Groove Privacy Policy 
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Groove Privacy Policy</title>
    <style>
        body { font-family: 'Inter', 'Helvetica Neue', Arial, sans-serif; line-height: 1.9; margin: 0; padding: 35px; max-width: 1150px; margin: 0 auto; color: #2a2a2a; background-color: #faf7f2; border-radius: 12px; box-shadow: 0 4px 12px rgba(0,0,0,0.04); }
        h1 { font-size: 30px; font-weight: 700; margin: 60px 0 45px; color: #121212; text-align: center; letter-spacing: 0.2px; border-bottom: 2px solid #e8dcca; padding-bottom: 20px; text-transform: capitalize; }
        h2 { font-size: 23px; font-weight: 600; margin: 45px 0 22px; color: #121212; background-color: #f5f0e9; padding: 12px 20px; border-radius: 6px; border-left: 5px solid #d4b886; }
        h3 { font-size: 20px; font-weight: 600; margin: 35px 0 18px; color: #2a2a2a; padding-left: 12px; border-left: 3px solid #d4b886; }
        p { margin: 18px 0; font-size: 16.5px; text-align: justify; line-height: 1.9; }
        ul, ol { margin: 18px 0 18px 40px; padding: 0; }
        li { margin: 14px 0; font-size: 16.5px; line-height: 1.8; }
        .effective-date { font-style: italic; color: #666; text-align: center; margin: 35px 0 60px; font-size: 15.5px; }
        .intro-note { background-color: #f8f4ed; border-radius: 8px; padding: 22px; margin: 40px 0; border: 1px solid #e8dcca; }
        .data-controller { background-color: #faf0e6; padding: 20px; border-radius: 6px; margin: 30px 0; }
        .rights-section { background-color: #f9f5f0; padding: 20px; border-radius: 6px; margin: 25px 0; }
        .footer-info { margin-top: 70px; padding-top: 25px; border-top: 1px solid #e8dcca; font-size: 15.5px; color: #555; text-align: center; }
        .permission-item { margin: 20px 0; padding: 15px; background-color: #fff; border-radius: 4px; box-shadow: 0 2px 6px rgba(0,0,0,0.03); }
    </style>
</head>
<body>
    <h1>Groove Privacy Policy</h1>
    <p class="effective-date">Effective Date: April 2, 2026 | Last Updated: April 2, 2026 | Applicable to Google Play Android Users Only</p>
    <div class="intro-note">
        <p>This Privacy Policy (the "Policy") governs the collection, use, storage, disclosure, and protection of personal data by Xiangtan Lingle Trading Co., Ltd. ("we", "us", or "our") in connection with the Groove Android application (the "App"), available exclusively on Google Play. The App is designed as a digital sanctuary for vinyl record collectors, enabling users to manage their private vinyl collections, record voice notes about their records, and track loaned albums—all without requiring registration or login. By checking the box to accept this Policy and our User Terms of Service, you confirm that you are 18 years of age or older and agree to the collection and processing of your personal data as described herein. We are committed to complying with Google Play’s Developer Policies, global data protection regulations, and ensuring the highest standards of privacy and security for all users.</p>
    </div>
    <h2>1. Data Controller and Data Protection Officer (DPO)</h2>
    <div class="data-controller">
        <p><strong>Data Controller</strong>: The entity responsible for the collection, processing, and protection of your personal data is Xiangtan Lingle Trading Co., Ltd., with a registered address at No. 7, Liuxia Group, Ningqiao Village, Cha'ensi Town, Xiangtan County, Xiangtan, Hunan Province. We are the sole data controller for all personal data collected through the App, and we determine the purposes and means of processing such data.</p>
        <p><strong>Data Protection Officer (DPO)</strong>: We have designated a Data Protection Officer to oversee compliance with this Policy and applicable data protection laws. You may contact the DPO at any time with questions, concerns, or requests related to your personal data, via the following channels:</p>
        <ul>
            <li>Primary Email: hello@xiangtanlingletrading.com</li>
 <li>Alternative Email: eimanniansenouros@gmail.com</li>
            <li>Company Website: https://www.xiangtanlingletrading.com/</li>
        </ul>
        <p>The DPO will respond to all inquiries within 48 business hours and will work to resolve any issues related to your personal data promptly and in compliance with applicable laws.</p>
</div>
    <h2>2. Legal Basis for Data Processing</h2>
    <p>We process your personal data solely on the following legal bases, as required by applicable global data protection regulations (including but not limited to GDPR, CCPA/CPRA, VCDPA, LGPD, and FADP):</p>
    <ul>
        <li><strong>Consent</strong>: Your explicit consent, given by checking the box to accept this Policy and our User Terms of Service prior to using the App, constitutes the primary legal basis for processing your personal data. You may withdraw your consent at any time, as detailed in Section 7, without affecting the lawfulness of processing based on consent before its withdrawal.</li>
        <li><strong>Legitimate Interest</strong>: We process certain data based on our legitimate interests in providing and improving the App’s functionality, ensuring the security of the App, and maintaining the quality of our services—provided that such processing does not override your fundamental rights and freedoms. Our legitimate interests include, but are not limited to, optimizing the App’s performance, troubleshooting technical issues, and protecting the App from misuse.</li>
        <li><strong>Compliance with Legal Obligations</strong>: We may process your personal data to comply with applicable laws, regulations, or legal requests (e.g., responding to subpoenas, court orders, or requests from regulatory authorities).</li>
    </ul>
 <h2>3. Personal Data We Collect and Its Purposes</h2>
    <p>The App does not require registration or login, so we do not collect personal identifiers such as names, email addresses, or phone numbers unless you voluntarily provide them when contacting our support team. We collect only the minimum necessary data to provide and improve the App’s core functionality, which falls into the following categories, along with their specific purposes:</p>
<h3>3.1 Permissions-Based Data Collection</h3>
    <p>We collect data only when you grant explicit permission for the App to access certain device features, as follows. You may revoke these permissions at any time through your device settings, though this may limit the App’s functionality.</p>
    <div class="permission-item">
        <p><strong>Camera</strong>: When you grant camera permission, the App accesses your device’s camera solely to allow you to take photos of your vinyl record covers. This data is stored locally on your device (unless you choose to back it up to external storage) and is used exclusively to display your record covers within the App. We do not upload, share, or sell camera-captured images unless you explicitly choose to do so.</p>
    </div>
    <div class="permission-item">
        <p><strong>Photo Gallery (Albums)</strong>: When you grant photo gallery permission, the App accesses your device’s photo library to allow you to select existing images of vinyl record covers. This data is used solely to display your chosen covers within the App and is stored locally on your device. We do not access or collect any other photos from your gallery without your explicit selection.</p>
    </div>
    <div class="permission-item">
        <p><strong>Microphone</strong>: When you grant microphone permission, the App accesses your device’s microphone solely to record voice notes related to your vinyl records (e.g., unboxing experiences, listening thoughts, or personal notes). These voice recordings are stored locally on your device and are used exclusively for your personal reference within the App. We do not transcribe, share, or sell these recordings.</p>
    </div>
    <div class="permission-item">
        <p><strong>External Storage</strong>: The App accesses external storage (e.g., SD card) solely to allow you to back up your vinyl collection data, voice notes, and record cover images. This data is stored locally and is not uploaded to our servers or shared with third parties unless you explicitly choose to back it up to a third-party storage service.</p>
    </div>
 <div class="permission-item">
        <p><strong>App Information Reading</strong>: The App reads basic app information (e.g., App version, device model, operating system version) solely to ensure compatibility, troubleshoot technical issues, and deliver updates. This data is used to improve the App’s performance and fix bugs, and it is not linked to any personal identifiers.</p>
    </div>
    <div class="permission-item">
        <p><strong>Advertising Identifier (AAID)</strong>: The App may collect your device’s Advertising Identifier (AAID) solely to deliver personalized advertisements (if applicable) and to measure the effectiveness of ad campaigns. You may opt out of personalized advertising by adjusting your device’s ad settings, as detailed in Section 7.4.</p>
    </div>
    <h3>3.2 Automatically Collected Data</h3>
    <p>When you use the App, we may automatically collect certain non-identifiable data to improve the App’s functionality and user experience. This data does not personally identify you and includes:</p>
    <ul>
        <li>App usage data (e.g., features used, time spent on the App, number of vinyl records added to your collection, frequency of voice note recordings);</li>
        <li>Technical data (e.g., device model, operating system version, App crash reports, network connection type);</li>
        <li>Interaction data (e.g., taps on the "Drop Needle" button, use of the Loan Ledger feature, rotation of record covers in detail view).</li>
    </ul>
    <p>This data is aggregated and anonymized, meaning it cannot be linked back to you as an individual. We use this data solely to analyze usage patterns, optimize the App’s design and functionality, and fix technical issues.</p>
    <h3>3.3 Voluntarily Provided Data</h3>
    <p>If you choose to contact our support team (e.g., to report a bug, ask a question, or make a request related to your data), you may voluntarily provide personal data such as your email address or a description of your issue. This data is used solely to respond to your inquiry and resolve your request, and it is stored securely for as long as necessary to fulfill that purpose.</p>
    <h2>4. Data Storage and Security</h2>
    <p>We prioritize the security of your personal data and implement rigorous measures to protect it from unauthorized access, disclosure, alteration, or destruction. Key security practices include:</p>
    <ul>
        <li><strong>Local Storage Priority</strong>: The majority of your data (e.g., record covers, voice notes, collection information) is stored locally on your device, rather than on our servers. This minimizes the risk of data breaches and ensures you have control over your data.</li>
        <li><strong>Encryption</strong>: Any data that is stored on our servers (e.g., support inquiries, anonymized usage data) is encrypted using industry-standard encryption protocols (AES-256) to protect it during storage and transmission.</li>
        <li><strong>Access Controls</strong>: Access to any personal data stored on our servers is restricted to authorized personnel only, and all such personnel are required to complete data protection training and sign confidentiality agreements.</li>
        <li><strong>Security Audits</strong>: We conduct regular security audits and penetration testing to identify and address potential vulnerabilities in the App and our systems.</li>
        <li><strong>Data Retention</strong>: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Once your data is no longer needed, we delete it securely or anonymize it so that it can no longer be linked to you.</li>
    </ul>
    <p>While we take all reasonable measures to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee the absolute security of your data, but we commit to promptly notifying you of any data breach that may affect your personal data, in compliance with applicable laws.</p>
    <h2>5. Data Sharing and Sale</h2>
    <h3>5.1 Data Sharing</h3>
    <p>We do not share your personal data with third parties except in the following limited circumstances, all of which comply with applicable data protection laws:</p>
<ul>
        <li><strong>Service Providers</strong>: We may share anonymized, non-identifiable data with third-party service providers who assist us in operating the App (e.g., analytics providers to help us understand usage patterns, technical support providers to resolve App issues). These service providers are contractually obligated to protect your data and may only use it to perform the services we request.</li>
        <li><strong>Legal Compliance</strong>: We may share your personal data if required to do so by law, regulation, court order, or subpoena, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.</li>
        <li><strong>Business Transfers</strong>: In the event of a merger, acquisition, or sale of all or part of our business, your personal data may be transferred to the acquiring entity, provided that the acquiring entity agrees to comply with this Policy and applicable data protection laws.</li>
    </ul>
    <h3>5.2 Data Sale and Your Right to Opt Out</h3>
    <p>We do not sell your personal data to third parties for monetary gain. However, certain data protection laws (e.g., CCPA/CPRA, VCDPA) define "sale" broadly to include the disclosure of personal data in exchange for anything of value. To the extent that any of our data practices constitute a "sale" under applicable law, you have the right to opt out of such sales at any time.</p>
    <p>To opt out of the sale of your personal data (if applicable), please send a written request to our DPO at hello@xiangtanlingletrading.com with the subject line "Opt Out of Data Sale". In your request, please include a clear statement that you wish to opt out of the sale of your personal data, and we will process your request within 10 business days. You may also opt out of personalized advertising (which may involve the sharing of your AAID with ad providers) by adjusting your device’s ad settings, as detailed in Section 7.4.</p>
    <h2>6. User Rights Under Applicable Data Protection Laws</h2>
    <p>Depending on your country or region of residence, you may have additional rights under applicable data protection laws. Below is a summary of key rights, including region-specific rights under regulations such as GDPR (EU/EEA), CCPA/CPRA (California, USA), VCDPA (Virginia, USA), LGPD (Brazil), and FADP (Switzerland). These rights are in addition to any rights provided by Google Play’s Developer Policies.</p>
    <div class="rights-section">
        <h3>6.1 Global User Rights</h3>
        <ul>
            <li><strong>Right to Access</strong>: You have the right to request a copy of the personal data we hold about you, including details about how your data is collected, used, and shared.</li>
            <li><strong>Right to Rectification</strong>: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.</li>
            <li><strong>Right to Erasure (Right to be Forgotten)</strong>: You have the right to request that we delete your personal data, provided that there is no legal obligation to retain it (e.g., compliance with a court order).</li>
            <li><strong>Right to Restrict Processing</strong>: You have the right to request that we restrict the processing of your personal data (e.g., if you dispute the accuracy of your data or if the processing is unlawful).</li>
 <li><strong>Right to Object to Processing</strong>: You have the right to object to the processing of your personal data based on our legitimate interests, or for direct marketing purposes (if applicable).</li>
            <li><strong>Right to Lodge a Complaint</strong>: You have the right to lodge a complaint with the relevant data protection authority in your country or region if you believe we have violated your privacy rights. Contact information for major data protection authorities is provided in Section 8.</li>
        </ul>
    </div>
    <div class="rights-section">
        <h3>6.2 Region-Specific Rights</h3>
        <ul>
            <li><strong>GDPR (EU/EEA)</strong>: If you are located in the EU or EEA, you have the right to data portability (i.e., to receive your personal data in a structured, machine-readable format and to transmit it to another data controller). You also have the right to withdraw your consent at any time, and we will cease processing your data based on that consent.</li>
            <li><strong>CCPA/CPRA (California, USA)</strong>: If you are a California resident, you have the right to request that we disclose the categories and specific pieces of personal data we have collected about you, the categories of third parties with whom we have shared your data, and the categories of data we have sold (if any). You also have the right to opt out of data sales, as detailed in Section 5.2, and the right to non-discrimination for exercising your rights (e.g., we will not deny you access to the App or charge you a higher fee for exercising your rights).</li>
            <li><strong>VCDPA (Virginia, USA)</strong>: If you are a Virginia resident, you have the right to opt out of the processing of your personal data for targeted advertising, profiling, or sale. You also have the right to request that we correct or delete your personal data, and to receive a copy of your data.</li>
            <li><strong>LGPD (Brazil)</strong>: If you are a Brazilian resident, you have the right to access, rectify, and delete your personal data, as well as the right to object to processing. You also have the right to request the portability of your data and to be informed about any data breaches that affect your data.</li>
            <li><strong>FADP (Switzerland)</strong>: If you are a Swiss resident, you have the right to access and rectify your personal data, and to object to processing if it violates your privacy rights. You also have the right to lodge a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC).</li>
        </ul>
    </div>
    <h2>7. How to Exercise Your Rights</h2>
 <p>To exercise any of your rights under this Policy or applicable data protection laws, please send a written request to our DPO at hello@xiangtanlingletrading.com with the subject line "Data Rights Request". In your request, please clearly state:</p>
    <ul>
        <li>Your full name (if you provided it to us) and contact information (e.g., email address);</li>
        <li>The specific right you wish to exercise (e.g., access, rectification, erasure, opt out of data sale);</li>
        <li>Any additional details that will help us identify your data (e.g., device model, App version, approximate date you first used the App).</li>
    </ul>
    <p>We will verify your identity before processing your request to ensure the security of your data. We will process your request within the timeframes required by applicable law (e.g., 45 days under CCPA/CPRA, 30 days under GDPR, with possible extensions if necessary). If we are unable to process your request, we will notify you in writing, explaining the reason for the denial and any steps you can take to appeal.</p>
    <h3>7.1 Opting Out of Data Sharing/Sale</h3>
    <p>To opt out of the sharing or sale of your personal data (if applicable), please send a request to hello@xiangtanlingletrading.com with the subject line "Opt Out of Data Sharing/Sale". We will process your request within 10 business days and confirm your opt-out via email. You may reverse your opt-out at any time by sending another request to the same email address.</p>
    <h3>7.2 Withdrawing Consent</h3>
    <p>You may withdraw your consent to data processing at any time by sending a request to hello@xiangtanlingletrading.com with the subject line "Withdraw Consent". Withdrawing your consent will not affect the lawfulness of processing based on consent before its withdrawal. If you withdraw your consent, we may no longer be able to provide certain features of the App (e.g., camera access to take record covers), and we will delete your personal data unless we are required to retain it by law.</p>
    <h3>7.3 Deleting Your Data</h3>
    <p>To request the deletion of your personal data, send a request to hello@xiangtanlingletrading.com with the subject line "Delete My Data". We will delete your data within the timeframe required by law, unless we have a legal obligation to retain it (e.g., to comply with a court order). Please note that deleting your data from our servers will not delete data stored locally on your device; you may delete local data by uninstalling the App or through your device settings.</p>
<h3>7.4 Opting Out of Personalized Advertising</h3>
    <p>To opt out of personalized advertising, you can adjust your device’s ad settings: go to your device’s Settings > Google > Ads > Opt out of personalized ads. This will prevent us from using your AAID to deliver personalized ads, but you may still see non-personalized ads within the App.</p>
    <h2>8. Right to Lodge a Complaint</h2>
    <p>If you believe we have violated your privacy rights or this Policy, you have the right to lodge a complaint with the relevant data protection authority in your country or region. Below are contact details for major data protection authorities:</p>
    <ul>
        <li>EU/EEA: European Data Protection Board (EDPB) – https://edpb.europa.eu/</li>
        <li>California, USA: California Attorney General’s Office – https://oag.ca.gov/privacy</li>
        <li>Virginia, USA: Virginia Office of the Attorney General – https://www.oag.state.va.us/privacy-protection</li>
        <li>Brazil: National Data Protection Authority (ANPD) – https://www.anpd.gov.br/</li>
        <li>Switzerland: Swiss Federal Data Protection and Information Commissioner (FDPIC) – https://www.edoeb.admin.ch/</li>
 </ul>
    <p>We encourage you to contact us first to resolve any concerns before lodging a complaint, as we are committed to addressing your issues promptly.</p>
    <h2>9. Policy Updates and Notifications</h2>
    <p>We may update this Policy from time to time to comply with changes in Google Play’s Developer Policies, applicable data protection laws, or changes to the App’s functionality. When we make material changes to this Policy, we will notify you through an in-App notification or by posting the updated Policy on our website (https://www.xiangtanlingletrading.com/). The updated Policy will take effect 30 days after notification, unless otherwise required by law.</p>
    <p>Your continued use of the App after the effective date of the updated Policy constitutes your acceptance of the modified terms. We encourage you to review this Policy regularly to stay informed of any changes.</p>
    <h2>10. Additional Information</h2>
    <ul>
<li><strong>No Registration/Login</strong>: The App does not require registration or login, so we do not collect or store usernames, passwords, or other authentication data.</li>
        <li><strong>Age Restriction</strong>: The App is exclusively for users aged 18 and above. By accepting this Policy, you confirm that you are 18 years of age or older. We do not implement age verification measures, but we prohibit use by anyone under 18.</li>
        <li><strong>No IOS Content</strong>: This Policy applies exclusively to the Android version of the App available on Google Play. We do not offer an IOS version of the App, and this Policy does not apply to any IOS-related services (which do not exist).</li>
        <li><strong>No In-App Purchases</strong>: The App does not include any in-app purchases, and we do not collect payment information from users.</li>
    </ul>
    <div class="footer-info">
        <p>Xiangtan Lingle Trading Co., Ltd. | Registered Address: No. 7, Liuxia Group, Ningqiao Village, Cha'ensi Town, Xiangtan County, Xiangtan, Hunan Province</p>
        <p>Data Protection Officer Contact: hello@xiangtanlingletrading.com | Alternative Contact: eimanniansenouros@gmail.com</p>
        <p>Company Website: https://www.xiangtanlingletrading.com/</p>
        <p>This Privacy Policy is compliant with Google Play’s Developer Policies and applicable global data protection laws, designed to protect your privacy and ensure a secure experience with Groove.</p>
    </div>
</body>
</html>