Privacy Policy

Last updated: March 31, 2026

Sonilo Inc. ("Company," "Sonilo," "we," "us," or "our") owns, controls, and operates the website at https://sonilo.com (including, without limitation, all subdomains thereof, collectively, the "Website" or "Site"), as well as the related products, services, applications, platforms, features, and functionalities that may be made available on or through the Website (collectively, the "Services").

Your privacy is very important to us. In order to best protect your information, we have adopted this Privacy Policy ("Privacy Policy" or "Policy"), which describes the types of information we collect from you, how such information is used, processed, stored, retained, and in certain circumstances disclosed by us, as well as your rights and choices regarding such information. This Privacy Policy is governed by the Company's Terms of Service [https://sonilo.com/terms-of-service] (the "Terms"), which includes disclaimers of warranties and limitations of liability, and this Privacy Policy is incorporated into and made part of the Terms by this reference. Capitalized terms used but not otherwise defined in this Privacy Policy have the meanings assigned to them in the Terms.

Please note that this Privacy Policy does not apply to information collected, used, or stored by us through other means, including on any other website that may be operated by the Company or by any third party, or through any third party that may link to or be accessible from the Website, unless otherwise expressly stated. This Privacy Policy also does not apply to job applicants or Company personnel in their capacity as such.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. NOTE THAT YOU ARE EXPRESSLY AGREEING TO THE TERMS, THIS PRIVACY POLICY, AND OTHER APPLICABLE ONLINE AGREEMENT WHEN YOU CLICK YOUR ACCEPTANCE. BUT ALSO, BY ACCESSING OR USING THE WEBSITE OR ANY OF THE SERVICES, CREATING AN ACCOUNT, SUBMITTING INFORMATION TO US, OR OTHERWISE INTERACTING WITH US THROUGH THE WEBSITE OR THE SERVICES, YOU ACKNOWLEDGE AND AGREE TO THE TERMS AND THAT YOUR INFORMATION WILL BE COLLECTED, USED, STORED, DISCLOSED, TRANSFERRED, AND OTHERWISE HANDLED AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY OR THE TERMS, YOU MUST NOT ACCESS OR USE THE WEBSITE OR ANY OF THE SERVICES.

ANY INFORMATION THAT YOU SUBMIT VIA THE WEBSITE OR THE SERVICES MAY BE STORED AND PROCESSED IN THE UNITED STATES OR IN ANY OTHER COUNTRY IN WHICH THE COMPANY OR ITS SERVICE PROVIDERS MAINTAIN FACILITIES OR OPERATIONS. BY USING THE WEBSITE OR THE SERVICES AND BY SUBMITTING INFORMATION, YOU CONSENT TO SUCH TRANSFER, STORAGE, AND PROCESSING, SUBJECT TO APPLICABLE LAW.

Use of the Website and Services by Children and Minors
Information We Collect and Receive
How We Use Your Information
How We Share and Disclose Your Information
Cookies and Other Tracking Technologies
Do Not Track
Links to Third-Party Websites and Services
Sweepstakes, Contests, Surveys, and Promotions
Your Rights Generally; Information Access and Control
Privacy Options; Marketing and Communications Choices
Accessing, Correcting, and Deleting Your Information
Your State Privacy Rights (Including California Privacy Rights) and Your Rights Under the Laws of Other Countries
Security and How We Protect Your Information
Storage, Transfer, and Retention of Information
Updates; Notification of Privacy Policy Changes
Miscellaneous; How to Contact Us

1. Use of the Website and Services by Children and Minors

To Children and Parents

We strongly advise children to obtain their parents' or guardians' permission before submitting personal information of any kind over the Internet. We urge parents and guardians to be very clear with their minor children regarding the dangers of giving out personal information online or otherwise to anyone whom they do not know. We also encourage parents and guardians to spend time online with their children and to participate in the activities offered on the sites they visit.

Children Under the Age of 13

The Website and the Services are not intended for children under 13 years of age, and we do not knowingly collect Personal Information (defined below) directly from children under 13 through the Website or the Services. If we learn that we have collected Personal Information directly from a child under the age of 13 without appropriate authorization or legal basis, we will delete such information as quickly as practicable, subject to applicable law.

Users Under the Age of 18

Under our Terms, users must be at least 13 years old, or older if the law where they live requires a higher minimum age to use the Services. If you are under 18 years old, you may use the Services only with permission from a parent or legal guardian, and we may request information necessary to verify such permission in our sole discretion.

Because the Services may involve the upload and processing of videos, prompts, and other content, users are prohibited from submitting or uploading minors' sensitive Personal Information, biometric information, government identification information, health information, or confidential third-party business materials, except where expressly authorized by us in writing.

If you believe that we may have collected Personal Information from or about a child in a manner inconsistent with this Section, please contact us immediately at [email protected].

2. Information We Collect and Receive

Collection of information by us in connection with the Website and the Services falls into several principal categories: (1) information voluntarily supplied by you; (2) information collected automatically from you or your computer, smartphone, or other device when you use, access, or interact with the Website or the Services; (3) information received from vendors, service providers, and other third parties; and (4) information derived from the content and materials submitted through the Services.

Some of this information is personal information, personal data, or personally identifiable information under applicable privacy and data protection laws in that it is technically information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household (collectively, "Personal Information" or "Personal Data").

Information You Provide

Certain information, including Personal Information, is collected directly from you when you use the Website or the Services, including, without limitation, when you:

Register for an account. When you create an account with us, we may collect your name, e-mail address, login credentials, and telephone number (if provided). We also may receive certain authentication-related information from third-party authentication providers, such as Clerk, when you use Apple or Google sign-in.
Communicate with us. If you contact us, provide feedback, request support, or otherwise communicate with us, we may collect your name, contact information, and the contents of your message or communication.
Submit prompts, instructions, or other textual inputs. We may collect and process the text prompts, instructions, descriptions, lyrics, settings, edits, selections, and other inputs you provide through the Services.
Upload videos or other content. We collect and process the videos and other content you upload, submit, transmit, or otherwise make available through the Services.
Use the Services to generate outputs. We collect and store generated outputs associated with your account, including generated music, audio files, and related metadata.
Participate in surveys, promotions, contests, beta programs, or similar offerings. If you choose to participate in any such offering, we may collect information you elect to provide in connection therewith.

Information Collected Automatically (Data Technologies)

We also may collect certain information, including certain Personal Information, automatically (passively) when you use, access, or interact with the Website or the Services, including through cookies and similar technologies (collectively, "Data Technologies"). Such information may include, without limitation:

Usage Information. Information regarding your activity on the Website or the Services, including pages visited, features used, content interacted with, actions taken, time and date of access, and similar usage history.
Device and Technical Information. Browser type, device type, operating system, IP address, unique identifiers, language preferences, device configuration information, and related technical data.
Log Information. Information that servers typically make available automatically, such as IP address, request times and dates, referring pages, exit pages, and similar log data.
Analytics and Advertising Information. Information collected through analytics and advertising tools, such as Google Analytics and PostHog, relating to interactions with the Website, the Services, marketing campaigns, and related activities.

Information Collected from Other Sources

In addition to the above information, we may obtain information about you from other sources, including, without limitation:

Authentication Providers. For example, if you use Apple or Google sign-in via Clerk, we may receive certain authentication-related information from Clerk or related providers.
Payment Providers. We currently use Stripe for payment processing. Billing and payment information is collected directly by Stripe, and we do not store full payment card information.
Analytics and Marketing Providers. We may receive information from providers such as Google Analytics and PostHog concerning use of the Website, the Services, and marketing or advertising performance.
Service Providers, Vendors, and Business Partners. We may receive Personal Information and/or non-identifying information about you from service providers, vendors, and business partners that support our operations.

Information Derived from Uploaded Content and Use of the Services

Because Sonilo's Services analyze user-uploaded videos and related content in order to generate music and related outputs, we also may create, collect, process, and use derived information from such content and activity, including, without limitation:

metadata extracted from uploaded videos;
information regarding visual content, scenes, objects, pacing, timing, sentiment, tone, and similar features;
embeddings, feature representations, timing data, and other machine-readable derivatives from uploaded content; and
usage, preference, feedback, ratings, selections, edits, and interaction data relating to your use of the Services and generated outputs.

At this time, Sonilo has indicated that it does not analyze the audio track included in uploaded videos for these purposes.

Restricted and Sensitive Information

All of the following categories of data are currently irrelevant to Sonilo's business and are prohibited from being uploaded or submitted through the Website or the Services unless expressly authorized by us in writing: minors' data, facial recognition data, biometric data, voiceprints, social security numbers, government identification numbers, health information, highly sensitive Personal Information, and confidential third-party business materials.

3. How We Use Your Information

We may use the information that we collect and process for a variety of purposes related to the Website, the Services, our business operations, and our legal obligations, including, without limitation, to:

identify you and potentially improve and/or customize the Website and the Services;
create, maintain, administer, and secure your account;
process your uploaded content, prompts, and other Inputs and generate outputs for you;
communicate with you regarding your account, your use of the Services, transactions, support requests, updates, security matters, and administrative notices;
process payments and handle billing-related matters;
address inquiries and respond to customer service requests, questions, and comments;
send newsletters, marketing communications, promotional materials, and general Company or Website information, subject to applicable law and your choices;
identify trends, conduct data analysis, and determine the effectiveness of our marketing, advertising, promotions, and Website or Service offerings;
improve your experience and increase the efficiency, reliability, effectiveness, and safety of the Website and the Services;
maintain security, detect and prevent fraud, abuse, misuse, and other harmful or unlawful activity;
enforce our Terms and other applicable agreements and protect our rights and the rights of others;
maintain business records and processes;
solicit feedback, reviews, and other information regarding your experience with the Website or the Services;
test, develop, improve, and launch new features, products, services, functionalities, models, and related technologies;
comply with our legal, regulatory, contractual, and enforcement obligations; and
for other purposes that we believe are necessary or appropriate to protect our rights and the rights of others, or as otherwise described to you at the time of collection.

Use for Training, Improvement, and Related AI Purposes

By using our Services and acknowledging your agreement to our Terms and this Policy, you have granted Sonilo a right and license to use your uploaded videos and related information for AI model training, etc. In other words, Sonilo may use uploaded videos, prompts, user instructions, generated outputs, user selections, ratings, edits, reactions, usage/activity data, and related derived data for training, retraining, fine-tuning, testing, evaluation, benchmarking, safety, and general product and model improvement purposes.

At present, Sonilo applies this approach by default to all users, and there is no separate opt-out or account-setting control for such use. In addition, the same approach currently applies across beta, free, paid, and all user tiers, unless Sonilo later states otherwise in a separate written agreement or product setting.

Aggregated and De-Identified Information

Once Personal Information is aggregated and/or de-identified information, we may use that in accordance with applicable law. Thus, we may use certain collected information on an aggregated, de-identified, or otherwise lawfully usable basis in order to conduct market research, engage in troubleshooting activities, develop and improve products and services, and help detect and protect against error, fraud, abuse, or other unlawful or harmful activity.

Lawful Bases for Collecting and Processing Personal Data

Certain jurisdictions require a lawful basis for collecting and processing Personal Data. In such jurisdictions, including, for example, the European Economic Area and the United Kingdom, our lawful bases may include: (i) your consent; (ii) performance of a contract with you or steps taken at your request prior to entering into such contract; (iii) compliance with our legal obligations; and/or (iv) our legitimate interests in connection with the provision, protection, improvement, and development of the Website, the Services, and related technologies.

4. How We Share and Disclose Your Information

We may disclose aggregated or de-identified information or other information that does not identify any particular individual without restriction, subject to applicable law.

Absent your prior consent, we will share your Personal Information with third parties only in the ways described in this Privacy Policy, including as set forth below, and we do not otherwise disclose your Personal Information to third parties except as described herein or as permitted by applicable law.

Disclosure of Personal Information

We may share your Personal Information as follows:

To service providers, vendors, contractors, and other third parties who support our business and operations. We may use third parties to support one or more aspects of our business and/or Website or Service operations, including, without limitation, hosting, storage, authentication, analytics, payment processing, customer support, data processing, logging, monitoring, security, and related activities. Such parties may include, for example, AWS, Clerk, Google Analytics, PostHog, Stripe, and Google Gmail/Google Workspace. Such third parties are generally expected to use your information only to the extent necessary to perform their functions for us, subject to applicable agreements and law.
To analytics, advertising, and similar providers. We may work with analytics providers, advertisers, ad networks, and other similar vendors or partners in connection with use of the Website, the Services, and our marketing and advertising activities. These providers may collect or receive information through cookies and other Data Technologies.
To a buyer of the Company or its assets or another successor. In the event that we undergo a reorganization, are sold to, merged with, or otherwise combined with a third party, or sell all or substantially all of our assets, any information we hold about you may be transferred to that entity or successor, subject to applicable law.
To affiliates, subsidiaries, parents, or related entities. We may share information with members of our corporate group for legitimate business and operational purposes consistent with this Privacy Policy.
To comply with law, legal process, or governmental request. We may disclose information where necessary or appropriate to comply with applicable law, rule, regulation, subpoena, court order, governmental request, or similar legal process.
To enforce our Terms or other agreements, or to protect rights and safety. We may disclose information where we believe such disclosure is necessary or appropriate to enforce our Terms, investigate potential violations, prevent fraud or misuse, protect our rights or property or the rights, property, or safety of others, or bring or defend legal claims.
With your consent or at your direction. We may disclose your information for any other purpose disclosed by us when you provide the information or with your consent.

Public or Shared Content

If the Services include community, social, publishing, or sharing features and you intentionally make content public or share it with others through such features, that information and content may be visible to others and may be collected, used, or further disclosed by those recipients.

Sale/Sharing/Targeted Advertising Disclosure

We do not currently "sell" Personal Information in exchange for monetary consideration. However, because certain privacy laws define "sale," "sharing," and "targeted advertising" broadly and differently, certain analytics, advertising, or marketing practices may be treated as "sharing," a "sale," or processing for targeted advertising under applicable law. Where required by applicable law, we will honor applicable opt-out rights.

5. Cookies and Other Tracking Technologies

Cookies are small pieces of information that are stored by your Internet browser on your device. We and our service providers may use cookies, pixels, SDKs, web beacons, tags, session replay tools, and similar technologies (which are all part of Data Technologies) to collect information automatically and to support the operation of the Website and the Services.

The categories of Data Technologies, including cookies, that we may use include, without limitation:

Necessary/Essential. To facilitate security, authentication, account access, and core Website or Service functionality.
Functional. To remember preferences, settings, and similar choices.
Analytics/Research. To understand, analyze, improve, and research the Website, the Services, and user interactions.
Advertising/Targeting. To support marketing, campaign measurement, tagging, retargeting, and the delivery of more relevant advertising.

You may be able to modify your browser settings to reject or refuse certain cookies. However, if you do so, certain features or functions of the Website or the Services may not function properly or at all.

In certain jurisdictions, we may ask for your consent before using certain non-essential Data Technologies.

6. Do Not Track

Your browser settings may allow you to transmit a "Do Not Track" signal to websites and online services you visit. There is currently no universally accepted standard for recognizing or implementing such signals. Accordingly, unless and until such a standard is adopted, the Website and the Services may not respond to Do Not Track signals.

7. Links to Third-Party Websites and Services

The Website or the Services may include links to other websites, applications, tools, plug-ins, social media pages, payment providers, or other third-party services (collectively, "Third-Party Sites") whose privacy practices may differ from those set forth herein. Such links are not an endorsement by the Company of those Third-Party Sites or the products or services they offer. If you visit Third-Party Sites or submit information to any such Third-Party Sites, your visit and any information you provide will be governed by their privacy statements and policies. We encourage you to review the privacy statements and policies of any Third-Party Site you visit. We make no representations or warranties with respect to, and are not responsible for, the privacy statements or practices of any Third-Party Site.

8. Sweepstakes, Contests, Surveys, and Promotions

We may offer surveys, sweepstakes, contests, promotions, beta programs, and other similar offerings through the Website or the Services (collectively, "Promotions"). If you choose to participate in any Promotion, you acknowledge and agree that, by entering or otherwise participating, you may be agreeing to additional rules or terms that govern the Promotion and may contain specific authorizations regarding the use of your information. Accordingly, it is important that you carefully read the applicable rules or terms of any Promotion before participating.

9. Your Rights Generally; Information Access and Control

Depending on your location and circumstances, you may have certain statutory rights in relation to your Personal Information. For example, depending upon the applicable law, you may have the right to:

request access to, and obtain a copy of, certain Personal Information we hold about you;
request correction of inaccurate Personal Information;
request deletion of certain Personal Information;
request portability of certain Personal Information;
object to or restrict certain processing of Personal Information;
withdraw consent where we rely on consent as the legal basis for processing;
opt out of certain processing for targeted advertising, sale, sharing, or profiling in furtherance of decisions that produce legal or similarly significant effects; and/or
lodge a complaint with a supervisory authority or regulator, where applicable.

These rights are subject to applicable law, limitations, exemptions, and verification requirements.

10. Privacy Options; Marketing and Communications Choices

Marketing Communications

As applicable and to the extent permitted by law, we may send you newsletters, marketing communications, promotional materials, and similar messages. You may opt out of receiving marketing or promotional emails from us by following the unsubscribe instructions included in such communications or by contacting us at [email protected]. Please note that, even if you opt out of marketing communications, we may still send you transactional, service-related, security, support, or administrative communications.

Cookies and Similar Technologies

You may be able to restrict certain cookies or other Data Technologies through your browser or device settings and, where applicable, through any cookie preference tools we may make available.

Account Information

If account settings functionality is available, you may be able to access, update, or modify certain account information through your account settings.

11. Accessing, Correcting, and Deleting Your Information

You may request access to, correction of, or deletion of certain Personal Information by contacting us at [email protected].

Please note, however, that:

we may need to verify your identity before responding to your request;
we may deny or limit a request where permitted by applicable law;
closing, canceling, or terminating an account does not necessarily result in deletion of all associated content or information for various reasons, including that you have granted the Company a perpetual right and license to use certain information; and
Sonilo's current practices may include retaining uploaded videos, generated music and other outputs, prompts, logs, metadata, derived data, analytics, backups, and related records even after account cancellation, subject to your license granted to the Company, applicable law, and any future changes to our practices.

We also may retain certain information as necessary or appropriate for legal compliance, dispute resolution, security, fraud prevention, enforcement, backup, archival, recordkeeping, business continuity, and other legitimate business purposes.

12. Your State Privacy Rights (Including California Privacy Rights) and Your Rights Under the Laws of Other Countries

Residents of certain states and countries may have additional rights and choices regarding our use of their Personal Information.

Rights Under Certain U.S. State Privacy Laws

Depending upon your state of residence and subject to applicable thresholds, exemptions, and limitations, you may have certain rights under applicable U.S. state privacy laws. States with comprehensive privacy laws now include, among others, California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

To the extent applicable under the law of your state of residence, such rights may include the right to:

confirm whether we process your Personal Information;
access certain Personal Information;
correct inaccuracies in certain Personal Information;
delete certain Personal Information;
obtain a copy of certain Personal Information in a portable format; and/or
opt out of certain processing, including certain processing for targeted advertising, sale, sharing, or profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise any such rights, please contact us at [email protected]. We may take steps to verify your identity and authority before acting on your request. We will not unlawfully discriminate against you for exercising applicable privacy rights.

California Privacy Rights

If you are a California resident, you may have certain rights under California law, including, to the extent applicable, rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA"), as well as rights under the California Online Privacy Protection Act ("CalOPPA") and California's "Shine the Light" law.

California Shine the Light Law. California Civil Code Section 1798.83 permits California residents to request certain information regarding a business's disclosure of personal information to third parties for their direct marketing purposes, to the extent applicable. If you wish to make such a request, please contact us at [email protected].

California Do Not Track Disclosure. Pursuant to CalOPPA, California residents are entitled to know how a website responds to Do Not Track signals. As stated above, there currently is no universally accepted standard for such signals, and the Website and the Services may not respond to Do Not Track signals.

CCPA. To the extent the CCPA applies to Sonilo's processing of your Personal Information, California residents may have rights to know, access, correct, delete, and receive a portable copy of certain Personal Information, as well as rights to limit or opt out of certain processing activities, subject to applicable law. However, see below for more about the CCPA.

If You are a California resident, California law may provide you with additional rights regarding a business' use of your Personal Information under the CCPA. WE (AND OUR WEBSITE) ARE NOT CURRENTLY A COVERED BUSINESS SUBJECT TO THE RESTRICTIONS AND REGULATIONS OF THE CCPA, BUT WE NONETHELESS ARE DILIGENT ABOUT PROTECTING YOUR PRIVACY RIGHTS AND ABOUT HONORING ANY REQUESTS FROM OUR USERS REGARDING THEIR PRIVATE INFORMATION. To learn more about your California privacy rights under the CCPA, see the California Consumer Privacy Act of 2018, California Civil Code § 1798.100, et seq. or visit the California Attorney General FAQs about the CCPA at https://oag.ca.gov/privacy/ccpa.

While we are not required to comply at present, we will do our best to respond to your requests. Just as the CCPA provides, if you are a California resident, you may request once a year, free of charge, certain information regarding our disclosure of Personal Information to third parties for direct marketing purposes. Specifically, if we engage in any direct marketing, and if you request it, we will endeavor to provide a list of the categories of Personal Information disclosed to third parties for third-party direct marketing purposes, along with the names and addresses of these third parties. To make such a request, please contact us at [email protected]. Note that we may not respond to requests submitted other than to the contact points listed in this Privacy Policy. You should put "California Privacy Rights" in the subject line and in your request. Also, realize that we may need to verify your identity before providing information.

Moreover, while the CCPA does not currently apply to us, in the interest of transparency and protecting your privacy rights, see below for additional information that would normally be set forth in a compliant California privacy notice.

CCPA – More Information About Personal Information We Collect

See above for more detail about the Personal Information we collect. For the categories of Personal Information as defined in the CCPA (in Section 1798.140), note that our Website collects, or has collected within the last twelve (12) months, the following categories of Personal Information from its consumers (i.e., natural persons who are California residents):

Category	Examples	Collected/Not Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	Yes, collected.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	Yes, collected.
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	No, not collected.
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Yes, collected.
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	No, not collected.
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	Yes, collected.
G. Geolocation data.	Physical location or movements.	No, not collected.
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	No, not collected.
I. Professional or employment-related information.	Current or past job history or performance evaluations.	No, not collected.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	No, not collected.
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	No, not collected.
L. Sensitive personal information	Sensitive personal information is: (1) Personal information that reveals: (A) A consumer's social security, driver's license, state identification card, or passport number. (B) A consumer's account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account. (C) A consumer's precise geolocation. (D) A consumer's racial or ethnic origin, religious or philosophical beliefs, or union membership. (E) The contents of a consumer's mail, email, and text messages unless the business is the intended recipient of the communication. (F) A consumer's genetic data. (2) (A) The processing of biometric information for the purpose of uniquely identifying a consumer. (B) Personal information collected and analyzed concerning a consumer's health. (C) Personal information collected and analyzed concerning a consumer's sex life or sexual orientation.	Yes, collected.

As discussed above, we obtain the categories of Personal Information listed above:

Directly from you. For example, from forms you complete or products and Services you purchase or communications between you and us.
Indirectly from you. For example, from observing your actions on our Website.

Sharing Your Personal Information

We may disclose your Personal Information to a third party for a "business purpose," as defined in the CCPA. When we disclose Personal Information for a business purpose, we enter into written contracts that describe the purposes and require the recipient to both keep that Personal Information confidential and not use it for any purpose except for performing the contract. The CCPA prohibits third parties who obtain the Personal Information we hold from reselling it unless you have received notice and an opportunity to opt-out of further sales.

Disclosures of Your Personal Information for a Business Purpose

We disclose, or, in the preceding twelve (12) months we have disclosed, the following types of Personal Information (defined above in the table) for a business purpose:

Category A: Identifiers.
Category B: Personal information categories listed in the California Customer Records statute.
Category D: Commercial information.
Category F: Internet or other similar network activity.
Category L: Sensitive personal information.

When your personal information is used for a "business purpose," as defined in the CCPA, we disclose, or have disclosed during the past twelve (12) months, your Personal Information to the following categories of third parties:

Service providers.
Data aggregators.
Affiliates or partners.
Parent or subsidiary organizations.
Internet cookie data recipients, such as, for example, Google Analytics.

Sales of Personal Information

We do not "sell" your Personal Information (within the meaning of the CCPA).

Your Rights Under the CCPA

The CCPA provides consumers who are California residents with specific rights regarding their Personal Information. This section describes various rights you may have under the CCPA and explains how you can exercise those rights. BUT, AGAIN, PLEASE NOTE THAT THE CCPA DOES NOT CURRENTLY APPLY TO US.

Right to Know and Data Portability

Under the CCPA, you have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months (the "right to know"). This right to know includes Personal Information that we share for cross-contextual behavioral advertising.

Upon a request from you, after we have confirmed your identity, we can disclose to you, as applicable:

The categories of Personal Information we have collected about you.
The categories of sources for the Personal Information that we collected about you.
Our business or commercial purposes for collecting or selling that Personal Information.
The categories of third parties with whom we share that Personal Information.
If we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing: (i) sales, identifying the Personal Information categories that each category of recipient purchased; and (ii) disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
The specific pieces of Personal Information we collected about you (also called a data portability request).

Right to Delete

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Upon a request from you, after we have confirmed your identity, we will review your request to see if an exception allowing us to retain the information applies, including any rights you have granted us. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify Personal Information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

Right to Correct

You have the right to request that we correct any inaccurate Personal Information about you that we may have (the "right to correct"). Upon a request from you, after we have confirmed your identity, we will use commercially reasonable efforts to correct the inaccurate Personal Information as directed by you.

Right to Opt Out of Sale or Sharing of Personal Information

You have the right to direct us not to "sell" or "share" your Personal Information (the "right to opt-out of sale or sharing"). You may be opted in by default, but you can opt out of the sale or sharing of Personal Information at any time. Upon a request from you, after we have confirmed your identity, we will no longer share or sell your Personal Information, but you can later provide consent. Please note that we do not track users across devices; so, you will have to opt out from each device where you access the services.

Under California law, minors who are at least 13 but not yet 16, have additional rights. A business shall not sell or share the Personal Information of consumers who are younger than 16, unless it receives the affirmative authorization (the "right to opt-in") from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age.

To the extent these sections are applicable to our use and disclosure of your Personal Information, you should know that consumers who opt-in to Personal Information sales as set forth here may opt-out of future sales at any time.

Right to Limit Use and Disclosure of Sensitive Personal Information

To the extent we collect any of your "sensitive" Personal Information (as defined within the CCPA), you have the right to direct us to limit our use of it to only that use that is necessary to perform the Services or provide the goods requested.

We also may use your sensitive Personal Information for:

Helping to ensure security and integrity.
Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer's current interaction with the business.
Performing Services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business.
Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance such service or device.
Other purposes authorized by law.

Upon a request from you, after we have confirmed your identity, we will no longer use your sensitive Personal Information, except as permitted by applicable law (as discussed above), unless you subsequently provide consent for the use or disclosure of your sensitive Personal Information for additional purposes.

Exercising Your Right to Know, Right to Correct, and/or Right to Delete

To exercise your right to know, right to correct, or right to delete described above, please submit a request by:

E-mailing us at [email protected].

Only you, or someone legally authorized to act on your behalf, may make a request to know, correct, or delete related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

If you wish to designate an authorized agent to make such a request on your behalf, please provide the following information about that agent so that we can verify that person's identity and authorization:

Name:
Email:
Phone:
Relationship to User:

You may submit a request to know only twice within a 12-month period. Your request to know, correct, or delete must:

provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative (and we may request additional information from you for verification purposes).
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Please realize that you do not need to create an account with us to submit a request to know or delete.

We will use Personal Information provided in the request only to verify the requestor's identity or authority to make it.

Exercising Your Right to Opt-Out of Sale or Sharing and Your Right to Limit the Use of Sensitive Personal Information

WHEN THE CCPA IS APPLICABLE TO US, WE WILL HAVE CERTAIN REQUIRED LINKS ON OUR WEBSITE, AND, WHEN THAT HAPPENS, TO EXERCISE YOUR RIGHT TO OPT-OUT OF SALE OR SHARING OF YOUR PERSONAL INFORMATION OR YOUR RIGHT TO LIMIT THE USE OF SENSITIVE PERSONAL INFORMATION, YOU WILL BE ABLE TO CLICK ON SUCH LINKS (THEY WILL BE: "DO NOT SELL OR SHARE MY PERSONAL INFORMATION" AND/OR "LIMIT THE USE OF MY SENSITIVE PERSONAL INFORMATION"). FOR NOW, HOWEVER, TO EXERCISE THE RIGHT TO OPT-OUT, YOU (OR YOUR AUTHORIZED REPRESENTATIVE) MAY SUBMIT A REQUEST TO US BY EMAILING US AT [email protected].

Once you have made an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize any sharing or sale of Personal Information. However, you may change your mind and opt back in to Personal Information sharing or sales at any time by emailing us at [email protected].

You do not need to create an account with us to exercise your opt-out rights. We will use Personal Information that you provide in an opt-out request only for purposes of reviewing and complying with the request.

Right of No Retaliation Following Opt Out or Exercise of Other Rights

We will not retaliate against you or discriminate against you for exercising any of your CCPA rights.

Unless permitted by the CCPA, we will not:

Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time. We do not currently provide any such financial incentives. To the extent we do, we will add information about that in this Privacy Policy.

Timing for Response To Request and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please e-mail us again at [email protected] or [email protected].

It is our intention to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we may deliver our written response to that account. If you do not have an account with us, we may deliver our written response by mail or electronically.

Any disclosures we provide will cover only the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without issue.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Data Retention

We retain your Personal Information for no longer than is necessary for the purposes stated in the Privacy Policy, unless otherwise extending the retention period is required or permitted by law or by your authorization or subject to our retention policies as may be in place from time to time.

Withdrawing your consent: If we are relying on your consent to process your Personal Information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You may withdraw your consent by contacting us at [email protected] or using the contact details provided elsewhere in this Privacy Policy. If you withdraw your consent, please note that the withdrawal will not affect the lawfulness of the processing before the withdrawal nor, when applicable law allows, will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than where consent is required.

Nevada Privacy Rights

Nevada residents may have a limited right under Nevada law to opt out of certain sales of covered information. Although Sonilo does not currently understand itself to engage in sales that trigger that law, Nevada residents may nevertheless submit requests to [email protected].

Rights Under the Laws of Other Countries

Privacy and Data Protection Laws and Your Rights in Other Countries/Jurisdictions (Outside the U.S.)

By using Our services, you acknowledge and agree that your Personal Information may be transferred from your location to our servers and facilities in the United States or elsewhere.

For European Economic Area (EEA) or United Kingdom (UK) Users

The General Data Protection Regulation (GDPR) and similar laws in the UK require us to explain the valid legal bases for processing your Personal Information.

We rely on the following legal bases to process your personal information:

Performance of a contract. We process your Personal Information when we believe it is necessary to fulfill our contractual obligations to you, including to provide our Services to you and to maintain our Services or at your request prior to entering into a contract with you. When we process account information (i.e., the information you need to submit to create and maintain your account, to the extent you have an account), your user-content (including any documents you upload or information you supply in connection with those documents), and technical information (i.e., data received through Data Technologies, like cookies, etc.) solely to provide our Services to you, this information is necessary to be able to provide those Services. If you do not provide this information, we may not be able to provide our Services to you.
With your consent. We process Personal Information with your consent. We may ask for your consent to process your Personal Information for specific purposes that we communicate to you. If you have given us permission to use your Personal Information for specific purposes, we will use your information for those purposes. You have the right to withdraw your consent at any time.
Our legitimate interests. We may process your Personal Information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests or any fundamental rights. For example, our legitimate interests include diagnosing problems, protecting our Services from and preventing abuse, fraud, or security risks, understanding how our users use our products and Services so that we can improve use experiences, or developing, improving, or promoting our Services, including when we train our models. These uses may include the processing of account information (that you submit if you create an account), user-generated content (including any information you may be permitted to upload), social media information (including your interactions with our social media accounts), and technical information (i.e., data received through data technologies, like cookies).
Compliance with our legal obligations. We may process your Personal Information when we believe it is necessary for compliance with legal obligations and applicable laws, including with regard to orders or regulations from a law enforcement entity or regulatory agency, to exercise or defend our legal rights, in connection with any litigation in which we are involved in which disclosure of your Personal Information is required, or to protect the rights, safety, and property of the Company, our affiliates, our users, or third parties.
Vital interests. We may process your Personal Information when we believe it is necessary to protection your vital interests or the vital interests of another person or entity, such as situations that involve threats to the safety of a person.

Data Controller

For the purposes of the UK and EU GDPR, the data controller is Sonilo Inc., 1555 Colmery Lane, San Jose, CA 95118.

We may process your Personal Information if you have given us specific express consent to use your Personal Information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You have the right to withdraw your consent at any time.

In some exceptional cases, We may be legally permitted under applicable law to process your Personal Information without your consent, including, for example:

For the investigation, detection, or prevention of fraud including if we have reasonable grounds to believe an individual has been the victim of, or may be the victim of, financial abuse.
If the use is clearly in the interests of an individual, and your consent cannot be obtained in a timely way.
For business transactions, when certain conditions are met.
If the information is part of a witness statement and the use is necessary to assess, process, or settle an insurance claim.
To identify injured, ill, or deceased persons and to communicate with next of kin.
If it is reasonable to believe that the collection and use with consent would compromise the availability or the accuracy of the information, and the use is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or any Province.
If use of your Personal Information is required to comply with a subpoena, warrant, court, order, or rule of any court or judicial proceeding, including relating to a subpoena or other compelled production of records.
If the Personal Information produced by an individual in the course of that individual's employment, business, or profession and the use by us is consistent with the purposes for which the information was produced.
If the use is solely for journalistic, artistic, or literary purposes.
If the information is publicly available and is specified by regulations.

Miscellaneous About Your Privacy Rights in Non-U.S. Countries or Jurisdictions

In certain countries and jurisdictions (such as in the EEA, UK, Switzerland, and Canada), you may have certain rights under applicable privacy and data protection laws that allow you certain additional access to and control over your Personal Information. These rights may include the rights: (i) to request access and obtain a copy of your Personal Information; (ii) to request rectification or erasure of your Personal Information; (iii) to restrict the processing of your Personal Information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your Personal Information. You can make such a request by contacting us at [email protected].

We will consider and act upon any request in accordance with applicable privacy and data protection laws.

If you feel we have not adequately addressed an issue, you have the right to lodge a complaint with your local supervisory authority.

If you are located in the EEA or UK and you believe we are unlawfully processing your Personal Information, you have the right to complain to your Member State data protection authority (at https://ec.europa.eu/newsroom/article29/items/612080) or the UK data protection authority (at https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/).

If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner (at https://www.edoeb.admin.ch/edoeb/en/home.html).

Data Transfers

Where required, we will use appropriate safeguards for transferring your Personal Information outside of the EEA, Switzerland, and the UK. We will transfer Personal Information only pursuant to a legally valid transfer mechanism and, when required, we will comply with the accepted "standard contractual clauses."

13. Security and How We Protect Your Information

BECAUSE YOUR PRIVACY IS IMPORTANT TO US, WE DO NOT RENT, SELL, GIVE, SHARE, TRADE, OR PROVIDE IN ANY WAY THE PERSONAL INFORMATION THAT WE OBTAIN ABOUT YOU THROUGH THIS WEBSITE TO THIRD PARTIES UNLESS YOU REQUEST OR PERMIT US TO DO SO, IT IS ABSOLUTELY NECESSARY TO PERFORM THE REQUESTED SERVICE, OR THE DISCLOSURE IS PERMITTED OR REQUIRED BY LAW.

Moreover, the security of your information is important to us, and we take steps to ensure that your information, both during transmission and once we receive it, is treated securely and in accordance with this Privacy Policy. We take reasonable precautions to ensure that User information is kept private. We use reasonable measures to protect any User information that may be stored within our database, and we restrict access to User information to those employees or other service providers who need access to perform their job functions, such as our customer service personnel or our technical staff. However, no method of transmission over the Internet is one hundred percent secure, and the complete and absolute security of any information collected, stored, processed, or used by us cannot be guaranteed. Unauthorized access or use, hardware or software failure, viruses, and other circumstances may compromise the security of this Website and of user information at any time. Although we will do our best to protect your Personal Information (for example, by encryption) and mitigate the nature of security risks (which are constantly evolving along with the technical and organizational industry standards for managing risk), we cannot guarantee the security of your information transmitted through the Website; any transmission is at your own risk.

IN THE UNLIKELY EVENT THAT AN UNAUTHORIZED THIRD PARTY COMPROMISES OUR SECURITY MEASURES, WE WILL NOT BE RESPONSIBLE FOR ANY DAMAGES DIRECTLY OR INDIRECTLY CAUSED BY AN UNAUTHORIZED THIRD PARTY'S ABILITY TO VIEW, USE OR DISSEMINATE SUCH INFORMATION.

Please see below for more information about how we use and protect Your information.

We Encrypt Personal Information and Utilize The Most Advanced Security Tools And Technology; We Will Notify You If Possible In the Event of a Breach

We utilize a number of operational functions to protect the confidentiality of your Personal Information. For example, to the extent we store any Personal Information that we collect about you on computer systems, we store it in secured facilities with limited access. Our employees and service providers are given access to Personal Information only to the extent they have a need to know such information. Thus, our employees and service providers do not have access to your Personal Information, unless it is necessary. Also, we and our payment-processing service provider (Stripe) use the most advanced, industry-standard encryption technologies to transmit sensitive Personal Information, such as credit card numbers, and, in all cases, we follow generally accepted industry standards and take commercially reasonable efforts to protect your personal information.

In short, we use administrative, technical, and organizational measures designed to help protect Personal Information from unauthorized access, destruction, loss, alteration, misuse, or disclosure. Such measures may include, as appropriate, HTTPS/TLS encryption in transit, access controls, unique identifiers, watermarking, monitoring, and related security tools and practices. We use the advanced technologies and security tools that are customary in the industry to protect your Personal Information. However, there is no such thing as perfect security, and we cannot, and do not, represent or warrant that this Website or our transmissions of information to others are impenetrable or invulnerable to hackers. Thus, while we do as much as we reasonably can to protect your Personal Information, we cannot absolutely guarantee the complete security of our server, nor can we absolutely guarantee that information and documents you supply will not be intercepted while being transmitted over the Internet.

In the event of a breach of the confidentiality or security of your Personal Information, we will notify you if reasonably possible and as reasonably necessary so that you can take appropriate protective steps. We may notify you under such circumstances using the email address(es) We have on record for you. You should also take care with how you handle and disclose your Personal Information. Please refer to the Federal Trade Commission's website at https://www.consumer.ftc.gov/ for information about how to protect against identity theft.

To The Extent We Will Have Accounts for Our Users or Other Uses for Passwords, You Will Protect Your Passwords and Notify Us of Unauthorized Uses

Our user accounts will be secured by user-created passwords. There also may be passwords needed for other products/Services. With that in mind, you must do your part to protect your information by choosing safe passwords for your account or any of our products or Services that require passwords. The safest passwords are made up of random capitalized and uncapitalized letters, numbers, and, if allowed, other unique characters. You are solely and entirely responsible for maintaining the confidentiality of your unique passwords and for any and all use of any accounts and the products/Services to which you have access.

To ensure the security of any account you may have and other password-protected products/Services or features, please be sure to log off your account or any other feature or products/Service that requires you to log in at the end of each session so that no one else can gain access to the Website or its products/services through your account. You should not ever use the account, usernames, or passwords of other users at any time or disclose your passwords to any other person or entity.

If you suspect that there has been any unauthorized use or access of any accounts associated with us or any unauthorized use or access to your passwords or if you believe the confidentiality of your passwords has been compromised in any manner, please notify us immediately at [email protected].

Do Not Disclose/Share Your Personal Information Except To Those Who Have a Legitimate Business Need To Know

To further protect your Personal Information, as explained above, no one has access to your Personal Information unless absolutely required. Our employees and service providers are given access to Personal Information only to the extent they have a legitimate business need to know such information.

We Retain Personal Information Only For As Long As Necessary

As also explained below, to the extent we need to store your information, we will keep your information, including Personal Information, only as reasonably necessary to fulfill the purposes for which the Personal Information is collected as stated in this Privacy Policy; for as long as is necessary for the performance of the relationship between you and us, if any; and to comply with legal and statutory obligations, such as in tax, trade, and corporate laws.

We May Anonymize or De-identify Your Personal Information Or We will Delete/Destroy

As we also have explained above, to the extent we need your Personal Information for reasons described in the Privacy Policy, when we no longer need your Personal Information for our purposes, we will destroy, delete, or erase that Personal Information or we may convert it into an anonymous form so that we can use it for research or statistical purposes, etc., as described above. Once we anonymize or de-identify your Personal Information, be assured that it can no longer be associated with you.

14. Storage, Transfer, and Retention of Information

Storage and Processing Locations

Information collected by us may be stored and processed in the United States or any other country in which we or our agents maintain facilities. Sonilo understands that AWS storage is U.S.-based and some AI artificial intelligence infrastructure companies may store certain information in the United States and certain information in the European Union. By using the Website or the Services, you expressly consent to any such transfer and storage of information outside of your country of residence, where privacy and data protection laws may be different and/or less stringent. However, we will endeavor to take reasonable measures to keep up an adequate level of data protection when sharing your Personal Information with such countries.

We make no representation or warranty with respect to any duty to permanently store any information you may provide or that we otherwise collect about you. We strive to keep our processing activities with respect to your Personal Information as limited as possible. In the absence of specific retention periods set out in this Privacy Policy, we will retain the information we collect from or about you only as long as necessary to provide you with the Website or our services, which includes for the duration of, but could extend beyond, your active participation on the Website, or as otherwise set forth in this Privacy Policy, and to the extent set out in this Privacy Policy and as necessary to comply with our legal and/or statutory obligations, resolve disputes, enforce our agreements, and protect our legal rights. Additionally, we may retain indefinitely any aggregated, anonymized, or pseudonymized information which we may collect and maintain, and may from time to time transfer or merge your information collected off-line to our online databases or store off-line information in an electronic format. By using the Website and providing us with information (including Personal Information), you waive any claims that may arise under your own or any other local or national laws, rules or regulations or international treaties. We may from time to time transfer or merge your information collected off-line to our online databases or store off-line information in an electronic format. This Privacy Policy applies to your information for as long as your information is in our possession, even if you terminate or discontinue your use of the Website.

International Transfers

If you access or use the Website or the Services from outside the United States, your information may be transferred to, stored in, processed in, or made accessible from the United States or other jurisdictions whose data protection laws may differ from those of your country of residence. Where required by applicable law, we will take steps intended to provide an appropriate lawful basis and safeguards for such transfers.

Retention of Information

We retain Personal Information for as long as necessary or permitted in light of the purposes for which it was collected and used, as described in this Privacy Policy, unless a longer retention period is required or permitted by law, including by any rights or licenses you grant to us.

At present, Sonilo's current practices may include retaining uploaded videos, prompts, logs, generated music and other outputs, metadata, derived data, analytics, backups, and related records on a long-term or indefinite basis pursuant to your grant of a license to us, including after account cancellation, subject to applicable law and any future changes to our practices.

The criteria used to determine retention may include, without limitation: the nature of the information; the purposes for which it was collected and processed; operational and product-development needs; security, fraud prevention, and abuse prevention needs; legal, regulatory, tax, accounting, litigation, and compliance requirements; and backup, archival, and recordkeeping practices.

15. Updates; Notification of Privacy Policy Changes

We may update or revise this Privacy Policy from time to time. If we do so, we will post the updated version on the Website and update the "Last Updated" date above. If a change is material, we may also provide additional notice through the Website, the Services, by e-mail, or by another method, at our discretion. Your continued use of the Website or the Services after any updated Privacy Policy becomes effective constitutes your acknowledgment of the updated Privacy Policy.

16. Miscellaneous; How to Contact Us

If you have any questions, requests, or concerns regarding this Privacy Policy or Sonilo's privacy practices, please contact us at:

Sonilo Inc.
Email: [email protected]
DMCA / Copyright: [email protected]
Other reasons: [email protected]

If Sonilo later designates additional privacy contact channels, representatives, mailing addresses, or jurisdiction-specific request mechanisms, we may update this Privacy Policy accordingly.