Providing the whole world access to Millions of songs, podcasts and videos from all around the world, Spotify needs no introduction to us. Available in over 170 countries Spotify currently boasts 155 million premium subscribers and 345 million monthly active users. Spotify is available across a range of devices, including computers, phones, tablets, speakers, TVs, and cars, and you can easily transition from one to another with Spotify Connect.
Spotify, despite having launched back in 2008, was only made officially available’ in Sri Lanka in 2021, after around 13 years. (Android users meanwhile: Tell us something new) This official entrance to the market definitely increased the number of users in the country, also making the privacy practices of the company highly relevant as a result.
The Free version of Spotify is immediately appealing to use, mainly do to the ease of its usage, as you only need to sign up using your email address or Facebook ID, and can gain access to a vast portion of services Spotify offers. On the other hand, if you want all the upgraded facilities, you can opt for the Premium version. Let us now dive into the privacy “playlist” of Spotify and discover what user data they collect and how it can affect you.
Song Number #1 – “Data that you leave me with”
So, there are three instances where the App collects personal data from you which are:
- When you sign up for the Spotify Service
- Through your use of the Spotify Service
- Data provided with additional features/functionality activation.
The type of personal data that you provide will depend on the option you use to sign in or register for the service. If you use the ‘traditional’ sign up, you know what types of data will be collected as they are the same ones that you fill out. However, if you use a third-party services such as Facebook to login, those services will provide the data to Spotify. Generally, the third-party service will notify you on what kind of data they will be providing. (Tip: Take few seconds and read them.)
Secondly, while you use the service, the app will collect several usage data such as type of Spotify Service plan, your interactions with the Spotify Service such as your search queries, URL information, online identifiers including cookie data and IP addresses and mobile sensor data. They will also use Map Data for certain subscription plans such as Premium Family Plan and Premium Duo Plan to make sure that you are really a “family”, or a “couple” living approximately in the same location! As per the statement, the company will not use these map data for any advertising purposes.
Additional data will include but will not be limited to Voluntary Mobile Data, Payment Data, Contests, Surveys and Sweepstakes Data, and Marketing Data. Similar to Netflix, Spotify also allows you to add the subscription cost to your mobile bill. When you do so, they will collect details such as:
- Date of birth
- Credit or debit card type, expiration date, and certain digits of your card number
- Postal code
- Mobile phone number and
- Details of your purchase and payment history.
Song Number #2 – “This is how we roll (with your data)”
Compared to other apps and services, the Legal department at Spotify seems to have spent some time to give a clear picture about how they use our data, along with a nice table. You can go through that when you have time. If you do not, basically they use User, Usage, Financial and other data to provide, maintain and customize the service.
Song Number #3 – “Can I have this data forever?”
Firstly, there are publicly available data and private data in the service. “Your name and/or username, profile picture, who you follow and who follows you on the Spotify Service, your recently played artists, and your public playlists” are some of the publicly shared details.
Other personal data will be shared with Third-party services/platforms/apps and Support community, Your Spotify followers and Artists/Record Labels, when you have allowed data sharing on the privacy settings of the app or when you use a service or a feature that is provided by a third-party.
In terms of data retention, the company will keep your personal data only as long as necessary (In numbers please!) “to provide you with the Spotify Service and for legitimate and essential business purposes.”
Data such as playlists, song library, and account information will only be kept as long as you are a Spotify user. (Technically until you delete your account) Depending on your request, the company will delete or anonymize your personal data, so that it no longer identifies you. Does this mean that they will continue to keep the data on their servers, forever!?
You can always take some control of your data using Privacy Settings and Notification Settings. As usual, due to GDPR regulations, users in European countries will get more access over their data compared to Sri Lankans.
And thus, we have reached the end of the “Privacy” playlist and it might be worth saving this one for another listen(or read).
Written by: Rtr. Ashen Hirantha
Edited by: Rtr. Kalani Siriwardena