We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share personal information across our website and related services (collectively, “the Website”) in compliance with applicable laws, including the UK General Data Protection Regulation (UK GDPR).
1. Information We Collect
We collect personal information only when necessary to provide our services, with your knowledge and consent where required. The types of data we collect include:
Account Information: When you register, we collect your name and email address to create and manage your account.
Payment Information: Our payment processor, Stripe, collects payment details (e.g., card information) to process credit purchases. We do not store payment details directly.
Publicly Available Data: We may collect contact information (e.g., email addresses) from public sources, such as Instagram bios, where playlist owners explicitly invite music submissions. This is processed in accordance with applicable laws.
Technical Data: We collect device and usage data (e.g., IP address, browser type) via cookies to maintain Website functionality and security.
2. How We Use Your Information
We use your information to:
Provide and improve the Website’s services, including playlist discovery and submission facilitation.
Process payments via Stripe for credit purchases.
Communicate with you about your account or support requests.
Ensure Website security and compliance with legal obligations.
3. Lawful Basis for Processing
We process personal data under the following bases:
Consent: Where you explicitly agree (e.g., providing account details).
Legitimate Interests: For processing public contact information (e.g., Instagram emails) to facilitate music submissions, provided it aligns with owners’ expectations and we have conducted a Legitimate Interests Assessment.
Contract: To fulfill our agreement with you (e.g., providing paid services).
Legal Obligation: To comply with applicable laws.
4. Data Sharing
We do not share personally identifiable information publicly or with third parties, except:
With service providers (e.g., Stripe, Supabase) to process payments or secure data, under strict data protection agreements.
When required by law or to protect our rights.
Publicly available data (e.g., playlist owner emails) may be shared with paid users for submission purposes, but only with a lawful basis (e.g., consent or legitimate interests).
5. Data Storage and Security
We retain personal data only as long as necessary to provide our services or comply with legal obligations. Data is stored securely using commercially acceptable measures, including:
Supabase authentication and encryption for account and database security.
Secure payment processing via Stripe.
Regular security assessments to prevent unauthorized access, loss, or theft.
If data is transferred outside the UK (e.g., via Supabase servers), we use Standard Contractual Clauses or equivalent safeguards to comply with UK GDPR.
6. Your Rights
Under UK GDPR, you have rights to:
Access, correct, or delete your personal data.
Object to or restrict processing.
Withdraw consent (where applicable), though this may limit services.
Lodge a complaint with the UK Information Commissioner’s Office (ICO).
To exercise these rights, contact us at support@example.com.
7. Cookies
We use essential cookies to maintain your session and ensure Website functionality. These cookies are mandatory for the Website to work. We do not use tracking or marketing cookies. Our analytics tool is privacy-first and does not use cookies.
8. Third-Party Links
The Website may link to third-party sites (e.g., Instagram) we do not control. We are not responsible for their content or privacy practices. Use of these sites is at your own risk.
9. Refusal of Information
You may refuse to provide personal information, but this may prevent us from offering certain services (e.g., account creation, premium features).
10. Changes to This Policy
We may update this Privacy Policy at any time. The current version is posted on the Website, and your continued use constitutes acceptance.
11. Contact
For questions or to exercise your data rights, contact us at support@example.com.
12. Governing Law
This Privacy Policy is governed by the laws of England and Wales.