Effective Date: April 12, 2026

This Privacy Policy describes how MelodiaSync LLC (“MelodiaSync,” “we,” “us,” or “our”) collects, uses, stores, discloses, and otherwise processes personal information and related data when you access or use our mobile application, websites, connected wellness features, software, cloud-based processing systems, and related services (collectively, the “Service”).

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy applies to information we collect from or about users of the Service, including through account registration, subscription management, customer support, compatible device integrations, session activity, and app usage.

For users located in jurisdictions with specific privacy rights, additional disclosures in this Privacy Policy may apply.

We may collect the following categories of information:

A. Account and Profile Information

full name;
email address;
password or authentication credentials;
date of birth;
sex or gender information you choose to provide;
country;
state or province;
phone number; and
other registration or profile information you voluntarily submit.

B. Device and Technical Information

mobile device identifiers;
IP address;
device type and model;
operating system and app version;
language, region, and time zone settings;
crash reports, diagnostics, and performance logs; and
connection details relating to compatible EEG or audio devices.

C. Usage Information

session dates and times;
feature usage;
navigation activity;
subscription status;
in-app interactions;
content access records;
engagement metrics; and
customer support or feedback communications.

D. EEG-Related, Wellness, and Session Information

The Service may collect, process, generate, or store session-related data derived from your use of a compatible EEG device and your interaction with the Service. This may include, without limitation:

EEG-related summaries;
processed session outputs;
derived metrics;
session performance indicators;
adaptive state information;
target state progress data; and
other neuro-wellness or engagement-related summaries produced through the Service.

In some jurisdictions, including the European Economic Area and the United Kingdom, certain EEG-related, neuro-wellness, or other session-derived information may be treated as health-related data, sensitive personal data, or special-category data.

MelodiaSync does not currently state here that raw EEG data will be retained unless and until its systems are configured to do so. As presently contemplated, stored biological data consist primarily of summaries and derived session information.

E. Payment Information

Subscription payments may be processed by third-party payment processors or app marketplaces. Such third parties may collect and store credit card information, billing address information, transaction details, and related payment credentials necessary to process payments. MelodiaSync may receive limited payment-related information such as billing status, subscription tier, renewal date, and partial transaction identifiers, but MelodiaSync may not receive or store full payment card numbers unless expressly stated otherwise.

F. Communications

If you contact us, we may collect your name, email address, phone number, message content, and any attachments or additional information you choose to provide.

We collect information:

directly from you when you register, subscribe, communicate with us, or use the Service;
automatically through your use of the Service and connected devices;
from compatible third-party devices or integrations that you choose to connect;
from payment processors, app stores, or subscription platforms; and
from vendors or service providers acting on our behalf.

We may use the information we collect for the following purposes:

to create, authenticate, and manage user accounts;
to provide, operate, maintain, and improve the Service;
to connect with compatible devices and enable session functionality;
to process EEG-related summaries and deliver personalized or adaptive session experiences;
to generate binaural beats, affirmations, and related outputs;
to process subscriptions, payments, renewals, and account administration;
to communicate with you about your account, support requests, updates, policies, and billing matters;
to monitor performance, troubleshoot errors, detect fraud, enhance security, and enforce our Terms of Service;
to analyze user engagement, feature usage, and service effectiveness;
to personalize your experience and improve user outcomes;
to comply with legal obligations, respond to lawful requests, and protect the rights, safety, and property of MelodiaSync, users, and third parties; and
to develop, test, improve, and support current or future products, services, and features.

Where required by applicable law, we will rely on an appropriate legal basis for each type of processing.

MelodiaSync may store session records, processed session summaries, EEG-derived summary data, derived metrics, and usage analytics generated through your use of the Service. These records may be used to personalize your experience, support functionality, maintain security, conduct internal analysis, improve the Service, develop new features, and support product quality and performance.

To the extent permitted by applicable law, aggregated data, de-identified data, service analytics, product telemetry, and derived non-identifiable outputs may be used by MelodiaSync for product improvement, research, validation, internal benchmarking, and business operations.

Personal data and session-related personal information remain subject to applicable privacy and consumer rights.

We do not sell your personal information to third-party companies for their own independent marketing purposes.

We may disclose information in the following circumstances:

A. Service Providers and Vendors

We may share information with third-party vendors, contractors, and service providers that perform services on our behalf, such as cloud hosting, data storage, analytics, customer support, payment processing, communications delivery, infrastructure management, security, and software functionality.

B. App Stores, Payment Platforms, and Device Partners

Information may be shared with Apple, Google, payment processors, or compatible device providers to the extent necessary to enable subscriptions, validate purchases, support device connectivity, or operate the Service.

C. Legal Compliance and Safety

We may disclose information if we believe in good faith that doing so is necessary or appropriate to:

comply with applicable law, regulation, court order, subpoena, or legal process;
enforce our agreements or protect our rights;
investigate suspected fraud, abuse, misuse, security incidents, or unlawful conduct;
respond to imminent threats of self-harm, threats to others, violence, dangerous misuse of the Service, or other situations involving safety concerns; or
protect the rights, property, safety, or security of MelodiaSync, our users, third parties, or the public.

Where practicable and lawful, we will seek to disclose only the information reasonably necessary for the applicable purpose.

D. Business Transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, corporate reorganization, sale of assets, bankruptcy, dissolution, or similar business transaction.

E. With Your Direction or Consent

We may disclose information where you direct us to do so or otherwise consent.

Payments may be collected and processed by third-party payment providers or app marketplace operators. Those providers may maintain their own privacy policies and terms governing how they collect and process payment information. MelodiaSync is not responsible for the privacy or security practices of such third parties.

MelodiaSync uses commercially reasonable administrative, technical, and organizational measures designed to protect information under our control. However, no method of transmission over the internet, mobile network, or cloud infrastructure, and no method of electronic storage, is completely secure.

Accordingly, we cannot and do not guarantee absolute security, uninterrupted security, or complete protection against unauthorized access, loss, misuse, disclosure, alteration, or destruction of information.

You understand and acknowledge that the Service depends in part on internet connectivity, mobile devices, cloud infrastructure, app stores, software libraries, third-party services, and other systems outside MelodiaSync’s direct control. To the maximum extent permitted by law, MelodiaSync shall not be responsible for service interruptions, security events, or unauthorized access resulting from the acts, omissions, failures, or vulnerabilities of third-party vendors, platforms, payment processors, internet providers, device manufacturers, or other external systems, except to the extent liability cannot be limited under applicable law.

We retain personal information for as long as reasonably necessary to provide the Service, maintain your account, comply with legal obligations, resolve disputes, enforce agreements, support legitimate business operations, and protect our rights and interests.

Retention periods may vary depending on the type of information, the sensitivity of the data, the nature of the relationship, legal requirements, and operational needs.

Where reasonably feasible, MelodiaSync may maintain internal retention schedules by data category, such as account information, support records, billing records, and session-related summaries.

Your information may be stored, processed, and transferred in the United States and other jurisdictions where MelodiaSync or its service providers operate. By using the Service, you understand that your information may be transferred to and processed in jurisdictions that may not provide the same level of legal protection as your home jurisdiction.

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with similar protections, MelodiaSync will process personal data in accordance with applicable law and may rely on one or more lawful bases, including performance of a contract, compliance with legal obligations, legitimate interests, and consent, depending on the circumstances.

Where EEG-related, neuro-wellness, or session-derived information is treated as health data, sensitive personal data, or special-category data under applicable law, MelodiaSync will seek to process such information only where a valid legal basis and, where required, an applicable condition such as your explicit consent is available. Where required by law, you may withdraw such consent at any time, although withdrawal will not affect prior processing that was lawful when undertaken and may limit your ability to use certain features of the Service.

Where required, MelodiaSync will implement appropriate safeguards for international transfers, which may include contractual measures or other lawful transfer mechanisms recognized under applicable law.

Subject to applicable law, you may have the right to:

access certain personal information we maintain about you;
request correction of inaccurate information;
request deletion of certain information;
update account information through your account settings where available;
opt out of certain promotional communications; and
cancel your subscription in accordance with the applicable billing platform rules.

If you are entitled to additional rights under applicable U.S. state privacy laws, those rights may include the right to confirm whether we process your personal data, access your personal data, correct inaccuracies, delete personal data, obtain a portable copy of certain data, and appeal certain privacy-rights decisions we make, subject to applicable legal limitations and exemptions.

If you are located in the EEA, United Kingdom, or another jurisdiction with similar rights, you may also have rights to object to certain processing, restrict certain processing, withdraw consent where consent is the basis of processing, and lodge a complaint with an applicable supervisory authority.

You may exercise available rights by contacting us using the contact information below. We may request information necessary to verify your identity before processing certain requests.

Only adults may create accounts for the Service. Children may use certain features of the Service only under the active supervision of a parent or legal guardian who is the registered adult account holder. We rely on self-reported registration information, including date of birth, unless and until we have reason to believe such information is inaccurate.

If we learn that account eligibility information was materially inaccurate, or that personal information was collected in a manner not permitted by applicable law or our policies, we may suspend or terminate the relevant account and delete or de-identify associated information as permitted by law.

The Service may contain links to, integrations with, or dependencies upon third-party services, devices, software, or websites. This Privacy Policy does not apply to the privacy practices of third parties, and MelodiaSync is not responsible for their content, security, or privacy practices.

We encourage you to review the privacy terms and notices of any third-party platform, device manufacturer, app marketplace, payment processor, or website that you use in connection with the Service.

We may update this Privacy Policy from time to time. When we do, we will revise the Effective Date above. If changes are material, we may provide additional notice by email, through the Service, or by other reasonable means. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes acknowledgment of the revised Policy, to the extent permitted by law.

If you have questions or requests regarding this Privacy Policy, please contact:

MelodiaSync LLC

3611 4th St, Lubbock TX 79415 USA

contact@melodiasync.com

MelodiaSync LLC Privacy Policy