Privacy Policy

Last updated: May 2026

1. Information We Collect

When you sign in via Google OAuth, we receive your name, email address, and profile picture from Google. We also store:

  • Profile information you choose to provide (display name, bio, avatar)
  • Content you create (posts, replies, comments, ratings, and archived community content)
  • Music taste data (mood-profile votes, genre-affinity votes) you voluntarily submit
  • Privacy-friendly analytics via Umami Cloud (cookie-free page analytics, no personal identifiers, no cross-site tracking)
  • Session behaviour analytics via Microsoft Clarity (heatmaps and session recordings; used in cookie-free mode — no cookies set, no personal data shared with Microsoft for advertising)

We practice data minimisation — we only collect what is needed to run the platform. We do not buy, sell, or trade personal data. Ever.

2. How We Use Your Information

  • To operate and provide the PsychillSpace community platform
  • To personalise your experience (taste profiles, community voting)
  • To enable social features (friends, feed, replies, and threads)
  • To send in-app notifications about activity relevant to you
  • To improve the platform through aggregated, anonymous analytics

We do not serve ads. We do not build advertising profiles. We do not use your data for algorithmic recommendations designed to maximise engagement.

3. Data Storage & Security

Your data is stored securely using Supabase infrastructure with PostgreSQL databases. We implement row-level security policies to ensure users can only access authorised data. All connections use TLS encryption.

4. Third-Party Services

We integrate with:

  • Google OAuth — for authentication only
  • Umami Cloud Analytics — privacy-friendly, cookie-free web analytics; page analytics are processed by Umami and are not used for advertising
  • Microsoft Clarity — session behaviour analytics (heatmaps, session recordings) used in cookie-free mode; data is processed by Microsoft under their Privacy Statement
  • Streaming services (Bandcamp, Spotify, etc.) — linked via URLs only, no account connections

5. Your Rights

You can:

  • Edit or delete your profile information at any time
  • Delete your posts, comments, and ratings
  • Request a full export of your account data from Account Settings
  • Request account deletion by contacting us

Export requests are recorded so we can prepare a complete copy of the personal data associated with your account, including profile data, community content, preferences, and music interaction data.

6. Cookies

We use only essential cookies required for authentication session management (keeping you logged in). We do not use tracking cookies, third-party advertising cookies, or any form of cross-site tracking. Both Umami and Microsoft Clarity are used in cookie-free mode — Clarity is initialised with consent(false) which disables cookie storage and uses cookieless session identification instead. Because we only set strictly necessary cookies, no cookie consent banner is required under GDPR.

7. Contact

For privacy-related inquiries, visit our Discord server.