Overview

Subliminal Fields (“we”, “us”, “our”) operates subliminalfields.com (the “Website” or the “Service”). This Privacy Policy explains the types of personal information we collect, how we use and share it, the legal bases for processing, security measures, and the choices and rights available to you under applicable laws including the GDPR (EU), CCPA (California), and LGPD (Brazil).

Our products are offered as entertainment, relaxation, and personal development audio. They are not medical treatments, diagnostic tools, or substitutes for professional care. We do not require health data to use the Service; any health-related statements are voluntary and explicit consent will be requested if collected.

Paddle, payments & Merchant of Record

We use third-party payment processors to accept payments. When you purchase via our checkout, Paddle.com Market Limited ("Paddle") acts as the Merchant of Record (MoR) for that transaction. This means:

  • Paddle is the Data Controller responsible for processing, securing, and retaining the personal data necessary to complete the financial transaction (including your payment card details, billing address, and transaction metadata).
  • Paddle may appear on your bank or card statement instead of Subliminal Fields.
  • Paddle will process and store payment card data according to their security practices and Privacy Policy. We do not store full card numbers on our servers.
  • Refunds and chargeback handling for purchases processed by Paddle are subject to Paddle’s processes and timing; we will assist and coordinate with Paddle where needed.

If you use another payment method on the Website (listed at checkout), that provider’s privacy and processing rules apply. We disclose transaction data to payment processors as necessary to complete purchases and to comply with legal obligations (fraud prevention, tax reporting).

What Personal Data we collect

We collect information necessary to operate the Service and fulfill orders. Categories include:

Identity & contact

Name, email address, billing & shipping address (if applicable), and social profile fields you choose to provide.

Payment & transaction data

Order details, transaction IDs, and metadata processed by payment processors (we do not store raw card numbers).

Verification documents (limited)

Only when strictly required for identity verification, bank transfers, or fraud prevention: e.g., ID documents, bank proof. We request these only with your consent and retain them securely for the minimum period required.

Usage & device data

IP address, device type, browser, pages visited, timestamps, and other diagnostic information collected automatically.

Special categories: we avoid collecting sensitive personal data (health, racial/ethnic, biometric) unless you voluntarily provide it and explicitly consent. If you do provide any sensitive information, we will process it only with your explicit consent and take additional safeguards.

Usage Data

“Usage Data” includes technical and behavioral information gathered automatically by our systems and analytics providers (e.g., IP address, device identifiers, pages viewed, timestamps, and error logs). We use Usage Data to maintain the Service, analyze performance, detect abuse, and improve user experience.

Tracking technologies & cookies

We use cookies and similar technologies (web beacons, local storage) to operate the Website, remember preferences, and provide analytics and advertising features. Common categories we use:

  • Necessary: session cookies, security, cart and checkout flow.
  • Functional: preferences, language, UI settings.
  • Performance: analytics to measure site usage and detect errors.
  • Targeting/Advertising: third-party cookies for interest-based advertising (only where permitted).

Manage cookies through our Cookies Policy, consent banner, or your browser privacy settings. Disabling certain cookies may limit site functionality.

How we use Personal Data

We process personal data for the following purposes:

  • To provide and maintain the Service, deliver purchases, and manage your account.
  • To process payments, prevent fraud, and comply with tax and legal obligations (working with Paddle and other payment processors).
  • To respond to support requests, security incidents, and disputes.
  • To personalize content and product recommendations where you consent.
  • To send transactional messages, order confirmations, and service updates.
  • For fraud detection, abuse prevention, and to protect the rights, property, or safety of Subliminal Fields and others.

Legal bases (GDPR): consent; contract performance; legal obligation; vital interests (rare); public interest (rare); legitimate interests (where balanced).

Sharing Personal Data & third parties

We share personal data only with parties necessary to provide the Service and as required by law. Typical recipients include:

  • Payment processors: Paddle and other checkout partners.
  • Hosting & infrastructure providers: cloud hosting, CDN, and backup services.
  • Analytics & email providers: analytics platforms and email delivery services.
  • Professional advisors: legal counsel and auditors.
  • Law enforcement / regulators: when required by law or to protect rights and safety.

We require third parties to use appropriate data security measures and to process data only for the purposes specified in our agreements. Where data is transferred to jurisdictions without an adequacy decision, we implement safeguards such as Standard Contractual Clauses (SCCs) or other lawful mechanisms.

Retention & deletion

We retain personal data only as long as necessary to fulfill the purposes described (service provision, legal compliance, tax obligations, legitimate business needs). Examples:

  • Order & transaction records — retained for accounting and tax compliance as required by law.
  • Support correspondence — retained until issues are resolved.
  • Analytics data — stored in aggregated or pseudonymized form for improvement; detailed logs retained temporarily for security.

When retention periods expire, we delete or anonymize personal data. Backups may contain residual copies for a limited period until overwritten.

International transfers

Your data may be processed in countries outside your own. When transfers occur, we apply safeguards such as EU Standard Contractual Clauses (SCCs) or other legally recognized mechanisms, and we require our processors to provide adequate protection.

By providing personal data, you consent to such transfers where permitted under applicable law.

Security

We use administrative, technical, and physical safeguards to protect personal data (encryption in transit, access controls, and continuous monitoring). While we take commercially reasonable measures to secure data, no system is completely secure. If a data breach occurs that risks your rights, we will notify you and regulators as required by law.

Your rights (GDPR, CCPA, LGPD)

Depending on your jurisdiction, you may have specific rights over your personal data:

GDPR (European Union)

  • Request access to personal data
  • Request correction or rectification
  • Request erasure (“right to be forgotten”), subject to legal exceptions
  • Restrict processing or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

CCPA (California)

  • Request disclosure of categories and specific pieces of personal information collected
  • Request deletion of personal information (subject to exceptions)
  • Opt-out of the sale or sharing of personal information
  • Right to non-discrimination for exercising your rights

LGPD (Brazil)

  • Confirmation of processing and access to personal data
  • Correction of incomplete or inaccurate data
  • Request anonymization, blocking, or deletion of unnecessary or excessive data
  • Data portability to another provider
  • Deletion of personal data processed with consent
  • Information about public or private entities with which data is shared
  • Revocation of consent

To exercise any of these rights, contact us at subliminalfields@gmail.com. We may ask for verification details to confirm your identity before processing a request. We respond in line with applicable law (GDPR: within one month; CCPA: within 45 days, extendable once).

Children & minors

The Service is not intended for children under the age permitted by local law. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us so we can remove it as required by law.

AI data processing

We may use AI tools for personalization, analytics, or improving our products. Such processing may include non-sensitive behavioral or textual data. Where AI involves personal data or automated decision-making, we will obtain consent and offer opt-out choices.

You can opt out of AI-based personalization at any time by contacting subliminalfields@gmail.com.

Contact & data requests

For privacy inquiries or to exercise your rights, contact us:

Please include the email address associated with your account and any relevant details to help us verify your identity.