privacy

Privacy Policy

Legal
November 03, 20259 min read

Privacy Policy

Effective Date: {{Month Day, Year}}

This Privacy Policy explains how Luciano Marazzo and affiliated entities (collectively, the “Company,” “we,” “us,” or “our”) collect, use, disclose, and safeguard personal information in connection with lucianomarazzo.com, store.lucianomarazzo.com, lessons.lucianomarazzo.com, and portal.lucianomarazzo.com (collectively, the “Site”) and our related products and services (the “Services”).

By using the Services, you agree to this Policy and our Terms & Conditions. If you do not agree, please do not use the Services.

1) Who We Are & Scope

Controller: For most processing activities described in this Policy, the Company acts as a data controller. For certain activities performed strictly on behalf of a client or partner, we may be a processor.

This Policy applies to all subdomains listed above and to any feature or content linking to this Policy (e.g., lessons, store checkout, community portal, forms, scheduling tools, help desk, email marketing).

2) Personal Information We Collect

We collect information directly from you, automatically from your devices, and from third parties.

2.1 Information You Provide

  • Account & Profile (name, display name, photo, username, password, time zone).

  • Contact Details (email, phone, mailing address, billing/shipping address).

  • Orders & Bookings (purchases, lesson enrollments, invoices, support requests).

  • User Content (posts, messages, forum comments, uploads, reviews, testimonials).

  • Lesson/Coaching Inputs (practice logs, assignment submissions, recordings you choose to share; not medical advice).

  • Support & Communications (emails, forms, chat messages).

2.2 Payment & Transaction Information

Payments are processed by third‑party providers (e.g., Stripe, PayPal, card processors). We do not store full credit card numbers. We may receive limited details such as transaction IDs, last four digits, payment status, and timestamps.

2.3 Information Collected Automatically

  • Device & Usage Data (IP address, device identifiers, browser type, pages viewed, links clicked, features used, session duration, crash logs).

  • Cookies & Similar Technologies (see Section 9).

  • Approximate Location derived from IP address (city/region level).

2.4 Information from Third Parties

  • Marketing & Referrals (affiliate IDs, campaign parameters, form integrations).

  • Social/Single Sign‑On where you choose to connect.

  • Service Providers (fraud prevention, analytics, course platforms, scheduling tools).

We may combine information from different sources.

3) Purposes & Legal Bases for Processing

We use personal information for the following purposes and, where required (EU/UK/CH), rely on these legal bases:

  • Provide the Services (create accounts, deliver orders, lessons, and portal access). Legal bases: performance of a contract; legitimate interests.

  • Customer Support (respond to inquiries, troubleshoot). Legal bases: performance of a contract; legitimate interests.

  • Payments & Fulfillment (process orders, prevent fraud, accounting). Legal bases: performance of a contract; legal obligations; legitimate interests.

  • Communications (transactional emails, service updates, surveys). Legal bases: performance of a contract; legitimate interests; consent where required.

  • Marketing (newsletters, promotions, remarketing, personalization). Legal bases: consent where required; legitimate interests (for existing customers, subject to opt‑out).

  • Analytics & Improvements (measure performance, develop features, security). Legal bases: legitimate interests; consent where required.

  • Legal & Compliance (enforce Terms, protect rights, respond to lawful requests). Legal bases: legal obligations; legitimate interests.

You may withdraw consent at any time where consent is the legal basis.

4) Disclosures of Personal Information

We share personal information in the following contexts:

  • Service Providers/Processors (hosting, storage, email/SMS, analytics, payment processing, scheduling, e‑commerce, course/community platforms, content delivery, fraud prevention, customer support). These parties are contractually bound to appropriate confidentiality and data‑processing obligations.

  • Business Partners (e.g., affiliates, co‑promotions) when you interact with linked offers or opt in.

  • Legal, Safety, and Compliance (to courts, regulators, law enforcement) when reasonably necessary to comply with law, protect our users, services, or rights.

  • Business Transfers (merger, acquisition, financing, or sale of assets). We will take steps to ensure your rights remain protected.

We do not sell personal information for money. Some jurisdictions (e.g., California) define “share” to include cross‑context behavioral advertising; see Section 10 for your choices.

5) International Transfers

We may transfer personal information to countries outside your home jurisdiction (including the United States) that may have different data‑protection standards. Where required, we implement appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and the UK IDTA/Addendum for transfers, and conduct transfer risk assessments when appropriate.

6) Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal, tax, and accounting obligations, resolve disputes, and enforce agreements. Criteria include account status, contract duration, statutory limitation periods, and the nature of the information.

7) Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access/Know the categories and specific pieces of personal information we hold about you.

  • Correct/Rectify inaccurate information.

  • Delete/Erase personal information, subject to legal exceptions.

  • Portability of certain information in a structured, commonly used, machine‑readable format.

  • Restrict or Object to certain processing, including direct marketing.

  • Withdraw Consent where processing is based on consent.

  • Limit Use of Sensitive Information (where applicable under CPRA/other laws).

  • Appeal a decision on your request (where applicable).

How to Exercise Your Rights

Email [email protected] with your request and sufficient information to verify your identity (and, if applicable, your authorized agent). We will respond within the timeframe required by applicable law. We do not discriminate against you for exercising your rights.

8) Children’s Privacy

The Services are not directed to children under 16 (or as otherwise defined by local law). We do not knowingly collect personal information from children without appropriate consent. If you believe a child has provided personal information, contact us to request deletion.

9) Cookies, Pixels & Similar Technologies

We use cookies, pixels, local storage, and similar tools to:

  • enable core features (authentication, preferences),

  • perform analytics and measure performance,

  • (where applicable) provide personalized content and marketing.

Where required, we present a cookie consent banner allowing you to accept, reject, or manage categories of cookies. You can also adjust browser settings to block or delete cookies. Some features may not function without certain cookies. See our Cookie Notice for details (categories, purposes, retention, and vendor list).

Do Not Track: We do not respond to browser “Do Not Track” signals. You may use the opt‑out mechanisms described below.

10) Marketing Preferences & Opt‑Out Choices

  • Email/SMS: You can unsubscribe via links in our messages or by contacting support.

  • Analytics/Advertising Cookies: Use the cookie banner or your browser settings to manage preferences. Some providers offer their own opt‑outs.

  • “Sale/Share” (California & similar laws): We do not sell personal information for monetary consideration. If we engage in cross‑context behavioral advertising, we will provide a “Do Not Sell or Share My Personal Information” link and honor opt‑out preference signals (e.g., GPC) where required.

11) Security

We implement reasonable and appropriate administrative, technical, and physical safeguards designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. No method of transmission or storage is 100% secure. We cannot guarantee absolute security. If we become aware of a data breach affecting your personal information, we will notify you and regulators as required by law.

12) Third‑Party Links & Integrations

The Services may link to third‑party sites or integrate third‑party tools and widgets (e.g., checkout, video meetings, LMS/portal, calendars). This Policy does not govern those third parties. Review their privacy policies before using their services.

13) Automated Decision‑Making & Profiling

We may use limited profiling (e.g., segmenting users by preferences or activity) to tailor content, offers, or onboarding. We do not engage in automated decisions that produce legal or similarly significant effects without human involvement.

14) Processing of Special/Sensitive Categories

We do not seek to collect sensitive personal information (e.g., health, biometric, racial/ethnic origin, religious beliefs) through the Services. If you voluntarily provide such information (e.g., regarding vocal health), you consent to our processing for the specific purpose of providing educational guidance only. Do not submit sensitive information you are not comfortable sharing. Where applicable law grants special rights or limitations for sensitive data, we will honor those.

15) International Users & Representatives

If you are located in the EU/EEA, UK, or Switzerland, you may contact [email protected] for any questions or to exercise rights. Where required by law, we will designate an EU/UK representative and update this Policy with their contact details.

16) Changes to This Policy

We may update this Policy from time to time. The “Effective Date” above reflects the latest revision. Material changes will be posted on the Site and, where feasible, communicated via email or in‑portal notice. Your continued use of the Services after changes means you accept the updated Policy.

17) Contact Us

Privacy Requests & Questions:
Email: [email protected]
Postal: 1141 J Street, Eureka, CA, 95501, USA

Data Protection Concerns (EU/UK/CH): You may also lodge a complaint with your local supervisory authority, without prejudice to other rights.

18) Region‑Specific Disclosures

18.1 California (CCPA/CPRA)

  • Categories Collected: Identifiers; customer records; commercial information; internet/usage data; geolocation (approx.); inferences; user content.

  • Sources: You; your devices; service providers; partners.

  • Business/Commercial Purposes: See Section 3.

  • Disclosures for Business Purposes: Service providers/processors; analytics; payment processors; fraud prevention; infrastructure.

  • Sale/Share: We do not sell personal information for money. If we “share” for cross‑context advertising, you can opt out via the cookie banner or a “Do Not Sell or Share” link (when applicable). We honor GPC signals where required.

  • Sensitive Information: We do not use or disclose sensitive personal information for purposes requiring a right to limit under CPRA, except as permitted by law.

  • Retention: See Section 6.

  • Rights: Know, correct, delete, portability, opt‑out of sale/share, limit use of sensitive information, no retaliation. Submit requests via [email protected].

18.2 EU/EEA, UK & Switzerland (GDPR/UK‑GDPR/Swiss‑FADP)

  • Controller: Luciano Marazzo (see Section 17).

  • Legal Bases: Performance of a contract; legitimate interests; consent; legal obligations.

  • Data Subject Rights: Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. Contact [email protected].

  • Transfers: Safeguarded by SCCs/UK IDTA where required.

19) Limitation of Liability (Privacy)

To the maximum extent permitted by law, we are not liable for indirect, incidental, special, consequential, exemplary, or punitive damages relating to privacy or data‑security incidents. Our total liability shall not exceed the greater of (i) amounts you paid to us in the 3 months preceding the claim or (ii) USD $100, except where applicable law mandates otherwise. Nothing in this Policy excludes or limits liability for fraud, willful misconduct, or other liabilities that cannot be limited under law.

20) Supplemental Notices

From time to time, we may publish additional privacy notices for specific products, features, events, or regions. Those notices supplement this Policy. Where conflicts exist, the more specific notice controls for that feature.

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

privacylegalprivacy policyGDPR
Luciano Marazzo is a classically trained lyric tenor and classical guitarist whose life’s focus is music as a complete concept as performance, education, philosophy merge. With deep roots in bel canto and a love for the expressive depth of guitar, his concerts blend the elegance of Italian belcanto, the storytelling of lieder, and the intimacy of solo guitar works. As a published author, Luciano explores music not just as art throug coaching, but as a discipline that reveals character, truth, and beauty. His upcoming work, Music in the Artificial Inferno, is an ambitious ethnomusicological exploration of music in our digital age.

Luciano Marazzo

Luciano Marazzo is a classically trained lyric tenor and classical guitarist whose life’s focus is music as a complete concept as performance, education, philosophy merge. With deep roots in bel canto and a love for the expressive depth of guitar, his concerts blend the elegance of Italian belcanto, the storytelling of lieder, and the intimacy of solo guitar works. As a published author, Luciano explores music not just as art throug coaching, but as a discipline that reveals character, truth, and beauty. His upcoming work, Music in the Artificial Inferno, is an ambitious ethnomusicological exploration of music in our digital age.

Back to Blog