Ryan Katayi
    back to Droplyst
    D

    Privacy Policy

    Last updated May 26, 2026

    What Droplyst Does

    Droplyst is a music capture app that identifies songs playing around you and turns them into ordered Spotify playlists. You start a listening session and Droplyst recognizes tracks in real time using your device microphone.

    Data We Collect

    • Account information: Email address and authentication credentials, managed by Supabase Auth.
    • Spotify account: When you connect Spotify, we receive an access token to create playlists on your behalf. We do not access your listening history, liked songs, or any other Spotify data beyond playlist creation.
    • Audio data: Droplyst uses your microphone to capture short audio snippets for song identification. Audio is processed on-device using ShazamKit and is never recorded, stored, or sent to our servers.
    • Session data: Song matches, timestamps, and playlist links from your capture sessions are stored in our database tied to your account.

    How We Use Your Data

    • To identify songs playing around you during a capture session.
    • To create and export Spotify playlists from your sessions.
    • To display your session history and previously captured playlists.
    • To sync your session data across devices when you sign in.

    Microphone Usage

    Droplyst requires microphone access to identify songs. Audio is processed locally on your device using Apple ShazamKit. We do not record, store, or transmit any audio to our servers. The microphone is only active during a capture session that you explicitly start and can stop at any time.

    Third-Party Services

    • Apple ShazamKit: Used for on-device song recognition. Audio is processed locally. See Apple's privacy policy.
    • Spotify: Used for playlist creation and song matching. We only request the permissions needed to create playlists. See Spotify's privacy policy.
    • Supabase: Used for authentication and session data storage. All data is protected by row-level security. See Supabase's privacy policy.

    Data Storage and Security

    • Session data is stored in Supabase (PostgreSQL) with row-level security.
    • Authentication tokens are stored in iOS Secure Storage.
    • Spotify tokens are stored securely and refreshed automatically.
    • All network communication uses HTTPS/TLS encryption.

    Data Sharing

    We do not sell, rent, or share your personal data with third parties for marketing purposes. Data is only shared with the third-party services listed above as needed to provide the app's functionality.

    Your Rights

    • Delete: You can delete your account and all associated data from Settings. This removes all session history from our servers permanently.
    • Disconnect Spotify: You can disconnect your Spotify account at any time from Settings. Playlists already created in Spotify will remain in your Spotify account.
    • Access: All your session data is visible to you within the app.

    Children

    Droplyst is not intended for users under 17. We do not knowingly collect data from children.

    Changes

    We may update this policy. Changes will be reflected on this page with an updated date.

    Contact

    Questions? Email rkata73@gmail.com.