Privacy Policy

Last updated: October 1, 2025

This Privacy Policy explains how TMC Publishing Limited (“Musicsesame”, “we”, “us”, “our”) collects, uses, and protects personal data when you visit our website, create an account, purchase a subscription, or contact us. We are the data controller under UK GDPR and the Data Protection Act 2018.

1) Contact & Controller

Controller: TMC Publishing Limited
Email: info@musicsesame.com

2) Data We Collect

3) How We Use Personal Data

4) Legal Bases (UK GDPR)

5) Sharing & Processors

We share personal data with trusted service providers strictly for the purposes above, including: payments (Stripe), membership/subscriptions, hosting/infrastructure, analytics, and customer support. Providers are bound by contracts to protect data and act only on our instructions. We do not sell personal data.

6) International Transfers

Where data is transferred outside the UK/EEA, we use appropriate safeguards such as the UK Addendum to the EU Standard Contractual Clauses or adequacy decisions, as applicable.

7) Retention

8) Your Rights

You have the right to access, rectification, erasure, restriction, objection, and data portability, and to withdraw consent where processing relies on consent. To exercise rights, email info@musicsesame.com. You can also lodge a complaint with the Information Commissioner’s Office (ICO) in the UK.

9) Cookies & Analytics

We use essential cookies for authentication, security, and core functionality. With your consent, we use analytics cookies to understand usage and improve performance. You can manage non-essential cookies via our banner or your browser settings; disabling essential cookies may affect site functionality.

10) Payments

Payments are processed by Stripe. Stripe handles card data in accordance with PCI-DSS. We receive transaction metadata (e.g., last 4 digits, card type, expiry, status) to manage your subscription.

11) Security

We implement technical and organisational measures appropriate to risk, including access controls, encryption in transit, least-privilege access, and monitoring. No method is 100% secure; we continuously improve safeguards.

12) Children

Our services are not directed to children under 16. If you believe a child has provided personal data, contact us and we will delete it.

13) Changes

We may update this policy. The “Last updated” date reflects the current version. Material changes will be highlighted on the site or via email where appropriate.

14) Contact

Privacy enquiries and rights requests: info@musicsesame.com