Spin ("we", "our", or "us") is a music logging and social discovery app. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. By creating an account or using Spin, you agree to the practices described here.
We do not sell your personal data. We do not serve ads. We do not share your information with third parties except as described below.
01
Information We Collect
Information you provide directly:
- Account credentials — email address and password, or your Apple ID when signing in with Apple
- Profile information — username, display name, bio, and profile photo
- Music logs — albums you log, star ratings (0.5–5), written reviews, and listen dates
- Lists — titles, descriptions, and album selections
- Social actions — follows, reactions, and "Currently Spinning" status updates
Collected automatically:
- Push notification token — only if you grant permission; used solely to deliver notifications to your device
- Error and crash logs — basic diagnostic data to help us fix bugs
We do not collect your location, contacts, microphone, camera, or any advertising identifiers.
02
How We Use Your Information
- To create and maintain your account
- To display your profile, logs, and lists to other users
- To power discovery features — personalized recommendations and taste compatibility scores derived from aggregated logging data
- To send push notifications you've opted into (e.g. reaction notifications)
- To enable data export from within the app
- To investigate abuse reports and enforce our Terms of Service
03
What Other Users Can See
Spin is a social app. The following is public by default to all users:
- Username, display name, bio, and profile photo
- Your music logs — album, rating, review text, and date
- Public lists you create
- Who you follow and who follows you
- Reactions you leave on logs
- Your "Currently Spinning" status while active
Your email address is never visible to other users under any circumstances.
04
Data Storage & Security
Your data is stored on Supabase infrastructure, hosted on AWS in the United States. Authentication tokens are stored using your device's secure enclave via iOS Keychain (expo-secure-store). Passwords are hashed and never stored in plaintext.
No security system is perfect. While we take reasonable precautions, we cannot guarantee absolute security of your data.
05
Third-Party Services
- Apple Music API — album metadata and artwork lookups. No personal user data is shared with Apple Music beyond standard API authentication.
- Supabase — database, authentication, and file storage provider.
- Apple Push Notification Service (APNs) — used to deliver push notifications to your device.
- Apple Sign In — optional sign-in method. If you use Apple's Hide My Email feature, we receive only a relay address.
06
Children's Privacy
Spin is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will promptly delete it.
07
Your Rights & Choices
- Export your data — available anytime from Settings → Export My Data inside the app
- Edit your profile — update your information anytime from the Edit Profile screen
- Delete your account — contact us at the email below; we'll delete your data within 30 days
- Notifications — disable in-app under Settings → Notifications, or through iOS Settings
08
Data Retention
We retain your data for as long as your account is active. Upon account deletion, personal information is removed within 30 days, except where retention is required by law.
09
Changes to This Policy
We may update this policy from time to time. Material changes will be reflected in the "Last updated" date above. Continued use of Spin after changes constitutes acceptance of the revised policy.
10
Contact
Questions, data requests, or account deletion:
hello@spinapp.io