Privacy Policy

DIG ("the app") is a music discovery tool that plays music via the Spotify Web Playback SDK. This policy explains what data we collect and how we use it.

What we collect

• Spotify account info — your Spotify user ID, display name, email, and profile image. Used solely to identify your account within DIG.
• Listening history within DIG — which tracks the app played for you, whether you saved/skipped/disliked them, and how much of each track you listened to. Used to avoid repeating tracks and to improve recommendations.
• Saved tracks (ledger) — tracks you explicitly save or dislike. Used to shape future recommendations.

What we do NOT collect

• We do not access your Spotify library, playlists, or listening history outside of DIG.
• We do not store your Spotify password. Authentication uses Spotify's standard OAuth flow.
• We do not sell, share, or transfer your data to any third party.

How we use Spotify's API

• Streaming — to play tracks directly within the app via the Web Playback SDK.
• Search — to resolve track recommendations against Spotify's catalog.
• Playback control — to pause, resume, skip, and seek within the app's player.
• User profile — to display your name and avatar, and to maintain per-user history.

Data storage

Your data is stored on a private server hosted in Helsinki, Finland (Hetzner). Access is restricted to the app's developer. Data is not backed up to any third-party cloud service.

Data deletion

To delete all data associated with your account, email tommaso@trustbuild.it. We will remove your records within 7 days.

Contact

For questions about this policy: tommaso@trustbuild.it