Privacy Policy

Resonare

Last Updated: December 7, 2025

Introduction

Welcome to Resonare, a social music discovery app that helps you track, rate, and share your album listening experiences. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

1. Information We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our app.

1.1 Personal Information

  • Account Information: When you create an account using Google Sign-In or Apple Sign-In, we collect your email address and name.
  • Profile Information: Display name, profile picture (if you choose to upload one), and bio information.
  • User Content: Album ratings, listening dates, diary entries, and reviews you create within the app.
  • Social Information: Your follow relationships (who you follow and who follows you), activity visibility preferences, and social interactions within the app.

1.2 Music Activity Data

  • Albums you mark as listened
  • Ratings you provide for albums (1-5 stars)
  • Dates when you listened to albums
  • Personal notes and diary entries about albums
  • Your listening statistics and history

1.3 Technical Data

  • Crash Reports: We collect crash logs and error reports through Firebase Crashlytics to help us identify and fix bugs.
  • Usage Analytics: Basic information about how you use the app to help us improve features and performance.

1.4 Information We Do NOT Collect

  • Location data or GPS coordinates
  • Device identifiers for advertising purposes
  • Access to your Spotify listening history or playlists
  • Browsing history outside the app
  • Contact lists or phone book data
  • Payment information (app is currently free)

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Core App Functionality

  • Create and manage your user account
  • Store and display your music listening history
  • Enable you to rate and review albums
  • Facilitate social features like following other users
  • Display personalized content and recommendations

2.2 App Improvement

  • Monitor and analyze usage patterns to improve app performance
  • Identify and fix bugs and technical issues
  • Develop new features based on user behavior
  • Optimize user experience and interface design

2.3 Communication

  • Respond to your questions and support requests
  • Send you important updates about the app
  • Notify you about changes to our privacy policy

2.4 What We DON'T Do

  • We do not sell your personal information to third parties
  • We do not use your data for advertising purposes
  • We do not share your listening history with music services
  • We do not track you across other apps or websites

3. Third-Party Services

We use the following third-party services to provide and improve our app. Each service has its own privacy policy governing how they handle your data.

3.1 Authentication Services

Google Sign-In

Used for user authentication. We only receive your email address and name from Google.

Google Privacy Policy

Apple Sign-In

Used for user authentication on iOS devices. We only receive basic profile information.

Apple Privacy Policy

3.2 Backend Infrastructure

Supabase

Our backend database and authentication provider. Stores all user data, album information, and social connections securely.

Supabase Privacy Policy

3.3 App Stability

Firebase Crashlytics

Collects crash reports and error logs to help us identify and fix bugs that cause the app to crash.

Firebase Privacy Policy

3.4 Music Data

Spotify Web API

Provides album metadata, artwork, and track listings. We do not access your Spotify account or listening history.

Spotify Privacy Policy

4. Data Sharing and Disclosure

4.1 What We Share

We only share your information in the following limited circumstances:

  • With Other Users: Your profile information, album ratings, and activity are visible to other users based on your privacy settings (public or private profile).
  • Service Providers: We share data with Supabase (backend hosting) and Firebase (crash reporting) to operate the app.
  • Legal Requirements: We may disclose information if required by law or to protect our rights and safety.

4.2 What We Don't Share

  • We do not sell your personal information to advertisers or data brokers
  • We do not share your data for advertising or marketing purposes
  • We do not provide your listening history to music services or labels
  • We do not share your data with analytics companies beyond crash reporting

4.3 Social Features

Resonare is a social app, which means certain information is shared with other users:

  • Public Profiles: Your profile, ratings, and activity are visible to all users
  • Private Profiles: Your profile is discoverable, but content is only visible to approved followers
  • Activity Feeds: Users who follow you can see your recent album ratings and reviews

5. Your Rights and Choices

5.1 Privacy Controls

  • Profile Privacy: Set your profile to public or private in app settings
  • Follow Requests: Approve or deny follow requests for private profiles
  • Activity Visibility: Control what appears in your activity feed

5.2 Account Management

  • Edit Profile: Update your display name, profile picture, and bio at any time
  • Delete Content: Remove individual ratings, reviews, or diary entries
  • Export Data: Request a copy of your data by contacting us
  • Delete Account: Permanently delete your account and all associated data through app settings or by contacting us

5.3 Data Portability

You have the right to receive a copy of your personal data in a structured, machine-readable format. Contact us to request data export.

5.4 Rights Under GDPR (European Users)

If you are located in the European Economic Area, you have additional rights including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

5.5 Rights Under CCPA (California Residents)

California residents have the right to:

  • Know what personal information is collected
  • Know whether personal information is sold or disclosed
  • Access personal information
  • Request deletion of personal information
  • Opt-out of the sale of personal information (we do not sell data)

6. Data Security

We take the security of your personal information seriously and implement industry-standard security measures:

6.1 Technical Safeguards

  • Encryption: All data is encrypted in transit using HTTPS/TLS and at rest in our database
  • Row-Level Security: Database policies ensure users can only access their own data and data they're authorized to see
  • Secure Authentication: OAuth 2.0 authentication with Google and Apple
  • Access Controls: Limited employee access to user data on a need-to-know basis

6.2 Organizational Safeguards

  • Regular security audits and updates
  • Secure development practices
  • Third-party security certifications (Supabase SOC 2 Type II compliant)

6.3 Data Breach Response

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours via email and provide information about the breach and steps you can take to protect yourself.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide services:

  • Account Data: Retained until you delete your account
  • Listening History: Retained until you delete specific entries or your entire account
  • Crash Reports: Retained for 90 days for debugging purposes
  • Deleted Accounts: All personal data is permanently deleted within 30 days of account deletion

Some data may be retained for longer periods where required by law or for legitimate business purposes (e.g., resolving disputes, enforcing agreements).

8. Children's Privacy

Resonare is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. If you are under 13, please do not use this app or provide any information to us.

If we learn that we have collected personal information from a child under 13 without parental consent, we will take steps to delete that information as quickly as possible.

If you believe we have collected information from a child under 13, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your country.

We use Supabase for data storage, which hosts data in secure facilities. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information.

10. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

When we make changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you through the app or via email if changes are material
  • Give you the opportunity to review the changes before they take effect

We encourage you to review this privacy policy periodically. Your continued use of the app after changes are posted constitutes your acceptance of the updated policy.

11. Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Email: jimmyshultz3@gmail.com

Response Time: We aim to respond to all inquiries within 48 hours

For data access, deletion, or portability requests, please include "Data Request" in your email subject line and provide your registered email address for verification.

12. Additional Information

12.1 Do Not Track

Some web browsers have a "Do Not Track" feature. Because there is not yet a common understanding of how to interpret Do Not Track signals, our app does not currently respond to Do Not Track signals.

12.2 Third-Party Links

Our app may contain links to third-party websites or services (such as Spotify album pages). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12.3 Open Source

Resonare uses open-source libraries and frameworks. For a complete list of third-party code used in the app, please see our acknowledgments section within the app.