PRIVACY POLICY

A legal disclaimer

The information provided by THA sound Inc. (“we,” “us,” or “our”) on [Website/App/Service] (the “Service”) is for general informational purposes only. While we strive to keep content accurate and current, we make no representations or warranties, express or implied, regarding accuracy, adequacy, validity, reliability, availability, or completeness. Use the Service at your own risk.

Nothing on the Service constitutes legal, financial, medical, or other professional advice. You should consult appropriate professionals before acting on any information.

The Service may contain links to third-party websites. Such links are provided for convenience only; we do not endorse and are not responsible for any third-party content or practices.

The Service is provided on an “as is” and “as available” basis. To the fullest extent permitted by law, we disclaim all warranties, including implied warranties of merchantability, fitness for a particular purpose, and non-infringement. In no event shall [Company Name] be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the Service.

We may update this Disclaimer from time to time. Changes will be indicated by the “Last updated” date above.

Privacy Policy - the basics

This Privacy Policy explains how [THA sound Inc.] (“we”) collects, uses, discloses, and safeguards personal information when you use [Website/App/Service Name].

Scope: Applies to users, customers, and visitors of the Service.
Your choices: You may have rights to access, correct, delete, or restrict processing of your data (subject to applicable law, e.g., GDPR, CCPA/CPRA).
Legal bases: Where required (e.g., GDPR), we process data based on consent, contract necessity, legal obligation, legitimate interests, or vital interests.
Security: We use reasonable technical and organizational measures to protect data but cannot guarantee absolute security.

What to include in the Privacy Policy

Who we are: THA sound Inc.
What we collect:
- Identifiers (name, email, phone, account IDs)
- Commercial data (purchases, subscriptions)
- Usage data (pages viewed, clicks, session logs)
- Device/technical data (IP, cookies, SDKs, ad IDs)
- Location data (coarse/fine, if used)
- User-provided content (forms, messages, uploads)
- Sensitive data (only if necessary; disclose purpose and safeguards)
Sources of data: Direct from users, automated collection, third parties (analytics, ad networks, partners).
Purposes of use: Provide and improve the Service, account management, payments, support, personalization, analytics, security/fraud prevention, marketing (with opt-out where required), legal compliance.
Legal bases (GDPR/UK GDPR): Consent, contract, legitimate interests (describe), legal obligation, vital/public interest (if any).
Cookies & tracking: Types used (essential, analytics, advertising), links to Cookie Policy, choices (cookie banner, preferences, “Do Not Track” stance, Global Privacy Control).
Sharing & disclosure: Service providers (processors), analytics/ads partners, affiliates, legal authorities, business transfers (merger/sale). State no selling/sharing or describe CCPA/CPRA “sale/share” and opt-out links if applicable.
Retention: How long data is kept (criteria or specific periods).
Security: Measures at a high level; no guarantee of absolute security.
International transfers: Mechanisms (e.g., SCCs, UK IDTA, adequacy decisions).
User rights: Access, correction, deletion, portability, restriction/objection, withdraw consent, appeal (Virginia/Colorado, etc.), California rights (access/erase/opt-out/limit sensitive data). Provide request methods and verification process.
Children’s privacy: Age threshold, parental consent mechanism (if applicable).
Automated decision-making/profiling: Whether used and logic/impact (where required).
How to contact us: Email, address; regulator contact (e.g., right to lodge a complaint with a supervisory authority).
Policy updates: How changes will be communicated; last updated date.