Season 1: Jammin' Alpacas Journey to the Music Hall of Fame Club — Trailer Out Now!
New at The Merch Table — Limited Edition Vinyl, Funko POPs & Turntables
The Jammin' Review is live — Upload your concert footage & discover hidden gems
Join the herd — Buy $JPACA and unlock your Jammin' Alpaca NFT
Welcome to the Music Hall of Fame Club — Where every night is a legendary show
Season 1: Jammin' Alpacas Journey to the Music Hall of Fame Club — Trailer Out Now!
New at The Merch Table — Limited Edition Vinyl, Funko POPs & Turntables
The Jammin' Review is live — Upload your concert footage & discover hidden gems
Join the herd — Buy $JPACA and unlock your Jammin' Alpaca NFT
Welcome to the Music Hall of Fame Club — Where every night is a legendary show
Back to Resources & Policies

Privacy Policy

Last updated: April 27, 2026

Music Hall of Fame Club Ecosystem — Master Policy

Effective date: April 27, 2026 Version: 2.0 Last updated: April 27, 2026

Canonical version: This policy is published canonically at musichofc.com/policies/privacy and applies across the Music Hall of Fame Club ecosystem, including jamminalpacas.com, merch.musichofc.com, and jamminreview.com. The version published at musichofc.com/policies/privacy controls in case of any inconsistency.

Introduction

This Privacy Policy describes how Jammin Alpacas LLC, a Delaware limited liability company with a principal office at 120 Eagle Rock Avenue, Suite 155, East Hanover, NJ 07936 ("Jammin Alpacas LLC," "we," "us," or "our"), collects, uses, shares, and protects information when you interact with the Music Hall of Fame Club™ ecosystem.

This Privacy Policy applies to:

  • The Music Hall of Fame Club™ website at musichofc.com
  • The Jammin' Alpacas website at jamminalpacas.com
  • The Merch Table at merch.musichofc.com
  • The Jammin' Review at jamminreview.com
  • Any related applications, smart contract interfaces, member-only experiences, and other services we operate

(collectively, the "Services").

By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, you must not use the Services.

1. Important Notice About Blockchain Data

Public blockchains — including the Base network on which $JPACA and Jammin' Alpacas NFTs are deployed — record transactions in a permanent, public, and pseudonymous ledger. Information recorded on a public blockchain is not private, cannot be deleted by Jammin Alpacas LLC, and is not subject to the data subject rights described in this Privacy Policy. This includes wallet addresses, transaction histories, NFT holdings, smart contract interactions, and any data inscribed on-chain.

You should understand the public nature of blockchain data before participating in any aspect of the ecosystem that involves on-chain transactions.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you:

  • Create an account on the Jammin' Review or sign up for any other gated feature
  • Subscribe to communications, newsletters, or community channels
  • Submit information through forms (contact, support, feedback)
  • Upload content to the Jammin' Review (including video, audio, descriptions, metadata, and tags)
  • Make a purchase through The Merch Table
  • Communicate with us by email, chat, or other channels
  • Participate in surveys, contests, promotions, or community events

The categories of information you provide directly include:

  • Identifiers: name, email address, username, mailing address (for shipping), phone number
  • Account credentials: passwords (stored hashed)
  • Payment information: handled by third-party payment processors (we do not store full payment card numbers — see Section 5 below)
  • Communications: messages, support tickets, comments
  • User-generated content: uploads, posts, comments, votes
  • Demographic information if voluntarily provided

2.2 Blockchain and Wallet Information

When you interact with on-chain features (such as connecting a wallet, minting, or holding NFTs), we may collect:

  • Public wallet addresses
  • On-chain transaction data (NFT holdings, $JPACA transactions, mint history)
  • Signed message data used for wallet-based authentication

Wallet addresses are pseudonymous identifiers and are public on the blockchain. We never request, access, or store your private keys or seed phrases. No legitimate Jammin Alpacas LLC employee or representative will ever ask for them.

2.3 Information Collected Automatically

When you interact with the Services, we automatically collect:

  • Device and connection information: IP address, browser type and version, operating system, device type, language preferences, time zone
  • Usage information: pages visited, links clicked, time spent, referring URLs, navigation paths
  • Diagnostic data: error logs, performance metrics
  • Cookies and similar technologies: see Section 6 below

2.4 Information from Third Parties

We may receive information about you from:

  • Payment processors and commerce platforms (e.g., Shopify) — order details, shipping addresses, transaction status
  • Wallet providers and blockchain analytics services — wallet address verification, sanctions and OFAC screening data
  • Social media platforms (where you connect them, e.g., Discord identity verification)
  • Marketing and analytics partners — aggregated usage and engagement data

3. How We Use Information

We use the information described above to:

  • Operate, maintain, and improve the Services
  • Verify NFT-gated and token-gated access
  • Process transactions and fulfill orders through The Merch Table
  • Communicate with you about the Services, including updates, security notices, and (with your consent where required) marketing messages
  • Provide customer support
  • Monitor and protect the security and integrity of the Services
  • Detect, prevent, and respond to fraud, abuse, sanctions violations, and other illicit activity
  • Comply with applicable laws, regulations, and lawful requests from government authorities
  • Enforce our Terms of Use, NFT License, and other policies
  • Conduct analytics, research, and product development
  • Personalize and optimize your experience
  • Establish, exercise, or defend legal claims

We do not sell personal information for monetary consideration. Whether the term "sale" or "share" applies under specific U.S. state laws (such as the CCPA/CPRA) is addressed in Section 11 below.

4. NFT-Gated and Token-Gated Access

NFT ownership and $JPACA holdings may be used to verify access to certain features, member experiences, discounts, or benefits. Verification is performed through public blockchain data via standard cryptographic signature validation. We do not access your wallet beyond the read-only verification required to confirm ownership of qualifying assets.

When you connect your wallet, you may be asked to sign a message confirming control of the wallet address. Signing a verification message does not authorize any transaction or transfer.

5. Commerce and Payments

The Merch Table is operated by Jammin Alpacas LLC using a headless Shopify backend. When you make a purchase:

  • Payment information (credit card numbers, etc.) is collected and processed directly by Shopify and its payment processors. We do not receive or store full payment card data.
  • Order, shipping, and fulfillment data is shared between Jammin Alpacas LLC and Shopify (and any third-party fulfillment partners) for the purpose of completing your purchase.
  • Shopify's privacy practices apply to data they process. See Shopify's Privacy Policy at shopify.com/legal/privacy.

6. Cookies and Similar Technologies

We use cookies and similar tracking technologies (such as web beacons and local storage) on the Services. Cookies fall into the following categories:

  • Strictly necessary cookies: required for the Services to function (authentication, security, session management). These cannot be disabled.
  • Functional cookies: enable enhanced features such as preferences, language settings, and persistent login.
  • Analytics cookies: collect aggregated usage data to help us understand how the Services are used and improve them.
  • Marketing cookies: may be set by us or third parties to deliver advertising relevant to your interests, where applicable.

You can control non-essential cookies through your browser settings or, where required by law, through a cookie consent banner provided on the Services. EU and UK users will be presented with a consent banner that defaults to no non-essential cookies. U.S. users in jurisdictions with applicable laws (including California) may control cookies through site controls and global privacy signals where supported.

7. How We Share Information

We share information in the following circumstances:

7.1 Service Providers and Vendors

We share information with third-party service providers who help us operate the Services, including:

  • Hosting and infrastructure providers (e.g., Vercel, AWS)
  • Payment processors and commerce platforms (e.g., Shopify, Stripe)
  • Wallet and blockchain analytics services (e.g., for sanctions screening)
  • Email, communications, and customer support tools
  • Analytics providers
  • Fraud prevention and security services
  • Fulfillment, shipping, and logistics partners (for The Merch Table)

These providers are obligated to use the information only to perform services for us and in accordance with applicable law.

7.2 Compliance with Law and Protection of Rights

We may disclose information when we believe in good faith that disclosure is required or permitted by law, including:

  • To comply with subpoenas, court orders, or government requests
  • To enforce our Terms, NFT License, or other policies
  • To protect the rights, property, or safety of Jammin Alpacas LLC, our users, or the public
  • To detect, investigate, or prevent fraud, security incidents, or illegal activity
  • In connection with sanctions, anti-money-laundering, or counter-terrorism compliance

7.3 Business Transfers

If Jammin Alpacas LLC is involved in a merger, acquisition, reorganization, sale of assets, or similar transaction, information may be transferred as part of that transaction. We will provide notice of such transfers where required by law.

7.4 Public Blockchain Networks

As described in Section 1, transactions you initiate on public blockchains are recorded publicly and are not subject to our control.

7.5 With Your Consent

We may share information with your consent or at your direction (for example, when you opt to share content publicly on the Jammin' Review).

8. Data Retention

We retain information for as long as necessary to provide the Services, fulfill the purposes described in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

Data categoryRetention period
Account profile and credentialsUntil you delete your account, plus up to 12 months for backup, fraud prevention, and legal compliance
Transaction records (Merch Table)7 years (to comply with U.S. tax and accounting requirements)
Customer support communications3 years from last interaction
Marketing communications dataUntil you opt out, plus reasonable suppression-list retention to honor your opt-out
Uploaded content on Jammin' ReviewUntil you remove the content or delete your account; backup copies for up to 90 days thereafter
Server and security logsUp to 13 months
On-chain transaction dataPermanent (as recorded on public blockchain)

9. Security

We implement reasonable administrative, technical, and physical safeguards to protect information from unauthorized access, disclosure, alteration, or destruction. These include encryption in transit (HTTPS/TLS), encryption of stored credentials (hashed), access controls, and ongoing monitoring.

No system is completely secure. You should use strong, unique passwords, enable two-factor authentication where available, and use a reputable hardware wallet for high-value digital asset holdings. You are responsible for the security of your own wallet, recovery phrases, and private keys.

If we become aware of a data breach affecting your information, we will notify you and applicable regulators where required by law.

10. International Data Transfers

Jammin Alpacas LLC is based in the United States. Information we collect may be transferred to, stored in, and processed in the United States and other jurisdictions where we, our affiliates, or our service providers operate. These jurisdictions may have data protection laws that differ from those in your jurisdiction.

For users located in the European Economic Area, the United Kingdom, or Switzerland: where required, we use Standard Contractual Clauses or other lawful transfer mechanisms approved by the European Commission to safeguard the transfer of personal data outside those regions.

11. Your Privacy Rights

11.1 Rights Under the EU General Data Protection Regulation and UK GDPR

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights with respect to your personal data, subject to applicable conditions and exceptions:

  • Right of access — to obtain confirmation of whether we process your personal data and a copy of that data
  • Right to rectification — to correct inaccurate or incomplete personal data
  • Right to erasure ("right to be forgotten") — to request deletion of your personal data
  • Right to restriction of processing — to limit how we use your personal data in certain circumstances
  • Right to data portability — to receive a structured copy of your personal data in a machine-readable format
  • Right to object — to object to certain types of processing, including processing based on legitimate interests and direct marketing
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
  • Right not to be subject to automated decision-making — including profiling, where it produces legal or similarly significant effects
  • Right to lodge a complaint with a supervisory authority — including the European Data Protection Board, your local data protection authority, or the UK Information Commissioner's Office (ICO)

To exercise these rights, contact us at policies@mhofc.com. We will respond within the timeframes required by applicable law (generally one month for GDPR requests, with the possibility of a two-month extension for complex requests).

Lawful bases for processing. We process personal data on the following lawful bases as applicable: (a) performance of a contract with you (Article 6(1)(b)); (b) compliance with our legal obligations (Article 6(1)(c)); (c) our legitimate interests in operating, securing, and improving the Services and protecting our rights (Article 6(1)(f)); and (d) your consent (Article 6(1)(a)) for specific processing where consent is required.

11.2 Rights Under California Privacy Law (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to know — what personal information we collect, use, share, and (if applicable) sell or share
  • Right to delete — your personal information, subject to certain exceptions
  • Right to correct — inaccurate personal information
  • Right to opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising
  • Right to limit use of sensitive personal information to specific purposes
  • Right to non-discrimination for exercising these rights

Sale and sharing. We do not sell personal information for monetary consideration. We may "share" personal information for cross-context behavioral advertising (as that term is defined under California law) where you have not opted out. To opt out, contact us at policies@mhofc.com or use any "Do Not Sell or Share My Personal Information" link or global privacy signal mechanism we make available.

Submitting requests. California residents (or authorized agents acting on their behalf) may submit requests by emailing policies@mhofc.com. We will verify your identity before responding to substantive requests.

11.3 Rights of Other U.S. State Residents

Residents of certain other U.S. states (including Virginia, Colorado, Connecticut, Utah, and others as legislation expands) may have rights similar to those described above. To exercise rights under your state's law, contact us at policies@mhofc.com.

11.4 Rights of Other International Users

Residents of other jurisdictions with applicable data protection laws (such as Canada's PIPEDA, Brazil's LGPD, or others) may have rights with respect to their personal data. Contact us at policies@mhofc.com to inquire.

12. Children's Privacy

The core Services (musichofc.com, jamminalpacas.com, merch.musichofc.com) are not directed to or intended for individuals under 18, and we do not knowingly collect personal information from individuals under 18 through these properties.

The Jammin' Review may permit users aged 13 or older to participate, subject to applicable parental consent requirements under COPPA and similar laws. See the Jammin' Review Uploader Terms for specific requirements.

If we learn that we have collected personal information from a child below the applicable age threshold without proper consent, we will delete it. If you believe a child has provided personal information to us, contact us at policies@mhofc.com.

13. Marketing Communications

If you opt in to marketing communications, you may unsubscribe at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Adjusting your preferences in your account settings (where applicable)
  • Contacting us at policies@mhofc.com

Opting out of marketing communications does not affect transactional or service-related messages (such as order confirmations, security notices, or important policy updates).

14. Third-Party Links and Services

The Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before sharing information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated through the Services where feasible (for example, by email to registered users or by prominent notice on the website).

Your continued use of the Services after an update constitutes acceptance of the updated Privacy Policy.

16. Contact

For questions, requests, or complaints about this Privacy Policy or our privacy practices, please contact:

Jammin Alpacas LLC Attn: Privacy & Data Protection 120 Eagle Rock Avenue, Suite 155 East Hanover, NJ 07936 United States Email: policies@mhofc.com

For general support inquiries: help@jamminalpacas.com

This policy applies across the Music Hall of Fame Club ecosystem. The canonical version is published at musichofc.com/policies/privacy.

Music Hall of Fame Club™ and Jammin' Alpacas are trademarks of Jammin Alpacas LLC.