Label OS

Login

Privacy Policy

Effective Date: April 13, 2026 | Last Updated: April 13, 2026

1. Who We Are

Label OS is operated by iGroove AG, Churerstrasse 135, CH-8808 Pfäffikon SZ, Switzerland. For privacy inquiries, contact us at [email protected].

B2B scope. Label OS is offered exclusively to business customers and professional users acting on behalf of an organisation (e.g., labels and their authorised representatives). We do not offer the Service directly to consumers and do not enter into contracts with private persons for personal/household purposes.

Definitions

  • “Label Users” are users authorised by a business customer (e.g., a label) to administer and use the Service.
  • “Artist Users” are users invited by a business customer to access artist/revenue-related information in a professional capacity within that customer’s workspace (where enabled).

2. What Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, organisation name, role. For Artist Users, this also includes artist/stage name and label affiliation.
  • Service data: streaming and revenue data imported from distribution partners, royalty splits, payout records, release metadata, contract terms, deal models, and forecasts created within the platform.
  • Technical data: IP address (anonymised where possible), browser type, device identifier, pages visited, and session duration, collected via Google Analytics.
  • Communication data: messages and attachments you send us via email or our contact form.

We do not currently collect payment data. If this changes, we will update this policy and notify you in advance.

Additional clarifications (B2B context):

  • Business contact data. We process personal data of business customer representatives (e.g., employees, contractors, authorised users) as needed to provide the Service.
  • Data sources. Service data may be (i) provided by the business customer, (ii) imported from distribution partners and other third parties at the business customer’s request/authorisation, and/or (iii) generated within the Service (e.g., calculations, dashboards, audit logs).

3. How and Why We Use Your Data

  • To provide the Service (account management, royalty calculations, dashboards, artist portals) — legal basis: legitimate interests (Art. 6(1)(f) GDPR) and/or contract performance (Art. 6(1)(b) GDPR), depending on the context and the relationship with the relevant data subject (e.g., where a data subject is a contracting party vs. a business customer representative).
  • To improve the Service and fix errors — legal basis: legitimate interest.
  • To detect fraud and protect security — legal basis: legitimate interest.
  • To respond to your inquiries — legal basis: legitimate interests and/or steps prior to entering into a contract, depending on the inquiry.
  • To comply with legal obligations — legal basis: Art. 6(1)(c) GDPR.

Legitimate interests (examples): operating a secure B2B SaaS platform; preventing misuse and fraud; ensuring service availability; improving performance and user experience; and maintaining auditability and support quality.

4. Who We Share Data With

We do not sell your data. We share personal data only with:

  • Our hosting provider (servers located in Switzerland; data encrypted at rest with AES-256).
  • Google (Google Analytics) for usage analytics (where enabled and, where required, with your consent).
  • Your label (for Artist Users): the label that invited you can see your revenue data and account information within their workspace. The label is an independent controller for its use of that data.
  • Legal counsel or public authorities where required by law.

Role clarification (controller vs. processor):

  • iGroove as controller. iGroove acts as a data controller for personal data processed to operate, secure, and administer the Service at platform level (e.g., user accounts, authentication, security logs, service communications, website logs, and consent preferences).
  • iGroove as processor. Where business customers upload or otherwise provide data into the Service (including data relating to artists and royalty/revenue administration), iGroove typically processes such data as a processor on the business customer’s behalf, under a data processing agreement (DPA) or equivalent terms.
  • Business customer as controller. The business customer (e.g., the label) is typically the controller for customer-provided content/data and for deciding which users (including Artist Users) are invited and what data they can access within the customer workspace.

No “data sharing” in the sense of sale. Where a business customer grants access to Artist Users within its workspace, this reflects the business customer’s configuration and authorisation choices.

5. International Transfers

Your data is stored in Switzerland and the European Economic Area (EEA). Where data is transferred outside Switzerland or the EEA (e.g. to Google in the US), we rely on EU Standard Contractual Clauses or an applicable adequacy decision.

6. How Long We Keep Your Data

  • Account data: deleted within 90 days of account closure, unless longer retention is required by law.
  • Revenue and royalty data: retained for 10 years (Swiss commercial record-keeping obligation, Art. 958f CO).
  • Analytics data: retained in accordance with our analytics configuration and then deleted or anonymised (typically within 26 months), subject to your cookie settings and applicable law.

Backups may retain limited data for a shorter additional period. We may retain data longer where required to comply with legal obligations, resolve disputes, enforce agreements, or protect our rights.

7. Cookies

We use strictly necessary cookies (e.g. authentication, session management) and Google Analytics cookies (_ga, _gid, _gat) to understand usage and improve the Service. We do not use advertising or social-media tracking cookies. You can opt out of analytics cookies via our cookie banner or the Google Analytics Opt-Out Browser Add-on.

8. Security

We protect your data with encryption at rest (AES-256) and in transit (TLS 1.2+), role-based access controls, and regular vulnerability assessments. No system is perfectly secure, and we cannot guarantee absolute security.

9. Your Rights

You have the right to access, correct, delete, restrict, or export your personal data, and to object to processing based on legitimate interests. To exercise these rights, contact [email protected]. We will respond within 30 days. You may also lodge a complaint with the Swiss FDPIC or your local supervisory authority.

Where iGroove acts as a processor on behalf of a business customer, requests relating to customer-controlled data may need to be directed to the relevant business customer (the controller). We will support the business customer in responding to such requests as required by applicable law and our contractual arrangements.

Where processing is based on consent (e.g., certain cookies), you may withdraw consent at any time with effect for the future.

10. Artist User Data and Our Processor Role

When Label Users upload Artist User data (royalty splits, contracts, payouts), iGroove acts as a data processor on the label's behalf. The Label Users remains the data controller. If you are an Artist User with questions about how your label handles your data, please contact your label directly.

This data processor role typically applies to customer-provided data and content managed within the Label User’s workspace (including artist, royalty, payout, and release-related data to the extent it relates to identifiable individuals).

Forecasting, deal models, risk scoring and fraud detection (decision support). The Service may provide forecasts, suggested deal models, risk indicators, anomaly flags and similar outputs. These outputs are intended to support business users and should not be used as the sole basis for decisions that produce legal effects or similarly significant effects within the meaning of Art. 22 GDPR. In our role as processor, iGroove does not make “solely automated” decisions about individuals on behalf of the business customer; any decisions remain with the business customer and its authorised users, who review and apply the outputs as appropriate.

iGroove as controller (platform operations). iGroove remains controller for platform-level processing necessary to operate and secure the Service (e.g., account and authentication data, security logs, support communications, and cookie preferences), as described in this policy.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance.

12. Applicable Law

We are established in Switzerland and our processing of personal data is primarily subject to the Swiss Federal Act on Data Protection (FADP). Where and to the extent the EU General Data Protection Regulation (GDPR) applies (for example, when we offer the Service to individuals in the EEA in a professional capacity and/or use certain technologies that may be considered monitoring), we process personal data in accordance with the GDPR. Nothing in this Privacy Policy is intended to limit mandatory rights or obligations under applicable data protection laws.

13. Contact

iGroove AG, Churerstrasse 135, CH-8808 Pfäffikon SZ, Switzerland

Email: [email protected]

Label OS

Intelligent infrastructure for independent labels. Powering the next generation of global distribution.

Platform

HomeRoadmapBlogRelease Notes

Company

CompanyMissionContact

Legal

ImpressumPrivacy PolicyTerms of Service

© 2026 Label OS / iGroove AG. All rights reserved.

All systems operational