Harmonize Privacy Policy

Last updated: March 9, 2026*

** What data we collect:**

Email address ( used for account creation and login)
Display name and avatar image (used for your public profile on comments)
Comments you post (tied to specific Spotify track IDs)
Spotify account connection via OAuth (we only access current playback info — we never access your playlists, saved songs, or listening history)
Where data is stored: All user data is stored in a Supabase-hosted PostgreSQL database. Avatar images are stored in Supabase Storage. Authentication is handled through Supabase Auth. No data is stored on third-party analytics or advertising platforms.

What we don't do:

We do not sell, share, or transfer your data to third parties
We do not track your browsing activity outside of open.spotify.com

We do not run analytics or advertising scripts
Local storage: The extension uses browser.storage.local to persist your auth session and Spotify tokens locally on your device. This data never leaves your browser except to authenticate with Supabase and Spotify's APIs.

Data deletion: You can request full deletion of your account and all associated data (profile, avatar, comments) by emailing muemegallery@gmail.com. We will process deletion requests within 30 days.

Contact : For any privacy -related questions, reach out at muemegallery@gmail.com