1. Scope and Application

1.1 Who We Are

LocalBeat ("we," "us," "our") operates a multi-tenant content management system platform at mylocalbeat.com and associated subdomain sites. This Privacy Policy describes how we collect, use, disclose, and protect personal information in connection with our services.

1.2 What This Policy Covers

This policy applies to:

• Our website at mylocalbeat.com and all subdomain sites
• Our dashboard and administrative interfaces
• All features and services we provide
• Communications between you and LocalBeat

1.3 What This Policy Does Not Cover

This policy does not apply to:

• Third-party websites or services linked from our platform
• Content published by users on their Sites (each Site may have its own privacy policy)
• Employment-related personal information

1.4 Consent

By using our services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

Account Information

When you create an account, we collect:

• Name and email address
• Username and password (encrypted)
• Profile information (optional: bio, avatar, website)
• Organization details (if applicable)

Billing Information

For paid subscriptions and credit purchases, we collect:

• Payment card information (processed securely by Stripe)
• Billing address
• Tax identification numbers (if required)
• Payment history and transaction records

Content and Communications

We collect information you create or upload:

• Posts, pages, and media files
• Comments and user interactions
• Email campaigns and newsletter content
• Support requests and correspondence
• Feedback and survey responses

Site Configuration

For multi-tenant site management, we collect:

• Site name, subdomain, and settings
• Branding elements (logos, colors, fonts)
• Category and tag structures
• User roles and permissions

2.2 Information Collected Automatically

Usage Information

We automatically collect:

• Pages viewed and features used
• Time spent on pages and navigation patterns
• Buttons clicked and forms submitted
• Search queries and filters applied
• Error messages and system logs

Device and Browser Information

We collect technical information about your device:

• IP address and geolocation (country/region)
• Browser type and version
• Operating system and device type
• Screen resolution and viewport size
• Referring URL and exit pages

Cookies and Similar Technologies

We use cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze usage patterns and performance
• Provide personalized experiences

See our Cookie Policy for detailed information about cookies we use.

2.3 Information from Third Parties

Authentication Providers

We use Clerk for authentication. When you sign in with a third-party provider (Google, Microsoft, etc.), we receive basic profile information as permitted by that provider and your privacy settings.

Payment Processors

Stripe provides payment processing services. We receive transaction confirmations and payment status but do not directly handle or store full payment card details.

Analytics and Service Providers

Our service providers may share aggregated or anonymized data about service performance, security events, or usage trends.

3. How We Use Your Information

3.1 Providing and Improving Services

We use your information to:

• Create and manage your account
• Provide requested features and functionality
• Process payments and manage subscriptions
• Deliver email campaigns and newsletters
• Generate AI content using OpenAI services
• Import content from Radio Content Pro
• Store and deliver media files via Cloudinary
• Monitor service performance and uptime
• Troubleshoot issues and provide support

3.2 Communication

We use your information to:

• Send transactional emails (receipts, confirmations, alerts)
• Respond to support requests and inquiries
• Send important service announcements and updates
• Notify you about billing and account status
• Request feedback and conduct surveys (with your consent)

3.3 Marketing and Promotional Communications

With your consent, we may send marketing emails about new features, promotions, or other news. You can opt out at any time using the unsubscribe link in emails or by updating your notification preferences.

3.4 Analytics and Research

We use data to:

• Analyze usage patterns and trends
• Understand user needs and preferences
• Develop new features and improvements
• Conduct research and statistical analysis
• Create aggregated, anonymized reports

3.5 Security and Fraud Prevention

We use information to:

• Detect and prevent fraud, abuse, and security threats
• Monitor for suspicious activity
• Enforce our Terms of Service and policies
• Protect the rights and safety of users
• Comply with legal obligations

3.6 Legal Compliance

We process data as necessary to:

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Protect our legal rights and interests
• Prevent illegal activities

3.7 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, or Switzerland, we process personal data based on:

• Contract Performance: Processing necessary to provide services you requested
• Legitimate Interests: Improving services, security, analytics (where not overridden by your rights)
• Consent: Marketing communications, optional features, cookies (where required)
• Legal Obligation: Compliance with laws, tax requirements, legal processes

4. Information Sharing and Disclosure

4.1 Service Providers and Subprocessors

We share information with trusted third-party service providers who help us operate our platform. These subprocessors are contractually obligated to protect your data and use it only for specified purposes:

See our Subprocessor List for complete details and privacy policy links for each provider.

4.2 Business Transfers

If LocalBeat is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal process (subpoenas, court orders, warrants)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Protection of users' rights, property, or safety
• Investigation of fraud, security, or technical issues

4.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing, such as integrating third-party tools or sharing data with business partners.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This includes usage statistics, trends, and research insights.

4.6 Public Information

Content you publish on public-facing Sites (posts, pages, comments) is accessible to Site visitors and search engines. Be mindful of what information you make public.

4.7 No Sale of Personal Information

We do not sell your personal information to third parties. We do not share personal data with advertisers or data brokers for their own marketing purposes.

5. Data Retention

5.1 Active Accounts

We retain your information for as long as your account is active or as needed to provide services. This includes:

• Account information: Retained while account is active
• Content and media: Retained until you delete it or close your account
• Billing records: Retained for 7 years for tax and accounting purposes
• Transaction logs: Retained for 3 years for fraud prevention and compliance

5.2 Closed Accounts

When you close your account, we:

• Delete your content and media within 30 days
• Anonymize or delete account information within 90 days
• Retain billing records as required by law (typically 7 years)
• May retain backup copies for up to 90 days

5.3 Legal and Compliance Retention

We may retain certain information longer when necessary for:

• Compliance with legal obligations
• Resolution of disputes or enforcement of agreements
• Detection and prevention of fraud
• Protection of legal rights

5.4 Anonymized Data

We may retain anonymized or aggregated data indefinitely for analytics, research, and service improvement purposes.

6. Data Security

6.1 Security Measures

We implement industry-standard security measures to protect your information:

• Encryption: Data encrypted in transit (TLS/SSL) and at rest
• Access Controls: Role-based access with principle of least privilege
• Authentication: Secure authentication via Clerk with optional 2FA
• Monitoring: Continuous security monitoring and logging
• Regular Audits: Periodic security assessments and updates
• Secure Infrastructure: Hosting on Vercel and Neon with security best practices

6.2 Payment Security

Payment information is processed by Stripe, a PCI DSS Level 1 certified service provider. We do not directly handle or store full payment card details.

6.3 Employee Access

Access to personal information is restricted to employees, contractors, and service providers who need access to perform their duties. All such individuals are bound by confidentiality obligations.

6.4 Data Breach Notification

In the event of a data breach affecting your personal information, we will:

• Investigate and contain the breach promptly
• Notify affected users within 72 hours (or as required by law)
• Provide information about the breach and recommended actions
• Report to relevant authorities as required

6.5 Limitations

While we implement strong security measures, no system is completely secure. You acknowledge the inherent risks of internet data transmission and electronic storage. You are responsible for maintaining the security of your account credentials.

7. Your Privacy Rights

7.1 Access and Portability

You have the right to access your personal information and receive a copy in a structured, machine-readable format. To request your data, contact privacy@mylocalbeat.com.

7.2 Correction and Update

You can update most account information through your dashboard settings. For assistance, contact support@mylocalbeat.com.

7.3 Deletion

You can delete your account at any time through dashboard settings or by contacting support@mylocalbeat.com. Deletion is permanent and cannot be reversed. We will delete your data within 30 days, subject to legal retention requirements.

7.4 Objection and Restriction

You may object to certain data processing activities or request restriction of processing. Contact privacy@mylocalbeat.com to exercise these rights.

7.5 Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time. This does not affect the lawfulness of processing before consent withdrawal.

7.6 Marketing Opt-Out

You can opt out of marketing emails by:

• Clicking "unsubscribe" in any marketing email
• Updating notification preferences in your dashboard
• Contacting support@mylocalbeat.com

Note: You cannot opt out of transactional emails necessary for service operation.

7.7 California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt out of sale of personal information (we do not sell data)
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

To exercise these rights, contact privacy@mylocalbeat.com or call our toll-free number. We will verify your identity before processing requests.

7.8 European Privacy Rights (GDPR)

Users in the EEA, UK, and Switzerland have rights under the General Data Protection Regulation:

• Right of access and data portability
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

Contact privacy@mylocalbeat.com to exercise these rights.

7.9 Response Time

We will respond to privacy rights requests within 30 days (or as required by applicable law). In some cases, we may need to verify your identity or request additional information to process your request.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our services. We use both session cookies (deleted when you close your browser) and persistent cookies (remain until deleted or expired).

8.2 Types of Cookies We Use

Essential Cookies

Required for service operation and cannot be disabled:

• Authentication and session management
• Security and fraud prevention
• Load balancing and performance

Functional Cookies

Enhance functionality and user experience:

• Remember your preferences and settings
• Save your language and region choices
• Enable features you've requested

Analytics Cookies

Help us understand how users interact with our service:

• Track page views and navigation patterns
• Measure feature usage and engagement
• Identify performance issues

8.3 Cookie Management

You can control cookies through your browser settings. Note that disabling cookies may affect service functionality. See our Cookie Policy for detailed information about managing cookie preferences.

8.4 Do Not Track

We do not currently respond to "Do Not Track" browser signals, as there is no industry standard for how to interpret such signals.

9. Third-Party Services

9.1 Third-Party Links

Our service may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to review their privacy policies before providing personal information.

9.2 Social Media Integration

If you use social media features (sharing, authentication), information may be collected by the social media platform according to their privacy policy.

9.3 Third-Party Analytics

We may use third-party analytics services (e.g., Vercel Analytics) to analyze service usage. These services may collect information about your use of our service and other websites.

9.4 User-Added Integrations

If you integrate third-party services with your Site (e.g., social media feeds, analytics tools), those services may collect data according to their own privacy policies.

10. International Data Transfers

10.1 Data Storage Location

Your information is primarily stored on servers located in the United States. By using our services, you consent to the transfer of your information to the United States and other countries where we or our service providers operate.

10.2 Adequacy and Safeguards

When transferring data from the EEA, UK, or Switzerland to countries without an adequacy decision, we implement appropriate safeguards such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Addendum with privacy commitments
• Technical and organizational security measures

10.3 Data Processing Addendum

Our Data Processing Addendum outlines our commitments as a data processor, including compliance with GDPR, subprocessor management, and data subject rights.

11. Children's Privacy

11.1 Age Restriction

Our services are not directed to children under 18. We do not knowingly collect personal information from children. If you are under 18, do not use our services or provide any personal information.

11.2 Parental Notice

If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information promptly.

11.3 Reporting

If you believe we have collected information from a child, please contact privacy@mylocalbeat.com immediately.

12. Changes to This Policy

12.1 Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

12.2 Notification

We will notify you of material changes by:

• Posting notice on our website
• Sending email to your registered address
• Displaying notification in the dashboard

12.3 Effective Date

Changes become effective 30 days after notice. Your continued use of the service after changes take effect constitutes acceptance of the updated Privacy Policy.

12.4 Review

We encourage you to review this Privacy Policy periodically. The "Last Updated" date at the top indicates when the policy was last revised.

13. Contact Us

13.1 Privacy Questions

If you have questions about this Privacy Policy or our privacy practices, please contact:

13.2 Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at privacy@mylocalbeat.com.

13.3 Supervisory Authority

If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with a data protection supervisory authority in your country.

Last Updated: November 20, 2025
Version: 1.0
This Privacy Policy is effective as of the date above. Please review regularly for updates.