Tamber Privacy Policy

Version 0.0.1 · Last Update: April 23, 2026

Welcome

This Tamber, Inc. ("Tamber", "we", "our" or "us") Privacy Policy ("Policy") explains how we use, store, protect, and disclose personal information when you use our Apps or submit identifiable information through our Services.

This Policy is grouped into these sections:

About us and this Policy
Information we collect & why we use it
Our disclosures of information to others
How to control your privacy
Information about local privacy laws

We encourage you to read this Policy carefully. You can contact us to submit a privacy request. If you have other questions, please contact us.

About us and this Policy

This Policy is designed to explain how we process your personal information ("Personal Data") and how you can exercise control over our processing.

Tamber, Inc. is the data controller of the Personal Data collected through the services (as defined in our Terms of Service ("Terms")). Capitalized terms that are used but not defined in this Policy are defined in our Terms. The Terms describe how the Services work in general, and establish a contract between you and us governing your use of the Services.

Contact us

If you have questions or feedback about this Policy, contact us at contact@tamber.ai or write to us at: Tamber, Inc., 2161 N Bronson Ave., Los Angeles, CA 90068.

Changes to this Policy

We will update this Policy when necessary to reflect changes in our Services, how we use Personal Data, or the applicable law. Anytime we modify the Policy, we will revise the Last Update date atop this Policy.

If we make material changes to this Policy, we will provide notice or obtain consent regarding such changes as may be required by law.

Scope of Policy

This Policy applies to you when you use the Services, effective as of the Last Update. However, some collection and use of information falls outside this Policy:

Marketing page visits. Information automatically collected during visits to our landing pages is subject to our separate Notice at Collection.
Outside Materials. As described in our Terms, you will encounter and may interact with third-party services or materials while using the Services. Outside Materials are not part of the Services. Information you exchange with Outside Materials is subject to the privacy statements of the applicable provider, not this Policy. Those third parties have their own policies and practices about data. We encourage you to familiarize yourself with their privacy notices and applicable contractual terms.
- For example, embedded YouTube videos and X posts display in media containers. Those containers and content are Outside Materials.
- If you interact with a YouTube container or its video, YouTube decides what data it must collect before serving content to you. It may pull Google identifiers and data about you from your browser and collect other information, like where you're watching (a Tamber page or App), without the involvement of our Services.
Our personnel. If you are a current or former employee or contractor of ours, this Policy does not apply to you. Reach out to your human-resources partner or supervisor with any inquiries about your Personal Data.

Information we collect & why we use it

We and our third-party service providers collect and process information when you interact with the Services. This includes:

information you submit or provide directly;
data collected automatically (which we call "Usage Data"); and
information we generate, infer or receive from other sources.

The following tables describe, comprehensively, how the Services collect and use your information, and the purpose behind that processing.

Information You Submit

Account data — username, login credentials, permissions, and account actions (such as when your account is created, when you log in, add information, request a service, and any changes to your account).

To create and maintain an account at your direction.
To authenticate your access.
For fraud detection and prevention.

Contact data — phone number, email address and other addresses (including as provided via Social Logins).

To send you relevant Services updates, legal notices and marketing emails.
To authenticate your access and account.

Subscription & order data — subscriptions and a-la-carte items you've purchased, how you paid, free-trial periods and promotional offers.

To create and maintain an account at your direction.
To understand eligibility for offers and interest in products.

Communication data — interactions with or through Tamber or its features (like Tamby), via our SMS or support providers.

To respond to your questions, reference past communications and maintain records supporting consents and notices.

User feedback data — including ratings and plain text feedback on how we can improve our Services.

To inform our product roadmap and services with user feedback.

Usage Data

Device information — IP address, device identifiers, user agent.

For fraud prevention.
To administer your account and understand usage of the Services across platforms and devices.

Geolocation data — we may infer general geolocation data from your current IP address when you use the Services. We only collect precise geolocation if you consent, only until withdrawn.

For fraud prevention.
To administer your account and tailor the Services based on your geography.
To inform our in-person events and marketing efforts, and understand use and uptake geographically.

Activity data — your interactions with the Services, and the pathways, frequency, time and duration of the activity.

To understand activity patterns and feature utilization and inform product-development roadmap and efforts.
To understand and quash bugs and other Services performance issues.

Information We Infer, Generate or Receive From Others

Social Login data — if you use a Social Login (like an external Google, Facebook or Apple account) to log into your Tamber account we collect name, profile picture, public profile information, and email address.

To make signing into and using the Services easier and more secure.
To authenticate you as a user of both Tamber and the third party, and to populate your account or profile as you instruct.
To retrieve and associate purchase history, like subscriptions.

Analytics data — we receive unique identifiers and demographic, location and interest-based info. In many cases, Tamber cannot, or does not, associate this data with information you've provided.

To understand our audience and userbase, activity patterns and feature utilization.
To develop and enrich datasets about visitors, users and others.

Personal Data that Tamber obtains from other third-party sources will be processed by Tamber in accordance with this Policy and all applicable laws. For example, our use and transfer of information via Google APIs will adhere to the Google API Services User Data Policy, including its Limited Use requirements.

Technologies we use

When you use and interact with the Services, software automatically collects Usage Data. To give you more insight, this section summarizes the main types of technologies the Services use to generate and collect Usage Data:

Cookies and Local Storage. Cookies and local storage may be stored in and accessed from your device. "Cookies" and local storage are small files containing a string of characters that is sent to your computer's browser and stored on your device. Cookies map predetermined fields to custom values based on your visit or interactions with the web service that writes the cookie. Most web services use cookies to provide useful features for their users, like remembering you when you return to a website.

Most browsers are initially set up to accept cookies. You can configure your browser to refuse some or all cookies or to indicate when a cookie is being sent; however, if you reject cookies, the Services may not remember you when you visit, and you may be unable to take full advantage of our Services.

App Technologies, Customization, and Usage. Our Apps collect information about your installation, use, and updating of our Apps as well as information about your device, including your unique mobile identifiers. More specifically, these tracking technologies allow us to collect data about your device, your use of our apps, and the content you interact with.

These SDKs allow us to authenticate you across devices, customize the app to your interests and preferences and provide you with additional functionality, such as the ability to connect our Services with your Social Login (like 'Sign in with Google').

Security

Tamber has implemented technical, administrative and physical security measures designed to protect your information from unauthorized access, use or disclosure. Still, no data transmission online is 100% secure, so we cannot guarantee or warrant the security of any information you provide, and you do so at your own risk. We cannot promise that your information will remain absolutely secure in all circumstances. We are not responsible for the circumvention of any privacy settings or security measures we may provide.

Our disclosures of information to others

This section describes how and why we exchange Personal Data with contractors and third parties. It also describes our disclosures for marketing and advertising efforts and for legal reasons. We also often disclose deidentified and/or anonymized data for these purposes.

Functional disclosures

We also contract with other businesses to provide certain services related to the functionality and features of the Services, including payment processing, email and hosting services, software development, shipping and fulfillment, data management, and administration of contests and other promotions. We refer to them as "contractors."

Contractors may collect information about you on our behalf, such as Personal Identifiers, Commercial Information, Internet Activity and Device Information, as necessary for them to perform their services. At other times, we disclose information about you to contractors.

Contractors are not permitted to use information about you for any purpose other than performing their services for us. In the past twelve (12) months, we have disclosed these types of information to the following types of contractors:

Analytics providers, namely Google Analytics and Amplitude, to tell us how the Services is doing, such as which parts interest visitors and how long they visit before leaving. Among other data, they may receive your IP address.
Inference providers, to power Tamby and other features augmented by LLMs or other generative models.
Various hosting services and data processors to provide the infrastructure of the Services, which ensure that traffic is from real people, not bots. Among other data, they receive your IP address.
Payment providers, namely Stripe, to process payments between you and us, such as for subscriptions or a-la-carte products. These providers receive information about your order in order to tie your payment process to your order. We don't receive all of the information you may provide to them as part of that process (for instance, we don't receive full payment-account numbers).
Marketing providers to send marketing communications to the email or phone number you provide.
Support providers to provide assistance to you when you request it. They are able to retrieve information about you that is relevant and necessary to your requests, such as account information and order details.

For marketing purposes

We use and disclose your information for marketing purposes in the following ways.

Direct marketing. We only exchange information about you with third parties for their direct marketing purposes if you opt in, and will only do so until you opt out.

We do not 'sell' or 'share' Personal Data. We do not disclose App data, or any Personal Data about users, to third parties to facilitate behavioral ads (i.e., ads targeted to you), nor otherwise sell it.

Non-user information collected during visits to our websites is 'shared' as described in our Notice at Collection.

With your consent or at your request

We may periodically ask for your consent to share your contact information to third parties. Whenever we ask your consent for this reason, we will summarize the purpose and scope of the disclosure. For example, we may offer discounts to you if you consent to join our mailing list or participate in a promotion involving direct marketing communications.

In those cases, the Services will display a tickbox near an email-entry field explaining that by submitting your information, you agree to share your email with the content provider.

To be clear, we only exchange information about you with third parties for direct marketing purposes if you opt in, and will only do so until you opt out.

With our Affiliates

We may share, link or pool user information among our corporate affiliates, but always in accordance with applicable law, applicable agreements and this Policy.

For legal reasons

Finally, we may disclose Personal Data:

In response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we reserve the right to raise or waive any legal objection or right available to us.
When we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of our company, our users, or others; and in connection with the enforcement of our Terms and other agreements.
In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

How long we retain your information

We retain your information only as long as we need it for the purposes described under Information we collect & why we use it, except when longer retention is required by our compliance policies and efforts toward applicable legal, tax, accounting and regulatory requirements.

How long we need information for those purposes varies by category, and even within categories. These retention determinations always consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from its unauthorized use or disclosure and whether we can achieve those purposes without using the Personal Data.

For example, we delete some Usage Data as soon as you exit the Services, whereas we may retain records of your orders for services and products for several years as required by law or contract, such as agreements with our payment processors or under our accounting standards.

Use by minors

The Services are intended for adult users.

If you are under 18: sorry, but please leave the Services. If you've already sent us information, please contact us first so we can delete it.
If you are a parent or guardian of a person under 18 years of age and you believe that person provided information to us, please contact us.

We do not knowingly collect information from anyone under the age of 18, and we do not share or sell information about anyone under 18 without affirmative authorization. If we learn that we possess data from a person under age 18, we will delete that information as quickly as possible.

How to control your privacy

In General

As a user of the Services, you have rights and choices about your Personal Data. We want you to be in control of your information, so we want to remind you of the following options and tools available to you:

Account controls. You can update the Personal Data in your Account through the account settings made available on the Services. Any updated information will be reflected in our records and throughout the Services promptly.
Marketing opt-outs. You may opt out of any marketing communications from us by following the unsubscribe instructions in the communication you receive. We may continue to send you communications regarding the Services, such as notices about administrative updates, transaction reports, and changes to the Services, this Policy or the Terms.
Push notifications. You can choose to receive mobile or browser push notifications from our Services. The Services will send you push notifications from time to time in accordance with any notification preferences you have set on your device or browser. If you later decide you no longer want to receive these notifications, you can use your device or browser's settings to turn them off.
Exercising rights. If any of the local privacy laws listed below apply to you, see Requesting information to exercise your rights.
Disallowing Location Data Collection. When you access certain Services, you may consent to share your precise (GPS level) geolocation with us so we can customize your experience and the content you receive. You may change your location sharing settings at the browser or device level at any time.

Location of Personal Data

The Personal Data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers process data. Currently, we primarily use data centers in the United States. The storage location(s) are chosen to operate efficiently and improve performance. We take steps designed to ensure that Personal Data is processed and protected as described in this policy wherever the data is located.

Location of Processing European Personal Data. We transfer Personal Data from the European Economic Area (EEA), United Kingdom (UK), and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use legal mechanisms, including contracts, to help ensure your rights and protections.

Information about local privacy laws

The Services operate from the United States, but this Policy applies worldwide. Our practices generally do not differ based on your location, but your rights and choices depend in part on the law where you live.

If any of these local privacy laws apply to you, that section overrides any contrary descriptions elsewhere in the Policy as they relate to you. If you have questions about your rights under other data privacy laws, please contact us.

Requesting information

Submitting requests. To exercise any rights described in this Policy, please contact us. Your request must:

provide sufficient information to identify you and the law that applies to you, such as your name, email address, home or work address, or other information we maintain; and
not include social security numbers, driver's license numbers, third-party account numbers, credit or debit card numbers, or health information.

Verifying requests. We verify requests by attempting to match information in the request to information we maintain. We may require you to confirm your identity by authenticating via your account or other access method.

If your request is unclear or we are unable to authenticate your identity, we may ask for more information, in accordance with the law that applies to you.
If you are an authorized agent submitting a request on a user's behalf (where permitted), we may require proof of the user's written authorization before processing the request.
If we cannot verify the identity of the data subject in the request, we may deny it, in full or in part.

Responses to requests. We will respond to your request as quickly as we can, taking into account the nature of your request and the volume of pending requests. The content of our response will vary with the nature of your request, but we will always respond in accordance with any deadlines or requirements specified by the laws that apply to you.

At times, we may be unable to provide responsive Personal Data, such as when disclosure would create a substantial, articulable and unreasonable risk to the security of the information, user accounts, or the security of our systems or networks. We do not disclose account passwords or any other non-Personal Data that enables access to an account.
We reserve the right to retain an archive of any deleted information, to the extent permitted by law. We may also retain deidentified or aggregate data derived from Personal Data.

Appealing decisions. Residents of jurisdictions that provide for an appeal mechanism may appeal a decision we have made regarding their requests by contacting us.

Information for Users in Certain U.S. States

Exercising your rights. If you are a resident of California, Colorado, Connecticut, Utah, Virginia or another state with a similar data-privacy law, you may have additional rights that you (or, in certain states, an authorized agent acting on your behalf) can exercise by contacting us, including the right to:

Access and/or receive a copy of certain Personal Data about the categories and specific pieces of Personal Data we have collected and disclosed for a business purpose in the last 12 months;
Access and/or receive a copy of certain Personal Data we hold about you;
Correct your Personal Data;
Delete certain Personal Data we hold about you;
Receive information about the financial incentives that we offer to you, if any;
Opt out of the processing of your Personal Data using AI or for purposes of profiling to reach decisions that produce legal or similarly significant effects, if applicable.

You also have the right to not be discriminated against for exercising your rights. You may also have the right to opt out of "sales" of your information and "sharing/processing of your information for targeted advertising."

Certain information may be exempt from the requests above under applicable law. For example, we need to retain certain information in order to provide our services to you. We also need to take reasonable steps to verify your identity before responding to a request.

If you have any questions about these rights, wish to exercise them, or request an appeal, see Requesting information or contact us.

Additional Information for Users in California

In addition to the rights described above, consumers residing in California are afforded the right to certain additional information with respect to their Personal Data (or "personal information") under laws like the California Consumer Privacy Act ("CCPA"). If you are a California resident, this section applies to you.

Our collection and use of personal information. Information we collect falls into these CCPA-defined categories of personal information:

identifiers (such as your username and the identifiers you use to sign up, like your email address, social login and/or phone number);
financial data (payment records);
internet or other network information (how you interact with the services);
location information (for example: as inferred from your IP address, or your precise location, if you grant us access to precise location data);
inference data about you (for example, what content you may be interested in); and
other information that identifies or can be reasonably associated with you.

For more information about what we collect and the sources of such collection, please see the Information we collect & why we use it section of the Privacy Policy. To the extent we collect or use sensitive personal information as defined by law (such as CCPA), we do so in accordance with applicable legal requirements, and we do not use or disclose it other than for purposes for which there is not a right to limit under CCPA.

Disclosure of personal information. We may disclose and share your personal information with service providers and third parties as described in the Our disclosures of information to others section of the Policy. We disclose the categories of personal information mentioned in that section for business or commercial purposes.

No sale or "share" of personal information. CCPA sets forth certain obligations for businesses that sell or "share" personal information. We do not sell or share the personal information of our users as those terms are defined in the CCPA. We do disclose certain information as outlined in the Our disclosures of information to others section of the Policy.

We disclose personal information for the following categories of purposes, as defined by CCPA:

Advertising and Marketing
Error Management
Internal Research
Provide Products or Services
Quality Assurance
Security
Short-Term Transient Use

We retain personal information as described in the How long we retain your information section of the Policy.

California's 'Shine the Light' law. Under certain circumstances, Californians can request information about third parties who've received contact information and certain other types of 'personal information' (as separately defined by 'Shine the Light'), for their direct marketing purposes. We only share your personal information with third parties for their own direct marketing purposes with your consent and, if you have consented, only until you withdraw your consent. Consensual disclosures for direct marketing are generally exempt from Shine the Light's disclosure requirement.

If you have any questions about these rights, wish to exercise them, or request an appeal, see Requesting information or contact us.

Information for Users in the European Union and Switzerland

Overview. As described in the How to control your privacy section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in the European Union and Switzerland are afforded the right to certain additional information with respect to their Personal Data under the GDPR. If you reside in any of those jurisdictions, this section applies to you.

Data retention and destruction. We retain Personal Data until we determine it is no longer necessary for (1) the processing purposes justifying its collection or (2) legal compliance purposes.

Exercising your rights. All our users have control over their information and can directly edit or delete information from their account and limit what data we process. Users in the European Union and Switzerland have additional rights that you can exercise by contacting us. Those rights include:

Right of access to your personal data
Right to rectify your personal data if they are incorrect
Right to erase your personal data
Right to limit the processing of your personal data
Right to the portability of your personal data
Right to object to the processing of your personal data
Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

If you have any questions about these rights, wish to exercise them, or request an appeal, see Requesting information or contact us. Additionally, you may contact Tamber's Privacy Officer by emailing contact@tamber.ai.

Information for users in Australia

We comply with the Privacy Act 1988 (Cth) including the Australian Privacy Principles. You may contact us with questions or to complain about any privacy issues by emailing contact@tamber.ai. If you believe that we have failed to resolve the privacy complaint satisfactorily you have the option of contacting the OAIC.

Information for users in Brazil

Overview. As described in the How to control your privacy section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in Brazil are afforded the right to certain additional information with respect to their Personal Data under the Lei Geral de Proteção de Dados (LGPD). If you are a Brazilian resident, this section applies to you.

Exercising your rights. All our users have control over their information and can directly edit or delete information from their account and limit what data we process. Users in Brazil have additional rights that you can exercise by contacting us. Those rights include:

Right of access to your personal data
Right to rectify your personal data if it is incorrect
Right to erase your personal data
Right to limit the processing of your personal data
Right to the portability of your personal data
Right to object to the processing of your personal data
Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.
Right to the review of decisions based on the processing of personal data carried out exclusively by automated means.

Questions or concerns about your privacy? You can email us at contact@tamber.ai.

Information for users in Canada

Overview. As described in the How to control your privacy section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in Canada are afforded the right to certain additional information with respect to their Personal Data under the Personal Information and Electronic Documents Act (PIPEDA). If you are a Canadian resident, this section applies to you.

Exercising your rights. Users in Canada have additional rights that you can exercise by contacting us. Those rights include:

Right of access to your personal data
Right to rectify your personal data if they are incorrect
Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.
Right to file a complaint regarding the processing of your personal data with the Office of the Privacy Commissioner of Canada.

Information for Users in the Republic of Korea

Overview. As described in the How to control your privacy section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in the Republic of Korea are afforded the right to certain additional information with respect to their Personal Data under the Personal Information Protection Act. If you are a Republic of Korea resident, this section applies to you.

Data retention and destruction. We retain Personal Data until we determine it is no longer needed for the processing purposes for which we collected or retain it or for legal compliance.

Exercising your rights. All our users have control over their information and can directly edit or delete information from their account and limit what data we process. Users in the Republic of Korea have additional rights that you can exercise by contacting us. Those rights include:

Right of access to your personal data
Right to rectify your personal data if they are incorrect
Right to erase your personal data
Right to limit the processing of your personal data
Right to the portability of your personal data
Right to object to the processing of your personal data
Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

Notice at Collection (Marketing Pages)

Our publicly accessible pages, like https://tamber.music/, use technologies that collect and share information from visitors and their devices for targeted advertising purposes, as described in this Landing Page Notice at Collection ("Notice"). Tamber's Apps do not include those technologies. Identifiable data, and data collected by our Apps, are processed in accordance with the Tamber Privacy Policy.

Scope. This Notice does not apply to data about the use or users of the Tamber App for mobile devices, including prospective users.

While you remain a visitor, Tamber learns nothing it can use to identify you as a human being. (We do try to learn whether visitors are human, and not bots.) We receive visitors' current IP address and browser configuration. So do technologies from ad companies like Google and Meta, which can associate that data with their own identifiers and map a visitor's activity across the web.

We allow these technologies so we can advertise Tamber to visitors later, since visitors have shown an interest in Tamber by visiting our open-access pages. We don't 'sell' this data — like all advertisers, we pay a premium to present ads to our prior visitors.

However, our public-facing pages are designed to respect visitor rights and choices when it comes to targeted ads:

If you send a Global Privacy Control signal (a browser or device-level setting), we have detected that and turned off sharing for you.
To opt out of sharing here, click Do Not Sell or Share My Info.
Additionally, you can control data collection from your device and browser across the web:
- Ad Choices. Some advertisements and other content may be delivered by third-party advertising networks and advertisers that use identifiers, cookies and similar for mobile devices, to collect and track information such as demographics, inferred interests, aggregated information, and other data to assist them in delivering advertising that is more relevant to your interests. To find out more about third-party advertising networks and similar entities that use these technologies, see https://youradchoices.com/, and to opt out of certain providers' use of such technologies please visit https://optout.aboutads.info or the AppChoices app to opt out on mobile.
- Tracking Technology & Cookies. Your browser and device likely include settings that allow you to prevent or restrict tracking software and cookies from operating or being placed on your device. Follow the instructions yours make available. Restrictive settings may affect some features and functionality on our landing pages and other websites.

Please note that we do not share or sell information about the use or users of the Tamber App. This Notice only applies to our generally accessible pages that don't require an account to access. The Tamber Privacy Policy, not this Notice, applies to information we collect or process on the Tamber App.