Musicstax Metrics Privacy Policy

Last Updated: 17 March, 2025

Provided by Musicstax Limited, a New Zealand registered company

1. Information We Collect

1.1 Sign-Up Information

When you sign up for Musicstax.com using your Spotify credentials, we collect the following personal data:

  • Spotify username
  • Email address

We do not collect or store any other personal information from your Spotify account. During authentication, we request only the minimum permissions needed to allow you to log in to our service.

1.2 Cookies and Tracking

Musicstax does not use any direct tracking or analytics cookies. We only use essential authentication cookies necessary to keep you logged in to our platform. These session cookies are temporary and expire when you close your browser.

Our third-party service providers may use cookies and similar technologies, as detailed in Section 10 (Third-Party Services).

We do not respond to browser "Do Not Track" signals as we do not track users across websites.

2. How We Use Your Information

  • To provide and personalize services on Musicstax.com.
  • To authenticate your identity and maintain your account.
  • To communicate with you about your account or platform updates.

While we do not perform direct tracking, our site uses third-party services for analytics and advertising:

  • Google Analytics - for general site usage patterns
  • PostHog - for performance monitoring

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract - Processing necessary for the performance of our contract with you to provide Musicstax services.
  • Consent - Your consent, which you can withdraw at any time.
  • Legitimate Interests - Our legitimate interests in providing and improving Musicstax Metrics.
  • Legal Compliance - Compliance with legal obligations where applicable.

4. Data Retention

We retain your personal data for as long as necessary to provide our services and to comply with our legal obligations. If you close your account, we will delete your data within 30 days, unless we are required to retain it longer for legal or regulatory reasons.

Inactive accounts may be automatically deleted after 24 months of inactivity. We will send a notification email before deletion.

5. Advertising

Musicstax.com displays ads operated by SnackMedia. These ads may use cookies or similar technologies to deliver tailored advertising content. Musicstax.com does not collect or store information related to ad performance or your interactions with ads.

You can control personalized advertising preferences through your browser settings or by visiting industry opt-out pages like www.youronlinechoices.com or www.aboutads.info/choices.

6. What We Don't Do

  • We do not sell your personal data to third parties.
  • We do not store or track additional user information beyond what is outlined in this policy.
  • We do not use your data for automated decision-making or profiling.
  • We do not collect your Spotify listening history or playlists.
  • We do not track your activity across other websites.

7. Data Security

We take reasonable technical and organizational measures to protect your information from unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.

These security measures include:

  • Secure HTTPS connections for all website traffic
  • Regular security updates and patches
  • Access controls and authentication for all data
  • Encryption of sensitive data

8. Your Rights

You have the following rights regarding your personal data:

  • Access your personal data.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or request restriction of processing.
  • Request data portability in a commonly used format.
  • Withdraw your consent at any time (where applicable).
  • Lodge a complaint with a data protection authority.

To exercise any of these rights, please contact us at hello@musicstax.com. We will respond to your request within 30 days. For verification purposes, we may ask for information to confirm your identity before processing your request.

9. International Data Transfers

Your information is stored and processed in the United States on AWS servers. We take appropriate steps to ensure your data is treated securely and in accordance with this Privacy Policy. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States.

For transfers from the EEA, UK, or Switzerland to countries not deemed adequate by the European Commission, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to protect your personal data.

10. Third-Party Services

This Privacy Policy applies only to Musicstax.com. We are not responsible for the privacy practices of third-party services. These third parties include:

  • Spotify - Used for authentication only
  • SnackMedia - Provides advertising on our platform
  • Google Analytics - Site analytics provider
  • PostHog - Performance monitoring
  • AWS - Cloud hosting provider

These services may use cookies and collect data according to their own privacy policies. We encourage you to review their privacy policies:

We have data processing agreements in place with these providers where applicable.

11. Children's Privacy

Musicstax Metrics is not intended for children under the age of 13 (or 16 in some jurisdictions). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

We rely on Spotify's age verification during the authentication process, as their terms of service require users to meet minimum age requirements.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the "Last Updated" date at the top of this page and notify you of material changes via email or through a notice on our website.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact:

Email: hello@musicstax.com

Data Controller: Musicstax Limited, New Zealand Registered Company.

14. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will:

  • Notify affected users via email within 72 hours of discovering the breach.
  • Provide information about the nature of the breach, the data affected, and steps we're taking to address it.
  • Notify relevant regulatory authorities as required by applicable law.
  • Take immediate steps to contain and mitigate the breach.

15. Specific Regional Rights

15.1 European Union (GDPR)

If you are a resident of the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR). These are covered in Section 8, but you also have the right to lodge a complaint with your local data protection authority.

15.2 California (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

  • The right to know what personal information is collected, used, shared, or sold.
  • The right to delete personal information held by businesses.
  • The right to opt-out of the sale of personal information.
  • The right to non-discrimination for exercising your CCPA rights.

Please note that Musicstax does not sell personal information as defined by the CCPA/CPRA.

15.3 Other Regions

Residents of other regions may have similar rights under local laws. We will respect these rights regardless of your location.

By using Musicstax Metrics, you agree to this Privacy Policy provided by Musicstax Limited in full.