Privacy Policy

Last Updated: 12/1/2025

At Legati ("we," "us," or "our"), we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share information about you when you use our website and services.

By using Legati, you agree to the collection and use of information in accordance with this policy. Because we operate within the European Union (specifically Austria), we adhere strictly to the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller responsible for your personal information is Legati. If you have any questions about this policy, you may contact us via the contact methods listed at the bottom of this page.

2. Information We Collect

We collect the following types of information:

A. Information You Provide

  • Account Information: Name, email address, and password (encrypted via Supabase Auth).
  • Profile Data: Biography, instrument/role, location, repertoire lists, achievements, and website links.
  • User Content: Posts, messages, comments, and media links you submit to the platform.

B. Automatically Collected Information

  • Usage Data: Information about how you interact with our services (e.g., pages visited, time spent).
  • Device Data: IP address, browser type, and operating system details for security and debugging purposes.
  • Cookies: We use essential cookies to maintain your authenticated session.

3. How We Use Your Information

We use your data for the following purposes:

  • To provide and maintain the Legati service (e.g., creating your profile, enabling messaging).
  • To connect you with other musicians and opportunities based on your role and location.
  • To notify you about changes to our service or important account updates.
  • To detect and prevent fraud or abuse.

4. Data Storage & Processors

We use third-party service providers to help us operate Legati. These partners act as data processors and are contractually obligated to protect your data in compliance with GDPR.

  • Supabase: Handles database storage, file storage, and user authentication. Data is stored securely on AWS servers (typically in the EU region).
  • Render: Hosts our website application and server infrastructure.

5. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right to Access: You can view your profile data directly on your Dashboard.
  • Right to Rectification: You can edit your profile information at any time via the "Edit Profile" settings.
  • Right to Erasure ("Right to be Forgotten"): You can delete your account and all associated data permanently using the "Delete Profile" button in your dashboard settings.
  • Right to Restriction: You can set your profile visibility to "Private" or "Registered Users Only" in your settings to limit who sees your data.
  • Right to Data Portability: You may request a copy of your data in a structured, machine-readable format.

6. Cookies

Legati uses only strictly necessary cookies required for user authentication and session security. We do not use third-party tracking cookies for advertising purposes.

7. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: legati.music@gmail.com

Return to Home