01 — Overview
Who we are
TrackList is a music rating and social platform operated by TrackList, LLC, a Michigan limited liability company. This Privacy Policy explains what data we collect when you use TrackList, how we use it, and your rights regarding that data.
By using TrackList, you agree to the practices described in this policy. If you have questions, contact us at hello@tracklistapp.com.
02 — Data We Collect
What we collect
Account information: When you sign in with Spotify, we receive your Spotify display name, email address, and profile photo. We do not receive or store your Spotify password.
Music ratings and content: We store the ratings, reviews, rankings, and lists you create within TrackList — including album, song, artist, and concert ratings.
Tag data: When you tag a rating, we store the tags you select or create — including guided funnel tags (Life Era, Genre, Mood, Moment, and concert-specific The Show tags) and any custom tags you add.
Concert logs: When you log a concert, we store the artist, venue, date, setlist, rating, and any associated tags or notes you provide.
Spotify listening data: With your permission, we access your top artists and recently played tracks via the Spotify Web API to power personalized recommendations. This data is not permanently stored — it is fetched at request time and used in-session.
Usage data: We may collect basic analytics such as pages visited and features used to improve the service. We do not use third-party advertising trackers.
03 — How We Use It
How we use your data
- To provide the core TrackList experience — storing your ratings, rankings, reviews, and tags
- To generate personalized music recommendations based on your rating history and Spotify listening data
- To display your profile and activity to other users (if your profile is set to public)
- To calculate and award achievements based on your activity
- To fetch concert history and setlist data from Setlist.fm for the concert logging feature
- To surface upcoming shows via Ticketmaster based on artists you've rated
- To send transactional emails (such as contact form confirmations) via Resend
04 — Third-Party Services
Services we integrate with
TrackList integrates with the following third-party services. Each is governed by their own privacy policy.
| Service | Purpose | Privacy Policy |
|---|---|---|
| Spotify | Authentication, music search, album data, playlist export, listening history | spotify.com/privacy |
| Last.fm | Artist similarity data and genre tags for recommendations | last.fm/legal/privacy |
| Setlist.fm | Concert history and setlist data | setlist.fm privacy |
| Ticketmaster | Upcoming shows and venue data | ticketmaster.com privacy |
| Supabase | Database hosting and file storage (profile photos) | supabase.com/privacy |
| Vercel | Application hosting and deployment | vercel.com/legal/privacy-policy |
| Resend | Transactional email delivery | resend.com privacy |
05 — Data Sharing
Who we share data with
We do not sell your personal data to third parties. Your ratings, reviews, and tags may be visible to other TrackList users if your profile is set to public. You can control your profile visibility in Settings.
We share data with the third-party services listed above only to the extent necessary to operate the platform.
06 — Data Retention
How long we keep your data
Your data is retained as long as your account is active. You can export all your data (ratings, reviews, lists, and tags) as JSON from the Settings page. You can delete your account at any time, which permanently removes all associated data from our systems.
07 — Your Rights
What you can control
- Access your data via the export feature in Settings
- Delete your account and all associated data at any time
- Control your profile visibility (public or private)
- Control whether your activity appears in other users' feeds
- Choose whether to hide your scores from other users
- Revoke Spotify access at any time via your Spotify account settings
If you have questions about your data or wish to make a request, email us at hello@tracklistapp.com.
08 — Security
How we protect your data
We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Spotify OAuth, row-level security on our database, and hosted infrastructure with Supabase and Vercel. We do not store passwords.
09 — Changes
Updates to this policy
We may update this policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of TrackList after changes are posted constitutes acceptance of the updated policy.
10 — Contact
Get in touch
If you have questions about this privacy policy or your data, contact us at hello@tracklistapp.com.
TrackList, LLC
Michigan, United States