1. Introduction
This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our platform. By using our service, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Account Information (Artists)
When you create an account, we collect:
- Email address (required for account creation and communication)
- Password (stored in encrypted/hashed format)
- Name or artist name
- Subdomain (unique identifier for your fan page)
- Profile picture (optional, stored in cloud storage)
- Social media links (optional: TikTok, Instagram, Spotify, Twitter, YouTube, Facebook, SoundCloud, Website, Apple Music, Tidal)
- Custom color preferences and settings
- Subscription and payment information (processed through Stripe)
2.2 Uploaded Content (Fans)
When you upload content, we collect:
- Video files and associated metadata (filename, file size, file type, upload timestamp)
- Original file creation date (if available from your device)
- Consent acknowledgment and timestamp (when you agree to Terms of Service)
- Song tags (if song recognition is enabled)
- Optional: Email address and name (if you choose to subscribe to artist updates)
- Optional: Instagram username (if provided during subscription)
2.3 Email Subscribers
If you subscribe to receive updates from an artist, we collect:
- Name
- Email address
- Instagram username (optional)
- Subscription timestamp
2.4 Event Information
Artists may create events with:
- Event name and description
- Location data (latitude, longitude, city, country) - optional
- Upload scheduling information
2.5 Technical Information
We may automatically collect:
- IP addresses (for security and analytics)
- Browser type and version
- Device information
- Usage data and analytics
- Session information (via NextAuth.js)
3. How We Use Your Information
We use the collected information for:
- Providing and maintaining our service
- Processing account registrations and authentication
- Storing and displaying uploaded content
- Enabling artists to collect and manage fan-uploaded videos
- Processing subscription payments (via Stripe)
- Sending email notifications (verification, password reset, updates)
- Providing customer support
- Improving our service and user experience
- Detecting and preventing fraud or abuse
- Complying with legal obligations
4. Data Storage and Security
Your data is stored securely using the following services:
- Database: PostgreSQL database (Supabase) - stores account information, metadata, and settings
- File Storage: Cloudflare R2 - stores uploaded video files and profile pictures
- Payment Processing: Stripe - handles subscription and payment data (we do not store credit card information)
- Email Service: Resend - sends transactional emails
We implement appropriate technical and organizational security measures to protect your personal information, including encryption, secure password hashing, and access controls. However, no method of transmission over the Internet or electronic storage is 100% secure.
5. Data Retention
We retain your information for as long as necessary to provide our services and comply with legal obligations:
- Account Data: Retained until you delete your account
- Uploaded Content: Retained until deleted by the artist or account deletion
- Email Subscribers: Retained until unsubscribed or artist account deletion
- Subscription History: Retained for legal and accounting purposes
- Consent Records: Retained as required by law for legal protection
When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal, regulatory, or accounting purposes.
6. Your Rights (GDPR/CCPA Compliance)
Depending on your location, you may have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured, machine-readable format
- Right to Object: Object to processing of your personal data
- Right to Withdraw Consent: Withdraw consent for data processing
To exercise these rights, please contact us using the information provided in the Contact section below, or use our GDPR Data Deletion endpointto request account deletion (requires authentication).
7. Third-Party Services
We use the following third-party services that may collect information:
8. Cookies and Tracking
We use session cookies for authentication and to maintain your login state. We do not use tracking cookies or third-party advertising cookies. You can control cookies through your browser settings.
9. Children's Privacy
Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Material changes will be communicated via email or prominent notice on our platform.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
- Email: dntaskalex@gmail.com
- For GDPR/Data Requests: dntaskalex@gmail.com
- For DMCA/Copyright: dntaskalex@gmail.com