Privacy Policy

1. Introduction

Welcome to Practito ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our music practice platform.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, role (student/teacher/admin)
• Profile Information: Profile photo, bio, instrument preferences
• Payment Information: Billing address, payment method details (processed securely by third-party payment processors)
• Content: Music pieces you upload, practice recordings, comments, messages

2.2 Information Collected Automatically

• Usage Data: Practice sessions, time spent, pieces practiced, progress metrics
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies: See our Cookie Policy below
• Analytics Data: Page views, click patterns, feature usage

3. How We Use Your Information

• Provide, operate, and maintain our platform
• Process your subscriptions and payments
• Enable teacher-student connections and communication
• Track your practice progress and generate analytics
• Send you notifications, updates, and marketing communications (with your consent)
• Improve our services and develop new features
• Prevent fraud and ensure platform security
• Comply with legal obligations

4. Who We Share Your Information With

• Teachers/Students: If you connect with a teacher or student, they can view your name, practice activity, and content you choose to share
• Payment Processors: Stripe, PayPal, M-Pesa for processing payments
• Email Service: For sending transactional and marketing emails
• Analytics Providers: Google Analytics (anonymized data)
• Legal Requirements: When required by law or to protect our rights

We never sell your personal information to third parties.

5. Your Rights (GDPR & Data Protection)

You have the following rights regarding your personal data:

• Right to Access: Request a copy of your data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data ("Right to be Forgotten")
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Withdraw Consent: Withdraw consent for marketing or optional processing

How to Exercise Your Rights

• Export Your Data: Download your data
• Update Your Information: Edit your profile in account settings
• Delete Your Account: Request account deletion
• Contact Us: Email privacy@practito.com

6. Cookie Policy

Essential Cookies

Required for the platform to function. These include:

• Session cookies (authentication)
• Security tokens (CSRF protection)
• Cookie consent preferences

Optional Cookies

You can opt out of these:

• Analytics Cookies: Google Analytics for usage statistics
• Marketing Cookies: Track referrals and campaigns

Manage Cookie Preferences

7. Data Security

We implement industry-standard security measures:

• HTTPS encryption for all data in transit
• Encrypted storage of sensitive data
• Secure password hashing (bcrypt)
• Regular security audits and updates
• Limited employee access to personal data
• Automated backup systems

8. Data Retention

• Active Accounts: Data retained while your account is active
• Inactive Accounts: Anonymized after 3 years of inactivity
• Deleted Accounts: Personal data deleted within 30 days (except financial records required by law)
• Financial Records: Retained for 7 years for tax and legal compliance
• Logs: System logs retained for 90 days

9. Children's Privacy

Our platform is designed for users of all ages, including children. For users under 13, we require parental consent. If you are a parent and believe your child has provided us with personal information without your consent, please contact us.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements with third parties
• Compliance with GDPR and local data protection laws

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Email notification to your registered email address
• Prominent notice on our platform
• Requiring re-consent for material changes

Continued use after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices:

• Email: privacy@practito.com
• Data Protection Officer: dpo@practito.com
• Support: Contact Form

For EU residents: You have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.