Privacy Policy
Last updated: May 8, 2026
MyPhonotheque ("we", "us") is a personal music collection app. This policy explains what data we collect, why, and how you can control it. If you have questions, contact us at support@myphonotheque.com.
Data we collect
- Account: email and name from Google Sign-In.
- Your collection: albums you add (artist, title, format, year, notes, cover image).
- OAuth tokens: if you connect Google Drive or Spotify, we store the access/refresh tokens encrypted at rest, used only to perform the actions you trigger.
- Subscription: Google Play purchase token, product ID and renewal status (only if you subscribe to Premium).
- Technical: minimal logs needed to operate and secure the service.
How we use your data
- Provide the core service (store and display your collection).
- Sync to Google Drive and export to Spotify when you request it.
- Process and validate Premium subscriptions through Google Play Billing.
- AI-assisted album recognition: cover images you submit are sent to the Lovable AI Gateway for analysis. They are not used to train models.
Third parties
- Google — authentication, Drive (scope
drive.appdata), Play Billing. - Spotify — playlist/library export when you connect your account.
- Lovable Cloud — hosting and database (EU region).
- Lovable AI Gateway — album recognition models.
We do not sell your data. We do not use it for advertising. We do not share it with anyone beyond what is strictly necessary to operate the service.
Legal basis (GDPR)
- Performance of the contract (providing the service you signed up for).
- Your consent (for optional connections such as Drive and Spotify).
- Legitimate interest (security, fraud prevention).
Retention
We keep your data while your account is active. When you delete your account, all personal data is removed within 30 days (see Delete account).
Your rights
You can access, rectify, export and delete your data at any time. Write to support@myphonotheque.com or use the in-app deletion flow.
Security
Data is encrypted in transit (HTTPS) and at rest. OAuth tokens are stored encrypted and are never returned to the browser.
Children
MyPhonotheque is not directed to children under 13.
Changes
We may update this policy. Material changes will be announced inside the app. The date at the top reflects the latest version.
