Privacy Policy
Last updated: August 21, 2025
Information We Collect
Account Information
- OAuth Data: When you log in with Twitch or Kick, we receive your platform user ID, username, and profile picture URL
- API Keys: We generate and store encrypted API keys for track submission authentication
- Profile Settings: Chart visibility preferences, public profile settings, and Discord invite links (optional)
Anonymous Users
- Anonymous API Keys: Server-generated keys for users who submit tracks without registering
- Track Data: Same music metadata as registered users (songs, artists, timestamps, platforms)
- Rate Limiting Data: We monitor anonymous key creation to prevent abuse
- No Personal Information: Anonymous users are not associated with any personal identifiers
Track Data
- Music Metadata: Song titles, artists, albums, genres, BPM, duration, and timestamps
- Platform Information: Twitch/Kick channel names associated with track plays
- Request Information: Song requester names when applicable
What We Don't Collect
- File paths or system information from your computer
- Chat logs or stream content
- Authentication tokens or passwords
- Personal information beyond what's provided by OAuth
How We Use Your Information
- Chart Generation: Create community music charts and statistics
- Profile Features: Display your listening history and statistics (when enabled)
- Service Improvement: Analyze usage patterns to improve the service
- Spam Prevention: Detect and prevent duplicate submissions
- Anonymous Data: Track plays from anonymous users contribute to charts but identities remain hidden
Data Sharing
We do not sell or share your personal data with third parties. Public chart data (song titles, artists, play counts) may be visible to other users when you enable chart participation.
Your Rights
- Access: View all your data through the dashboard data export feature
- Control: Manage your privacy settings and chart visibility
- Deletion: Delete your account and all associated data at any time
- Correction: Update your profile information through the dashboard
- Data Claiming: Registered users can claim and transfer data from anonymous accounts they previously used
Data Security
We implement industry-standard security measures including:
- Encrypted API key storage using bcrypt
- SSL/HTTPS encryption for all communications
- Secure database hosting with access controls
- Regular security updates and monitoring
Data Retention
Your data is retained as long as your account is active. When you delete your account, all associated data is permanently removed from our systems.
Anonymous User Data
- Retention Period: Unclaimed anonymous data may be retained indefinitely as it contains no personal identifiers
- Rate Limiting Records: Anonymous key creation attempts are tracked temporarily to prevent abuse
Contact Us
If you have questions about this Privacy Policy, please contact us through our contact page.