Privacy Policy

InterSpace Distribution (“InterSpace Distribution”, “we”, “us” and/or “our”) provides music distribution and related services (together with our website at www.interspacemusic.com and the InterSpace mobile and web applications, the “Services”). This Privacy Policy describes the personal data we collect, how we use and share it, how long we keep it, and the rights you have over it.

By providing us with your personal data, accessing the Site or using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services. For any questions, contact support@interspacemusic.com or our Data Protection Officer at legal@interspacemusic.com.

1. Categories of data we collect

Identity & contact

• Email address (signup, login, OTP delivery, transactional mail)
• First & last name (signup)
• Display / artist name (profile)
• Profile photo (optional, user-uploaded)
• Location — free-text city / country (optional)

Authentication & security

• Password — stored as a salted, one-way hash; never stored in plaintext
• Bearer auth tokens — hashed at rest
• One-time codes — hashed at rest, single-use, with a short expiry
• IP address — rate limiting, fraud signals, audit logs
• User-agent string — audit logs
• Login timestamps and device labels

Device & push

• Push-notification token (per device)
• Platform (iOS / Android)
• App version
• Last-seen timestamp (90-day rolling retention)

Music content (artist-uploaded)

• Audio files — WAV / FLAC / MP3, stored in secure cloud storage
• Cover artwork — JPG / PNG
• Artist photos
• Release metadata: titles, ISRC, UPC, lyrics, performer and writer credits, copyright owner and year, language, genre, release date, distribution-platform selections
• Featured / additional artist names
• Smart-link slugs (interspace.ink/<slug>)

KYC / regulatory data (collected only if you request a withdrawal)

• Government-issued ID image — NIN, passport, driver’s licence, national ID, or voter’s card
• Selfie holding the ID (optional but recommended)
• Full legal name and document number
• Date of birth, nationality, country, address (optional)
• A non-reversible fingerprint derived from each uploaded document, retained for fraud and abuse prevention

Financial data

• Bank account details — account-holder name, account number, bank name
• Wire-transfer SWIFT / BIC (when applicable)
• PayPal / Wise email (when applicable)
• Royalty earnings and distributions per period
• Withdrawal history, status, and processing notes

Streaming & analytics

• Per-track / per-album streams imported from DSP CSVs (Spotify, Apple Music, etc.)
• Per-territory and per-platform breakdowns
• Lifetime totals and period trends

Communications

• In-app notifications — release status, royalties, withdrawals, KYC, takedown / update requests
• Push-notification delivery records
• Transactional emails — sign-in code, withdrawal confirmation, royalty receipt, etc.
• Email opt-in for our optional marketing list

Permissions requested by the iOS app

• Camera — KYC selfie, artist photo, cover-art capture
• Photo library — selecting cover art / profile photos
• Push notifications
• Audio session — track-preview playback
• Network

2. Third-party processors

We use a limited number of carefully vetted third-party processors to operate the Services. Each acts only on our documented instructions, under a written data-processing agreement, and only for the purposes described in this policy. By category they include: cloud hosting and storage, content delivery, transactional email, push-notification delivery, payment and subscription processing, identity-verification (KYC) and fraud-prevention services, smart-link and metadata enrichment, and the digital service providers (DSPs) to which we deliver your releases. We do not sell your personal data, and card payment details are tokenised and never reach our servers. A current list of the specific processors we use is available to regulators and, on legitimate request, to data subjects, by emailing legal@interspacemusic.com.

3. Retention windows

• Account, profile, catalog, smart links — for as long as the account is active
• Royalty statements, KYC submissions, tax forms, withdrawal history — 7 years (financial-regulation requirement, retained even after account deletion)
• Push tokens — 90 days rolling
• Crash logs and audit logs — 24 months
• API tokens — until revoked or after 90 days of inactivity
• OTPs — 15 minutes
• Magic-link tokens (if re-enabled) — 15 minutes

4. Legal bases for processing (GDPR and similar laws)

• Contract performance — distributing your music, paying royalties, account login
• Legal obligation — KYC, AML, tax reporting, copyright disputes
• Legitimate interest — fraud prevention, abuse detection, security analytics
• Consent — marketing emails, push notifications, optional KYC fields such as date of birth

5. Your rights

• Access, rectification, deletion, and portability of your personal data
• In-app account deletion — Settings → Delete account, processed within 30 days; legally-required records are retained per the 7-year window above
• Email support@interspacemusic.com for GDPR / CCPA / NDPR requests
• Right to lodge a complaint with your local data-protection authority

6. International transfers

Your data may be processed in the United States (AWS, Apple, Google), the United Kingdom, the European Union, and Nigeria. Where data leaves your jurisdiction, we rely on Standard Contractual Clauses or equivalent safeguards.

7. Children

The Services are intended for users aged 13 and over (or the local minimum age — 16 in some EU member states). We do not knowingly collect data from children under that age. If you believe a child has provided us with personal data, please contact support@interspacemusic.com and we will delete it.

8. Contact

• Support: support@interspacemusic.com
• Data Protection Officer: legal@interspacemusic.com
• Mailing address: Suite 12, DDS Complex, 24 Airport Rd, Rukpokwu, 500102, Port Harcourt, Nigeria