Privacy Policy

This Privacy Policy describes how FMG Universe ("FMG", "we", "us", "our") collects, uses, shares, and protects personal data when you visit our websites, use our apps and platforms, engage with our talent and publishing services, or otherwise interact with us (collectively, the "Services"). By using the Services, you agree to this Policy.

If you do not agree, please do not use the Services. Where required by law, we will seek your explicit consent before processing certain data.

• Controller: FMG Universe, with principal place of business in Jakarta, Indonesia. For some activities we act as a processor on behalf of clients.
• Coverage: This Policy applies to our websites, portals, creator tools, analytics dashboards, and business operations for Creation, Talent, Media, R&D, Publishing, Live, and Academy.
• Exclusions: Third‑party sites and services linked from our Services are governed by their own policies.

The types of personal data we collect include:

• Account & identity (name, email, username, password, role, verification status).
• Professional & talent (portfolio links, credits, splits, IPI/CAE, ISWC/ISRC mapping, bios, skills, availability).
• Contact & communications (messages, support tickets, preferences, marketing opt‑ins).
• Transactional (orders, invoices, payment tokens via processors; we do not store full card numbers).
• Usage & device (log data, IP, approximate location, browser/OS/DAW details, performance metrics, crash reports).
• Content you upload (audio, stems, metadata, artwork, documents, comments, timestamps, version history).
• Cookies & similar tech (described below).

• Directly from you (forms, uploads, contracts, communications).
• Automatically through your use of the Services (logs, analytics, device data).
• Third parties (payment processors, DSPs, PROs/CMOs, identity verification, marketing platforms, publicly available sources).

• Provide & improve Services, including account management, features, personalization, support, and QA.
• Rights & releases ops (metadata, splits, registrations, audit trails, royalty matching).
• Safety & integrity (fraud prevention, abuse, security, compliance, and enforcing Terms).
• Analytics & R&D (measuring performance, training and evaluating internal models where permitted).
• Communications (service notices, transactional emails, marketing with your consent or as allowed by law).
• Legal obligations and to protect vital or legitimate interests.

• Performance of a contract (providing requested Services).
• Consent (marketing, certain cookies, optional data). You may withdraw at any time.
• Legitimate interests (improving Services, security, analytics, preventing abuse) balanced against your rights.
• Legal obligation (tax, accounting, regulatory requests).
• Vital interests (rare emergencies).

We do not sell personal data. We share it as necessary with:

• Service providers (cloud hosting, storage, analytics, communications, payments, support) under contracts.
• Music ecosystem partners (DSPs, distributors, PROs/CMOs, licensors, licensees) to deliver your selections, releases, and rights operations.
• Professional advisors (legal, audit, insurance).
• Corporate events (merger, acquisition, financing) subject to appropriate safeguards.
• Law enforcement or regulators when required by law or to protect rights, safety, or integrity.

• We may use machine learning to enable features such as similarity search, deduplication, moderation aids, talent or catalog recommendations, or workflow predictions.
• We do not use automated decision‑making that produces legal or similarly significant effects without meaningful human review.
• Where required, we obtain consent or provide opt‑out mechanisms for personalization. You can contact us to object to profiling where applicable.

We use cookies and similar technologies to operate and improve the Services.

• Essential – required for core functionality, security, and network management.
• Analytics – help us understand usage and improve performance.
• Functional – remember preferences and enhance features.
• Advertising – measure campaigns and, where applicable, deliver relevant content (subject to consent).

You can manage preferences any time via the Cookie Preferences button above or your browser settings. We currently do not respond to do‑not‑track signals. Where supported, we treat a valid Global Privacy Control (GPC) signal as a request to opt‑out of sale/share of personal data.

We operate globally. When transferring personal data internationally, we implement appropriate safeguards, such as Standard Contractual Clauses (and the UK Addendum where applicable) or other lawful mechanisms. You can request a copy of relevant safeguards.

We retain personal data for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type; we apply documented schedules and delete or anonymize data when no longer needed.

• We use technical and organizational measures designed to protect personal data (encryption in transit, access controls, logging, secure development practices).
• No system is perfectly secure; we cannot guarantee absolute security.
• Report security issues to security@fmguniverse.com.

Depending on your location, you may have rights such as:

• Access, correct, or delete your personal data.
• Portability, restriction, or objection to certain processing.
• Withdraw consent at any time (where processing is based on consent).
• Opt‑out of direct marketing and, where applicable, sale/share of personal data.

Region‑specific notices:

• EU/UK (GDPR): You may lodge a complaint with your supervisory authority.
• California (CPRA/CCPA): Rights to know, delete, correct, and opt‑out of sale/share; we do not discriminate for exercising these rights. We honor GPC signals where recognized.
• Other regions: We will honor applicable local laws. Contact us to exercise your rights.

To make a request, email privacy@fmguniverse.com or use in‑app settings where available. We may verify your request and may deny requests where an exemption applies.

Our Services are not directed to children under 13 (or the age of digital consent in your region). We do not knowingly collect personal data from children. If you believe a child provided data, contact us and we will take appropriate steps to delete it.

The Services may link to third‑party websites, DSPs, plugins, or apps. Their privacy practices are governed by their own policies. We are not responsible for their content or practices.

We may update this Policy from time to time. When we make material changes, we will notify you by posting the updated Policy and adjusting the "Last updated" date, and, where required, provide additional notice or seek consent.

Questions, requests, or complaints about privacy? Contact our privacy team at privacy@fmguniverse.com.

If you are in the EU/UK, you may also contact your local supervisory authority. If you are in California, you may contact us to exercise your CPRA rights or use settings where available.