Violin With Marta

Privacy Policy

Last updated: May 15, 2026

Violin With Marta respects your privacy. This policy explains what data I collect, how I use it, and your rights regarding that data.

1. Data I Collect

I collect only the data necessary to deliver the platform and its features:

  • Account data: your name, email address, and password (stored as a secure hash - I never see your actual password).
  • Payment data: handled entirely by Stripe. I never see or store your card number, CVV, or billing details.
  • Community data: posts, comments, profile information, and other content you share in the community.
  • Technical data: IP address, browser type, device type, and general usage patterns.
  • Cookies: session cookies for authentication, and a long-lived cookie that remembers your access to the free lessons so you do not have to enter your email again. No tracking cookies, no advertising cookies.

2. How I Use Your Data

  • Delivering the platform and its features (lessons, community, content).
  • Processing payments and managing subscriptions.
  • Sending transactional emails (receipts, password resets, account updates).
  • Improving the platform based on usage patterns.
  • Responding to support requests.

I do not use your data for targeted advertising or sell it to third parties.

3. Third-Party Services

I use the following services to operate the platform. Each processes only the data necessary for its function:

  • Stripe - payment processing.
  • Supabase - database and authentication.
  • Cloudflare - hosting and security.
  • Resend - transactional email delivery.
  • Mux - video streaming for lessons and other video content. Processes viewing data and IP address to deliver videos.
  • Cal.com - scheduling and booking for private lessons. Processes your name, email, and chosen session times.
  • Google (Google Meet) - video conferencing platform used for live private lessons. Subject to Google's own privacy practices.
  • Umami - privacy-focused analytics. No personal data is collected, no cookies, no IP tracking, no fingerprinting.

Several of these providers are based in the United States, which means your data may be transferred to and processed outside Canada. They are contractually required to apply protections equivalent to PIPEDA.

I do not sell your data to advertisers. Ever.

4. Data Retention

  • Active accounts: your data is kept for as long as your account is active.
  • Deletion requests: your data will be removed within 30 days, except where I am legally required to retain it.
  • Payment records: retained for 7 years as required by Canadian tax law.

To request data deletion, contact me.

5. Data Breach Notification

In the event of a data breach involving your personal information, I will notify affected users and the relevant authorities (including the Office of the Privacy Commissioner of Canada when required under PIPEDA) without unreasonable delay. The notification will describe the nature of the breach, the data involved, steps taken in response, and recommended actions you can take to protect yourself.

6. Children's Privacy (COPPA)

I take children's privacy seriously:

  • Users under 13 require verifiable parental consent before creating an account.
  • A parent or guardian email must be provided for accounts belonging to children under 13.
  • Parents can request access to, correction of, or deletion of their child's data at any time by contacting me.

7. Canadian Privacy Law (PIPEDA)

Violin With Marta is based in Calgary, Alberta, Canada. I comply with the Personal Information Protection and Electronic Documents Act (PIPEDA):

  • I obtain consent for all data collection.
  • Your data is used only for the purposes stated in this policy.
  • I implement appropriate security safeguards to protect your information.
  • You have the right to access and correct your personal data at any time.

Residents of Quebec also have additional rights under Quebec's Law 25 (the Act respecting the protection of personal information in the private sector), including the right to data portability and to be informed of automated decision-making. To exercise these rights, contact me using the details below.

8. International Users (GDPR, UK, California)

If you are accessing the platform from the European Union, the United Kingdom, or another region with similar privacy laws (including California under the CCPA/CPRA), you have the following additional rights regarding your personal data:

  • Access: request a copy of the personal data I hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your data (the right to be forgotten).
  • Restriction: request that I limit how your data is used.
  • Portability: receive your data in a structured, commonly used format.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: at any time, where processing is based on consent.

California residents are additionally entitled to: know what categories of personal information are collected and the purposes for which they are used, request that I do not sell or share your personal information (I do not sell personal information), and receive equal service and price regardless of whether you exercise any of these rights (no discrimination).

To exercise any of these rights, email hello@violinwithmarta.com. I will respond within 30 days for GDPR/UK requests and within 45 days for California requests. You also have the right to lodge a complaint with your local data protection authority.

9. Changes to This Policy

I may update this Privacy Policy from time to time. If I make material changes, I will notify you by email. Continued use of the platform after changes take effect constitutes acceptance of the updated policy.

10. Contact

For the purposes of PIPEDA, the Privacy Officer for Violin With Marta is Marta Sembele. If you have questions about this Privacy Policy, want to exercise your data rights, or need to reach the Privacy Officer, email hello@violinwithmarta.com or use my contact page.