Privacy Policy

Effective Date: January 10, 2025

Crates ("we", "our", or "us") respects your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights.

1. What We Collect

When you log in with Spotify, we collect:

• Spotify User ID (your public Spotify username)
• Spotify Library Data: A copy of the albums saved in your Spotify library
• Spotify Access Token: Stored securely and encrypted, used to access the Spotify API on your behalf

We do not collect your email address, playlists, or listening history.

2. How We Use Your Data

We use your Spotify data to:

• Display your saved albums
• Let you organize them into "crates"
• Power your public profile and shared crates (if you choose to make them public)

We may also use aggregated, non-identifiable usage data to help improve the service.

We do not:

• Sell or share your personal data with third parties
• Use your Spotify data for advertising

3. Analytics and Cookies

We may use analytics tools like Google Analytics to understand how users interact with Crates (e.g., which pages are visited, how long users stay). This data is collected in aggregate and cannot identify individual users.

Cookies or local storage may be used to:

• Keep you logged in
• Store app preferences

You can disable cookies in your browser settings if you prefer not to be tracked.

4. Data Security

• Spotify tokens are encrypted
• Personal data is protected using industry-standard practices
• No Spotify credentials (e.g., password) are ever accessed or stored

5. Your Rights

• You can revoke Crates' access from your Spotify connected apps
• You can contact us to request deletion of your data

6. Changes to This Policy

We may update this policy in the future. Any material changes will be posted here with an updated "Effective Date."