Privacy Policy

Last updated: December 2025

This Privacy Policy describes how your personal information is collected, used, and shared when you use Musealytics ("the Service").

Data Processing

Client-Side Only: Musealytics operates entirely in your web browser. Your Spotify streaming history JSON files are processed locally on your device and are never uploaded to any server.

No Data Collection: We do not collect, store, or have access to your listening data, personal information, or any files you upload.

No Analytics: We do not use any tracking, analytics, or advertising services.

Spotify Integration

When you connect your Spotify account:

• Authentication is handled directly with Spotify using OAuth 2.0 with PKCE
• Your access token is stored only in your browser's localStorage
• We request minimal permissions: playlist creation and recent listening history
• You can revoke access anytime at spotify.com/account/apps

Local Storage

We use browser localStorage to save:

• Your theme preference (light/dark)
• Your language preference
• Spotify session tokens (encrypted, expires automatically)

You can clear this data anytime by clearing your browser data or clicking the logout button.

Third-Party Services

Spotify API: Subject to Spotify's Privacy Policy

Google Fonts: We use Google Fonts for typography. See Google's Privacy Policy

Your Rights (GDPR)

Since we don't collect or store your personal data on our servers, there is no data for us to provide, modify, or delete. Your Spotify data remains under Spotify's control.

For data portability from Spotify, visit spotify.com/account/privacy

Contact

For questions about this policy: contact@lyxo.link