This Privacy Policy describes how MusixBarn Social ("we," "us," or "our") collects, uses, stores, and shares your personal information when you use our platform. By using MusixBarn Social, you agree to the collection and use of information in accordance with this policy. We are committed to protecting your privacy and handling your data with transparency and care.
1. Information We Collect
1a. Information You Provide Directly
- Account information: Your email address, username, display name, and password (stored as a one-way cryptographic hash — we never store your actual password).
- Profile information: Your bio, avatar image, cover image, genre, city, region, country, and any social media links you choose to add.
- Music and content: Songs, albums, cover art, lyrics, posts, comments, and any other content you upload or create on the platform.
- Communications: Messages you send to our support team, appeal submissions, or other direct communications with us.
- Payment information: When you purchase music or subscribe to a paid plan, you enter payment details directly into Stripe's secure payment forms. We never see, store, or have access to your full credit card number, CVV, or banking details. We do receive and store a Stripe customer ID and subscription ID for account management purposes.
1b. Information Collected Automatically
- Usage data: Pages visited, features used, actions taken (posts, likes, comments, plays, purchases), timestamps, and interaction patterns.
- Device and browser data: IP address, browser type and version, operating system, device type, screen resolution, and referring URLs.
- Location data: Approximate city and country derived from your IP address for security alerts, fraud detection, and analytics. We do not collect precise GPS location.
- Log data: Server logs including IP addresses, access times, pages requested, and error logs. These are retained for security and debugging purposes.
- Session data: A session cookie is set when you log in to keep you authenticated. This is essential for the platform to function and cannot be disabled while you are logged in.
1c. Purchase and Transaction Data
We store records of music purchases made through the platform including what was purchased, the purchase price, the date of purchase, and a download token. This data is necessary to provide download access and resolve support requests. We do not store credit card details.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Providing the Service: Operating accounts, processing transactions, delivering music downloads, managing subscriptions, and providing all platform features.
- Communications: Sending you transactional emails including email verification codes, purchase receipts, subscription confirmations, password reset codes, and security alerts. These emails are essential to the Service and cannot be opted out of while you have an active account.
- Security and fraud prevention: Detecting and preventing unauthorized access, fraudulent transactions, spam, abuse, and other harmful activity.
- Support: Responding to support requests, investigating reports, and resolving disputes.
- Platform improvement: Analyzing usage patterns to improve features, fix bugs, and develop new functionality. This analysis uses aggregated and anonymized data where possible.
- Legal compliance: Complying with applicable laws, regulations, legal processes, and responding to lawful requests from authorities.
- Announcements: Sending platform announcements, feature updates, and occasional promotional communications. You may opt out of promotional communications at any time.
3. Information We Share
We do not sell your personal data to third parties. We share your information only in the following limited circumstances:
3a. Service Providers
We share data with trusted third-party service providers who help us operate the platform. These providers are contractually obligated to use your data only for the purposes we specify:
- Stripe — Payment processing for music purchases and artist subscriptions. Stripe's Privacy Policy governs their handling of payment data.
- Brevo (Sendinblue) — Transactional email delivery for verification codes, receipts, password resets, and notifications.
- DigitalOcean — Cloud hosting and infrastructure. Your data is stored on DigitalOcean servers.
- IPAPI — IP geolocation for security alerts and approximate location analytics.
3b. Public Information
Artist profiles, uploaded music, posts, and other content you choose to make public on the platform are visible to all users and may be indexed by search engines. Please be thoughtful about what you share publicly.
3c. Legal Requirements
We may disclose your information when required by law, court order, subpoena, or other legal process. We may also disclose information when we believe in good faith that disclosure is necessary to protect the rights, property, or safety of MusixBarn Social, our users, or the public — including cooperation with law enforcement regarding content that may constitute a crime.
3d. Business Transfers
In the event of a merger, acquisition, sale of assets, or other business transfer, your data may be transferred to the acquiring entity. We will notify you via email or platform announcement before your data is transferred and becomes subject to a different privacy policy.
4. Cookies and Tracking
MusixBarn Social uses a single session cookie to keep you logged in while you use the platform. This cookie is essential for the Service to function and is automatically deleted when you log out or close your browser session.
We do not use third-party advertising cookies, cross-site tracking cookies, or behavioral advertising technology. We do not participate in any advertising networks. MusixBarn Social products are ad-free and we do not allow advertisers to track our users.
5. Data Security
We implement reasonable technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These include:
- All passwords stored as one-way bcrypt hashes — never in plaintext.
- All data transmitted over HTTPS with TLS encryption.
- Payment data handled entirely by Stripe — we never touch raw card details.
- Login activity monitoring and security alerts for unusual access patterns.
- Regular security reviews of our codebase and infrastructure.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that affects your information, we will notify you as required by applicable law.
6. Your Rights and Choices
You have the following rights regarding your personal information:
- Access and correction: You can view and edit your profile information at any time through your account settings.
- Data portability: You may request a copy of your personal data by contacting us. We will provide it in a machine-readable format within 30 days.
- Account deletion: You may request deletion of your account and associated data by contacting us. We will process deletion requests within 30 days. Note that some data may be retained as required by law, for fraud prevention, or in anonymized/aggregated form.
- Opt out of promotional emails: You may opt out of non-essential promotional emails at any time. Transactional emails (receipts, security alerts, verification codes) are essential to the Service and cannot be opted out of while your account is active.
- Content removal: You may delete your own posts, songs, and other content at any time through the platform interface.
If you are a resident of the European Economic Area, California, or another jurisdiction with specific data protection laws, you may have additional rights. Please contact us to exercise these rights.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. After account deletion:
- Your profile, music, and public content will be removed from public view within 30 days.
- Backup copies may be retained for up to 90 days before being purged.
- Transaction records and financial data may be retained for up to 7 years for tax and legal compliance purposes.
- Security logs may be retained for up to 12 months.
- Anonymized and aggregated analytics data may be retained indefinitely.
8. Children's Privacy
MusixBarn Social is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at support@musixbarn.com and we will take steps to delete that information promptly.
Users between the ages of 13 and 17 should use the platform only with parental or guardian consent and supervision.
9. International Data Transfers
MusixBarn Social is operated from the United States. If you are located outside the United States, your personal information may be transferred to and processed in the United States, which may have different data protection laws than your country. By using the Service, you consent to this transfer.
10. Third-Party Links
The platform may contain links to third-party websites, social media profiles, or external services. This Privacy Policy does not apply to those third-party services. We are not responsible for the privacy practices of third parties and encourage you to review their privacy policies before providing any personal information.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via platform announcement or email with at least 14 days advance notice where practicable. The updated policy will be posted at this URL with a revised "Last updated" date. Continued use of the Service after the effective date constitutes acceptance of the updated policy.
12. Contact Us
For privacy questions, data requests, or to exercise your rights, contact us at:
support@musixbarn.com
We will respond to privacy inquiries within 30 days.