Privacy Policy

Overview

TrackList ("we", "our", "us") is a music rating and discovery platform. This policy explains what data we collect, how we use it, and your rights regarding that data.

Data We Collect

Account information: When you sign in with Spotify, we receive your Spotify display name, email address, and profile photo. We do not receive or store your Spotify password.

Music ratings and content: We store the ratings, reviews, tags, and rankings you create within TrackList. This includes album ratings, song ratings, artist ratings, concert logs, and custom lists.

Spotify data: We use the Spotify Web API to search for music (albums, songs, artists), retrieve album artwork and track information, and access your top artists and recently played tracks (with your permission) to power personalized recommendations.

Usage data: We may collect basic usage analytics such as pages visited and features used to improve the service.

How We Use Your Data

• To provide the core TrackList experience — storing your ratings, rankings, and reviews
• To generate personalized music recommendations based on your rating history
• To display your profile and activity to other users (if your profile is set to public)
• To calculate and award achievements based on your rating activity
• To fetch concert and setlist data from Setlist.fm for the concert logging feature

Third-Party Services

TrackList integrates with the following services:

• Spotify: Authentication and music data. Governed by Spotify's Privacy Policy.
• Last.fm: Artist similarity data and genre tags for recommendations.
• Setlist.fm: Concert history and setlist data for concert logging.
• Supabase: Database hosting and file storage (profile photos). Data is stored securely in Supabase's cloud infrastructure.

Data Sharing

We do not sell your personal data to third parties. Your rating data may be visible to other TrackList users if your profile is set to public. You can control your profile visibility in Settings.

Data Retention

Your data is retained as long as your account is active. You can export all your data (ratings, reviews, and lists) as JSON from the Settings page. You can delete your account at any time, which permanently removes all associated data.

Your Rights

You have the right to:

• Access your data via the export feature in Settings
• Delete your account and all associated data
• Control your profile visibility (public or private)
• Control whether your activity appears in other users' feeds
• Choose whether to hide your scores from other users

Security

We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Spotify OAuth, and hosted infrastructure with Supabase and Vercel. We do not store passwords.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated revision date.

Contact

If you have questions about this privacy policy or your data, contact us at hello@tracklistapp.com.