PlaySortPlaySort

Privacy Policy

Last updated: April 2026

1. Overview

PlaySort ("we", "our", "us") takes your privacy seriously. This policy explains what data we collect, how we use it, and what rights you have over your information. By using PlaySort, you agree to the practices described here.

2. Data We Collect

We collect the following information:

  • Account data — name, email address, and password hash when registering with email
  • Connected platform data — your Spotify profile, playlists, and track information when you connect an account
  • Usage data — how you interact with the service (e.g. which features you use, run history)
  • Technical data — IP address, browser type, and session information for security purposes

3. How We Use Your Data

We use your data exclusively to:

  • Provide and improve the PlaySort service
  • Authenticate your account and maintain session security
  • Analyze and sort your playlists using machine learning
  • Send transactional emails (e.g. password reset, billing)
  • Display usage statistics (anonymized) on our landing page

We do not sell your data to third parties. We do not use your data for advertising.

4. Connected Third-Party Services

When you connect a streaming service such as Spotify, we store the access tokens required to interact with that service on your behalf. These tokens are encrypted at rest and used solely to perform the actions you request (reading playlists, creating playlists). We only request the minimum permissions necessary. You can revoke access at any time from your account settings or directly from the connected platform.

5. Data Storage and Security

Your data is stored in a managed PostgreSQL database hosted on Supabase. Passwords are hashed using bcrypt and are never stored in plain text. Session tokens are signed JWTs and stored only in secure, HTTP-only cookies. We apply industry-standard security practices to protect your data.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will permanently delete your personal data within 30 days, except where we are required to retain it for legal or billing reasons.

7. Cookies

PlaySort uses a single session cookie to keep you logged in. This cookie is HTTP-only, meaning it cannot be accessed by JavaScript. We do not use tracking or advertising cookies. You can disable cookies in your browser settings, but this will prevent you from staying logged in.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a machine-readable format
  • Object to or restrict certain processing

To exercise these rights, contact us at privacy@playsort.app.

9. Children's Privacy

PlaySort is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via a notice in the app. The date at the top of this page reflects the most recent update.

11. Contact

For privacy-related questions, contact us at privacy@playsort.app.