Stats for SpotifyBack to Home

Privacy Policy

Last updated: March 27, 2026

1. Introduction

Stats for Spotify ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our application. We are committed to GDPR compliance and ensuring your data rights are protected.

2. GDPR Compliance

We are committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Object to data processing
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, please visit your profile settings or contact us directly.

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience and analyze how our service is used:

  • Essential Cookies: Required for authentication and core functionality (Supabase Auth). These cannot be disabled.
  • Analytics Cookies: Vercel Analytics and Speed Insights help us understand how users interact with our service. You can decline these via our cookie consent banner.
  • Preference Cookies: Store your settings like theme preferences and cookie consent choices.

You can manage your cookie preferences at any time through your browser settings or by clearing your browser data. Note that disabling certain cookies may limit functionality.

4. Data We Collect

When you use Stats for Spotify, we collect and store the following information from your Spotify account:

  • Your Spotify user ID and email address
  • Your display name and profile picture
  • Your top artists, tracks, and albums (as provided by Spotify's API)
  • Historical snapshots of your listening data to track changes over time

5. How We Use Your Data

We use your data solely to:

  • Display your current listening statistics
  • Track and visualize changes in your music preferences over time
  • Provide personalized insights about your listening habits
  • Enable social features to connect with friends who also use the service

We do not sell, share, or transfer your personal data to third parties for marketing purposes.

6. Data Storage and Security

Your data is stored securely using Supabase, which provides enterprise-grade security including:

  • Encryption at rest and in transit
  • Row Level Security (RLS) ensuring you can only access your own data
  • Regular security audits and compliance certifications
  • GDPR-compliant data processing and storage

7. Spotify API Usage

Stats for Spotify uses Spotify's Web API and Web Playback SDK to access your listening data and control playback. We request only the minimum permissions necessary:

  • user-read-email: To identify your account
  • user-top-read: To access your top artists and tracks
  • user-follow-read: To see who you follow on Spotify (for friend features)
  • user-follow-modify: To enable following friends from within the app
  • streaming: To play music directly in the app (Spotify Premium only)
  • user-modify-playback-state: To control playback (play/pause/skip)
  • user-read-playback-state: To show what's currently playing

We do not access your playlists, saved tracks, or any other Spotify features beyond what's listed above. Playback features require a Spotify Premium subscription.

8. Social Features & Friend Connections

Our friend features allow you to view listening stats of other users you mutually follow on Spotify:

  • Friendships are based on mutual Spotify follows (you both follow each other)
  • Stats visibility is controlled by your privacy settings (default: followers only)
  • You can search for other users by display name
  • Follow/unfollow actions sync with your Spotify account
  • We cache mutual follow status for up to 1 hour for performance

You can control who sees your stats in your profile settings: Public (anyone), Followers Only (mutual Spotify follows), or Private (nobody).

9. Your Rights

Under GDPR and other data protection laws, you have the right to:

  • Access: Export all your data at any time from your profile page in JSON or CSV format
  • Rectify: Update your display name and privacy settings from your profile page
  • Delete: Permanently delete all your data from our systems via your profile page
  • Restrict Processing: Control who can view your stats via privacy settings
  • Data Portability: Download your data in machine-readable formats
  • Object: Decline analytics cookies via our cookie consent banner
  • Revoke: Disconnect your Spotify account and revoke access at any time through your Spotify account settings

Important: Revoking access in Spotify settings does not automatically delete your stored data. To completely remove all your data, use the "Delete All Data" button on your profile page.

10. Data Retention

We retain your data only for as long as necessary to provide our service:

  • Listening History Snapshots: Stored to track changes in your music preferences over time. You can delete individual snapshots or all data at any time from your profile page.
  • Account Data: Basic profile information (name, email) is retained while your account is active.
  • Data Deletion: When you delete your account or revoke access, all your data (snapshots, rankings, and profile information) will be permanently removed within 30 days.
  • Spotify Content: We store historical rankings but regularly refresh artist names, track titles, and album artwork from Spotify to ensure accuracy.

You have full control over your data and can export or delete it at any time through your profile settings.

8. Third-Party Services

We use the following third-party services:

  • Spotify: For authentication and accessing your listening data
  • Supabase: For data storage and authentication
  • Vercel: For hosting the application

9. Cookies

We use essential cookies only for authentication purposes. We do not use tracking cookies or third-party analytics.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us through our support channels.