Privacy Policy

Last updated: April 29th, 2026

TL;DR

We're Odisei Music S.L., with Tax ID: B67566026, a Spanish music-tech company that makes electronic wind instruments and runs the Odisei Instruments and the Odisei Play apps. We run this website, which is also an online store (the "Services"), powered by Shopify.

This Privacy Policy explains how we collect, use, and disclose your personal information when you browse, buy, or get in touch with us. If anything here conflicts with our Terms of Service, this Privacy Policy prevails on data matters. By using the Services, you acknowledge that you've read and understood it.

Data Collection

"Personal information" means anything that identifies you or could reasonably be tied back to you. Anonymous or de-identified data isn't covered here.

What we actually collect depends on how you use the Services, where you live, and what the law requires. In practice, it falls into seven buckets:

• Who you are: name, email, phone, billing and shipping addresses.
• How you pay: card details, payment method, transaction confirmations. Full card numbers are handled by our payment processor; we only see what we need to confirm the sale.
• Your account: username, password, security questions, preferences, settings.
• What you do on our online shop: items viewed, added to cart or wishlist, bought, returned, exchanged, or cancelled, plus your order history.
• What you tell us: anything you write to us, for example in a support ticket or warranty claim.
• Your device: browser, network, IP address, and similar identifiers your device sends automatically.
• How you use the site: which pages you visit, in what order, and when.

We may also make educated guesses based on your personal information (for example, that you're likely a saxophonist if you bought a Travel Sax 2).

Where It Comes From

All of the above reaches us through four channels:

• You: when you create an account, place an order, write to us, or fill out anything on the site.
• Your device: automatically, via cookies and similar tech, when you browse the site or use our products.
• Our service providers: partners like Shopify, Klaviyo, and our payment processors that handle data on our behalf to make the Services run.
• Other third parties: for example, advertising platforms that share audience insights with us, or referral partners who introduce you to us.

How We Use Your Personal Information

To run our online shop: Process your order, take payment, ship your instrument, handle returns and exchanges, manage your account, remember your preferences, let you leave reviews, and recommend products you might actually want. This is the day-to-day work of being your store.

To market to you: Send emails, app notifications about new products and promotions, and show you relevant ads on our site or elsewhere, usually based on what you've browsed or left in your cart. You can opt out at any time.

To keep things safe: Verify it's really you signing in, secure your payments, and detect fraud or abuse. Please don't share your password — that part is on you!

To help when you ask: Answer your support tickets, troubleshoot issues, and stay in touch about your orders.

To stay on the right side of the law: Comply with regulations, respond to valid legal requests, and enforce our policies if someone misuses the Services.

How We Disclose Your Personal Information

With service providers who help us run the business: Shopify (our store platform), payment processors, shipping carriers, customer support tools, analytics, and cloud hosting. They handle data on our behalf and only for what we hired them to do.

With marketing and advertising partners: So we can show you relevant ads on other sites and platforms based on your activity with us. Depending on where you live, you can tell us to stop.

When you ask us to: For example, when you log in with Google or Facebook, share to social media, or have us ship to a friend's address.

Within the Odisei group: With companies that are part of Odisei, bound by the same rules you're reading here.

When the law or a major business event requires it: Court orders, subpoenas, regulatory requests, or a future merger, acquisition, or restructuring of Odisei Music.

One thing we never share: SMS opt-in data. If you give us your phone number for text messages, that consent stays between you and us. Period.

Children's Data

Our Services aren't built for children, and we don't knowingly collect data from anyone under the age of digital consent in their country (14 in Spain, 16 across most of the EU, 13 in the US). If you're a parent or guardian and your child has shared information with us, email us at privacy@odiseimusic.com and we'll delete it. We also don't knowingly sell or share the personal information of anyone under 16, in the legal sense those words carry under privacy law.

Security and Retention

Security: We use reasonable technical and organisational safeguards to protect your data — like encryption in transit and at rest, access controls, regular reviews. That said, no system is bulletproof, and data sent over the internet is never 100% secure. Avoid sending sensitive information through unsecured channels (like a public Wi-Fi form or unencrypted email).

Retention: We keep your personal information only as long as we need it — to run your account, deliver the Services, meet legal obligations (Spanish tax law, for example, requires us to keep invoices for 6 years), resolve disputes, and enforce our policies. When the need ends, we delete it or anonymise it so it can't be traced back to you.

Your Rights and Choices

Depending on where you live, you have some or all of the rights below. They aren't absolute — in some cases the law lets us decline, and we'll explain why if that happens.

Everyone gets these:

• Access: Ask what we hold about you.
• Delete: Ask us to remove it.
• Correct: Ask us to fix anything wrong.
• Portability: Get a copy in a usable format, or have us send it to another provider.
• Manage your inbox: Update your email preferences with us or unsubscribe from our comms any time via the links in our emails. We'll still send you the transactional essentials: order confirmations, shipping updates, account notices.

If you live in the UK or European Economic Area, you also get:

• Object or restrict: Tell us to stop or limit certain uses of your data.
• Withdraw consent: Whenever we rely on your consent, you can take it back. Anything we did before you withdrew stays lawful.

How to exercise any of this? Email privacy@odiseimusic.com. We may need to verify your identity first, and you can appoint someone to act on your behalf — we'll just need written proof they're authorised. We respond within the timeframe the law requires (typically 30 days under GDPR). For data Shopify processes directly (see Our Relationship with Shopify), submit your request through the Shopify Privacy Portal.

Complaints

If something about how we handle your data doesn't sit right, email us first at privacy@odiseimusic.com. We'd rather hear it from you and fix it.

If you're not satisfied with our response, you can take it further:

• In Spain: the Agencia Española de Protección de Datos (AEPD).
• Elsewhere in the EEA: your local data protection authority. Full list here.
• In the UK: the Information Commissioner's Office (ICO).

International Transfers

Odisei Music is based in Spain, but the tools we use to run the online shop (Shopify, Klaviyo, payment processors, analytics) are global, so your data may be stored or processed outside your country.

When that happens with data leaving the EEA or UK, we rely on recognised legal safeguards: the European Commission's Standard Contractual Clauses (SCCs), the UK equivalent, or, where relevant, a country that EU regulators have officially certified as offering adequate protection.

Our Relationship with Shopify

Our store runs on Shopify, so some of your data flows through Shopify's systems and may be processed in countries other than yours. That's how the platform works — without it, there's no checkout, no cart, no store.

Beyond hosting, we also use a few of Shopify's enhanced features that draw on data from interactions across our store, other Shopify merchants, and Shopify itself. For these features, Shopify acts as the data controller — meaning Shopify is the one responsible, including for handling your data rights requests. To learn more or exercise your rights with Shopify directly:

• Shopify Consumer Privacy Policy
• Shopify Privacy Portal (for submitting requests, depending on where you live.)

Third-Party Websites and Links

Our site sometimes links out to other places: partner sites, social platforms, blogs, news articles. Once you click through, you're on their turf, not ours. A few things to keep in mind:

• Their rules apply, not ours: Read their privacy and security policies before sharing anything.
• We can't vouch for them: We don't control what they do with your data, or whether their content is accurate or safe.
• Public is public: Anything you post on social platforms or other public spaces can be seen and reused by others, including us, without further notice.
• A link isn't an endorsement: We link to things we find useful or relevant, but that doesn't mean we back the site or its owner unless we say so explicitly.

Cookies

When you visit our site, we place small data files called cookies on your device. Some disappear when you close your browser; others stick around so we can recognise you when you come back, remember what's in your cart, and understand how the site is being used.

You're in control. On your first visit, our cookie banner lets you accept all, reject non-essential. You can also disable cookies in your browser settings.

Future Changes

We may update this policy when our practices evolve or the law requires it. When we do, we'll post the new version here and refresh the "Last updated" date at the top. For material changes — a new processing purpose, a new category of recipient, anything that meaningfully shifts how your data is handled — we'll give you advance notice by email or via a banner on the site, at least 30 days before the change takes effect.