privacy policy

Last updated January 31, 2026

The short version

hearted. exists to help you understand your music. This policy explains what data is collected, why, and how it's protected. Your music library is accessed to provide the service Your data isn't sold to anyone Song analyses are stored globally (not tied to you personally) You can delete your account and personal data anytime

01

What data we collect

From Spotify (when you sign in):

  • Spotify user ID
  • Email address
  • Display name and profile picture
  • Your Liked Songs and when you liked them
  • Your playlists (names, descriptions, tracks)

Generated by hearted.:

  • Song analyses (mood, meaning, themes) — stored globally, shared across all users
  • Playlist profiles (for matching)
  • Match results (which songs matched to which playlists)
  • Your preferences (theme, sync settings)
02

Why data is collected

Spotify user ID
: To link your account
Email
: Account recovery and important updates only
Display name & picture
: To display on your hearted. profile
Liked Songs
: To analyze and match them to playlists
Playlists
: To build profiles for matching
Preferences
: To remember your settings
Song analyses
: To show you what your music means
Match results
: To remember which songs matched where
03

Third parties

Spotify
: Handles login authentication. Provides access to your music library.
Google (Gemini AI)
: Song lyrics and metadata are sent to generate analyses. No personal information is included in these requests.
Stripe
: Handles payment processing. Receives your email and payment details when you make a purchase. hearted. does not store credit card information.

Your data is never sold to advertisers or data brokers.

04

How data is protected

  • All connections use HTTPS encryption
  • Database access is restricted and encrypted
  • Spotify passwords are never seen or stored — authentication happens through Spotify's secure login
05

Your rights (GDPR)

If you're in the European Union, you have the right to:

Access your data
: Request a copy of all personal data stored about you.
Correct your data
: If something is wrong, request a correction.
Delete your data
: Delete your account anytime. All personal data (profile, preferences, match history, liked songs associations) is removed. Global song analyses remain since they're not personal data.
Export your data
: Request your data in a portable format.
Withdraw consent
: Delete your account anytime from the app settings. You can also uninstall the hearted. extension to stop Spotify library syncing at any time.

To exercise any of these rights, contact: support@hearted.music

06

Data retention

Personal data
: Kept while your account is active. Deleted when you delete your account.
Song analyses
: Kept indefinitely
Usage analytics
: Anonymized and aggregated, no personal identifiers.
07

Cookies

hearted. uses minimal cookies:

Authentication
: To keep you logged in
Preferences
: To remember your settings

No advertising or tracking cookies are used.

08

Changes to this policy

If this policy changes significantly, you'll be notified by email before changes take effect. Minor clarifications may be made without notice.

09

Contact

Questions about privacy? Reach out: support@hearted.music