitate licensing transactions, distribute royalty payments, execute smart contracts
  • Account Management: Create and maintain user accounts, verify identity, authenticate access, manage preferences
  • Regulatory Compliance: Conduct KYC/AML screening, file regulatory reports, respond to law enforcement requests, enforce legal obligations
  • Transaction Processing: Execute payments, convert currencies, calculate fees, generate transaction receipts
  • Security and Fraud Prevention: Detect unauthorized access, prevent fraudulent transactions, monitor for suspicious activity, investigate security incidents
  • Communications: Send transaction confirmations, account notifications, platform updates, marketing communications (with your consent)
  • Analytics and Improvements: Analyze platform usage patterns, improve user experience, develop new features, optimize performance
  • Legal Obligations: Comply with court orders, respond to subpoenas, enforce Terms of Service, protect our rights

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal information based on the following legal grounds:

  • Contractual Necessity: Processing required to provide Platform services you requested
  • Legal Obligation: Processing required for KYC/AML compliance, tax reporting, regulatory filings
  • Legitimate Interests: Fraud prevention, security monitoring, platform improvements, marketing to existing users
  • Consent: Optional marketing communications, non-essential cookies, data sharing with third parties

5. How We Share Your Information

5.1 Service Providers

  • Banking Partners: EU-based institutional banks for payment processing and multi-currency accounts
  • Payment Processors: Fiat and cryptocurrency payment gateways for transaction settlement
  • KYC/AML Providers: Identity verification services, sanctions screening, risk assessment
  • Cloud Infrastructure: Hosting providers, storage systems, blockchain node operators
  • Analytics Services: Platform usage analytics, performance monitoring, error tracking

5.2 Regulatory and Legal

  • Government Authorities: Tax authorities, financial regulators, law enforcement agencies
  • Legal Proceedings: Court orders, subpoenas, legal discovery requests
  • Regulatory Reporting: MiCA compliance reports, AML transaction monitoring, securities filings

5.3 Business Transfers

If Authenta Invest is involved in a merger, acquisition, asset sale, or bankruptcy, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

5.4 Public Blockchain Data

Certain information is recorded on the CopyrightChains blockchain (Chain ID 1199), including copyright registrations, transaction hashes, and wallet addresses. Blockchain data is immutable and publicly accessible to permissioned network participants.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account Information: Retained while your account is active and for 7 years after account closure for regulatory compliance
  • KYC/AML Records: Retained for 10 years after account closure as required by AML regulations
  • Transaction Records: Retained for 7 years for tax reporting and audit purposes
  • Copyright Registrations: Retained indefinitely on blockchain as immutable records
  • Marketing Communications: Retained until you withdraw consent or for 2 years after last engagement

7. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption: TLS/SSL encryption for data in transit, AES-256 encryption for data at rest
  • Access Controls: Multi-factor authentication, role-based access, principle of least privilege
  • Infrastructure Security: Firewalls, intrusion detection systems, DDoS protection, regular security audits
  • Cold Storage: 95% of funds maintained in multi-signature cold storage with geographic distribution
  • SOC 2 Certification: SOC 2 Type II certified infrastructure with annual audits
  • Incident Response: 24/7 monitoring, documented incident response procedures, breach notification protocols

Despite our security measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and should notify us immediately of any unauthorized access.

8. Your Privacy Rights

8.1 GDPR Rights (EEA, UK, Switzerland)

  • Right to Access: Obtain confirmation of processing and a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of personal data (subject to legal retention requirements)
  • Right to Restriction: Limit processing of personal data in certain circumstances
  • Right to Data Portability: Receive personal data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for consent-based processing at any time
  • Right to Lodge Complaint: File complaint with supervisory authority in your jurisdiction

8.2 California Privacy Rights (CCPA/CPRA)

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information (subject to exceptions)
  • Right to Opt-Out: Opt-out of sale or sharing of personal information (we do not sell personal information)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit: Limit use of sensitive personal information
  • Right to Non-Discrimination: Exercise privacy rights without discriminatory treatment

8.3 Exercising Your Rights

To exercise your privacy rights, contact us at [email protected]. We will respond to verified requests within 30 days (or as required by applicable law). We may request additional information to verify your identity before processing requests.

9. International Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence, including the United States, Switzerland, and EU member states. These countries may have data protection laws different from your jurisdiction.

For transfers from the EEA, UK, or Switzerland to countries without adequate data protection, we rely on Standard Contractual Clauses approved by the European Commission, binding corporate rules, or other legally recognized transfer mechanisms.

10. Children's Privacy

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child under 18, contact us immediately at [email protected] and we will delete such information.

11. Marketing Communications

With your consent, we may send marketing communications about Platform updates, new features, investment opportunities, and related content. You can opt-out of marketing communications at any time by:

  • Clicking "unsubscribe" in email communications
  • Updating preferences in your account settings
  • Contacting us at [email protected]

Opting out of marketing communications does not affect transactional emails (account notifications, transaction confirmations, security alerts) which are necessary for Platform operations.

12. Third-Party Links

The Platform may contain links to third-party websites, including the AI Regulatory Database (https://aireg.nimvector.cc/). We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies before providing personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy on the Platform with a revised "Last Updated" date. For significant changes, we may provide additional notice (email notification, in-app notification).

Your continued use of the Platform after changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

14. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, contact:

Data Protection Officer

Authenta Invest Series 396, LLC

Email: [email protected]

EU Representative (GDPR Article 27):

Swiss Association Contact

Email: [email protected]