Privacy Policy

Information We Collect

We collect several types of information from and about users of our Service:

Account Information (via AT Protocol/Bluesky):

• Decentralized identifier (DID)
• Handle/username
• Display name
• Profile picture
• Account creation date
• Authentication tokens (stored securely)

Content You Create:

• Music videos and audio files
• Song interpretations and lyrics
• Comments and interactions
• Profile customizations
• Playlist information

Usage Data:

• App interaction patterns
• Content engagement metrics
• Feature usage statistics
• Performance analytics
• Crash reports and diagnostics

Device Information:

• Device type and model
• Operating system version
• App version
• Device identifiers
• Network information
• Push notification tokens

Transaction Data:

• Lyrc Coin purchases and usage
• In-app purchase history
• Payment processing information (handled by Apple)

Communications:

• Support messages
• Feedback submissions
• Email communications

We do not collect sensitive personal information such as government IDs, financial account numbers, or precise location data without your explicit consent.

How We Use Your Information

We use the information we collect for various purposes:

Service Provision:

• Authenticate your account through AT Protocol
• Display your content across AT Protocol networks
• Enable music discovery and social features
• Process Lyrc Coin transactions
• Provide customer support

Platform Improvement:

• Analyze usage patterns to improve features
• Develop new functionality
• Optimize performance and reliability
• Conduct research and analytics
• Debug and fix technical issues

Communication:

• Send important service updates
• Notify you of new features
• Respond to your inquiries
• Share artist community updates
• Send push notifications (with your permission)

Safety and Security:

• Detect and prevent fraud
• Enforce our Terms of Service
• Protect against spam and abuse
• Maintain platform integrity
• Comply with legal obligations

Personalization:

• Customize your music discovery experience
• Recommend relevant content and artists
• Tailor interface preferences
• Improve content curation

Business Operations:

• Analyze market trends
• Support business development
• Maintain financial records
• Prepare aggregated reports

We will not use your creative content (music, lyrics, interpretations) to train artificial intelligence models or for any automated content generation purposes.

How We Share Your Information

We may share your information in the following circumstances:

AT Protocol Network Distribution:

• Your public content automatically appears on other AT Protocol networks (including Bluesky)
• Your profile information is visible across the decentralized network
• Interactions and engagement data flow through the AT Protocol ecosystem
• Content deletion requests are propagated across connected networks

Service Providers:

• Firebase (Google) - Analytics and app performance
• RevenueCat - In-app purchase processing
• Apple - Push notifications and App Store services
• Cloud storage providers - Content hosting and backup
• Email service providers - Communication services

Legal Requirements:

• To comply with applicable laws and regulations
• To respond to legal process and government requests
• To protect our rights, property, and safety
• To protect the rights and safety of our users
• To investigate and prevent fraud or security issues

Business Transfers:

• In connection with mergers, acquisitions, or sales of assets
• During business restructuring or dissolution
• To successors in interest (with appropriate privacy protections)

With Your Consent:

• When you explicitly authorize sharing
• For marketing partnerships (only with opt-in consent)
• For research studies (anonymized data only)

Aggregated and Anonymous Data:

• Usage statistics and trends (non-identifiable)
• Performance metrics and analytics
• Market research and industry reports
• Academic research (with proper anonymization)

What We Don't Share:

• Your private messages or direct communications
• Payment information (handled directly by Apple)
• Account passwords or authentication tokens
• Content marked as private or drafts
• Personal data for advertising purposes

We never sell your personal information to third parties or use your creative content for commercial purposes without explicit permission.

Data Storage and Security

We implement appropriate security measures to protect your information:

Decentralized Architecture Benefits:

• AT Protocol integration reduces single points of failure
• Your identity and content aren't locked to Lyrc alone
• Distributed storage across multiple network nodes
• Enhanced resilience against data loss

Security Measures:

• End-to-end encryption for sensitive data
• Secure authentication through AT Protocol
• Regular security audits and updates
• Access controls and monitoring
• Secure data transmission (HTTPS/TLS)

Data Retention:

• Account data: Retained while your account is active
• Content: Stored until you delete it
• Usage analytics: Retained for up to 2 years
• Support communications: Retained for up to 3 years
• Legal compliance data: Retained as required by law

Data Location:

• Primary servers located in the United States
• Content distributed across AT Protocol network globally
• Cloud backups in secure, certified data centers
• Compliance with applicable data protection regulations

Your Control:

• Delete individual posts and content at any time
• Export your data through AT Protocol standards
• Request account deletion (effective within 30 days)
• Control privacy settings and content visibility

Incident Response:

• Immediate notification of security breaches
• Rapid containment and remediation procedures
• Transparent communication about any incidents
• Continuous monitoring and threat detection

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to using industry best practices.

Your Rights and Controls

You have several rights regarding your personal information:

Access and Portability:

• View all data associated with your account
• Export your content and profile data
• Download your information in portable formats
• Access data through AT Protocol standards
• Receive copies of your information upon request

Data Control:

• Update or correct your profile information
• Delete specific posts, content, or comments
• Control who can see your content
• Manage notification preferences
• Set content discovery preferences

Account Management:

• Deactivate your account temporarily
• Permanently delete your account and data
• Transfer your content to other AT Protocol services
• Revoke third-party application access
• Update communication preferences

Privacy Settings:

• Control content visibility (public, followers-only, private)
• Manage who can comment on your content
• Set discovery preferences for your profile
• Control analytics data collection
• Opt out of non-essential communications

Marketing Communications:

• Unsubscribe from promotional emails
• Opt out of marketing notifications
• Control preference-based communications
• Manage feature update notifications

Data Correction and Deletion:

• Request correction of inaccurate information
• Delete personal data (subject to legal retention requirements)
• Remove content from AT Protocol networks
• Clear usage history and analytics data

Exercising Your Rights:

To exercise these rights, contact us at privacy@lyrc.social or through the app settings. We will respond to your request within 30 days and verify your identity before processing requests.

Limitations:

Some rights may be limited by:

• Legal requirements to retain certain data
• Technical limitations of decentralized systems
• Legitimate business interests
• Protection of other users' rights and safety

Children's Privacy

Protecting children's privacy is important to us:

Age Requirement:

• Lyrc is intended for users 18 years and older
• Users between 13-17 require parental or guardian consent
• We do not knowingly collect data from children under 13
• Age verification may be required during account creation

Parental Controls:

• Parents can request access to their teen's account information
• Parents can request deletion of their teen's account
• We provide guidance on teen privacy and safety
• Additional privacy protections for users under 18

Content Restrictions:

• Enhanced content moderation for younger users
• Restricted access to certain features
• Limited data collection from teen accounts
• Stricter advertising and marketing limitations

Discovery of Underage Users:

If we learn we have collected personal information from a child under 13:

• We will delete the information immediately
• We will terminate the account
• We will notify parents if identifiable
• We will take steps to prevent re-registration

Educational Resources:

• Privacy education for young users
• Digital literacy resources
• Safety guidelines for online music sharing
• Tools for responsible social media use

Parents with questions about their child's privacy can contact us at privacy@lyrc.social.

International Data Transfers

Lyrc operates globally through the AT Protocol network:

Data Transfers:

• Your information may be transferred to countries outside your residence
• AT Protocol network spans multiple jurisdictions
• We ensure adequate protection for international transfers
• Transfers comply with applicable privacy laws

Safeguards:

• Standard contractual clauses for data protection
• Adequacy decisions where available
• Appropriate technical and organizational measures
• Regular assessments of transfer mechanisms

Jurisdictions:

• Primary processing in the United States
• AT Protocol network operates globally
• Content may be cached in various countries
• Support and analytics may involve international providers

Your Rights:

• Right to information about international transfers
• Right to object to certain transfers
• Right to request local data processing where possible
• Right to file complaints with supervisory authorities

Legal Frameworks:

• Compliance with GDPR for EU residents
• Adherence to Privacy Act 1988 for Australian residents
• Alignment with PIPEDA for Canadian residents
• Following applicable local privacy laws

We regularly review and update our international transfer mechanisms to ensure continued compliance with evolving privacy regulations.

Third-Party Services

We integrate with various third-party services to provide our platform:

AT Protocol / Bluesky:

• Authentication and identity management
• Cross-platform content distribution
• Decentralized social networking infrastructure
• User profile and following relationships
• Privacy Policy: https://bsky.social/about/support/privacy-policy

Firebase (Google):

• App analytics and performance monitoring
• Crash reporting and diagnostics
• User engagement metrics
• Privacy Policy: https://policies.google.com/privacy

RevenueCat:

• In-app purchase processing and management
• Subscription and payment analytics
• Revenue tracking and reporting
• Privacy Policy: https://www.revenuecat.com/privacy

Apple Services:

• App Store distribution and payments
• Push notification delivery
• Device authentication and security
• Privacy Policy: https://www.apple.com/privacy/privacy-policy/

Cloud Storage Providers:

• Content hosting and delivery
• Data backup and redundancy
• Global content distribution networks
• Security and encryption services

Third-Party Links:

• Our app may contain links to external websites
• We are not responsible for third-party privacy practices
• Please review privacy policies of linked sites
• Exercise caution when sharing information externally

Data Sharing Limitations:

• We share only necessary data with third parties
• All providers must meet our security standards
• We regularly audit third-party data practices
• We maintain data processing agreements

Your Choices:

• Opt out of analytics data sharing where possible
• Control third-party application access
• Review and revoke permissions as needed
• Contact us with concerns about third-party practices

We carefully select and monitor our third-party partners to ensure they maintain appropriate privacy and security standards.

Cookies and Tracking Technologies

We use various technologies to collect and store information:

Types of Technologies:

• Application data storage (local databases)
• Session tokens and authentication data
• User preference storage
• Analytics and performance tracking
• Crash and error reporting

Mobile App Data:

• Local caching for improved performance
• Offline content storage
• User settings and preferences
• Authentication tokens (securely stored)
• Usage analytics (anonymized)

Purposes:

• Maintain user sessions and authentication
• Remember your preferences and settings
• Improve app performance and reliability
• Understand user behavior and app usage
• Provide personalized content recommendations

Third-Party Analytics:

• Firebase Analytics for app performance
• Crash reporting for stability improvements
• Usage metrics for feature development
• Performance monitoring for optimization

Your Control:

• Clear app data and cache through device settings
• Disable analytics data collection in app settings
• Reset advertising identifiers on your device
• Control notification preferences
• Manage location services permissions

Data Retention:

• Analytics data retained for up to 2 years
• Session data cleared upon logout
• Cached content removed based on storage limits
• User preferences retained until account deletion

No Web Cookies:

• As a mobile-first platform, we don't use traditional web cookies
• Mobile app storage follows platform best practices
• Data collection is limited to essential app functionality
• No cross-site tracking or advertising cookies

You can control most data collection through your device's privacy settings and our app's privacy preferences.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time:

Notification Process:

• Significant changes will be announced at least 30 days in advance
• Minor updates may be implemented with shorter notice
• All users will be notified through email and in-app notifications
• Changes will be highlighted and explained clearly

Types of Changes:

• Legal compliance updates
• New feature privacy implications
• Enhanced privacy protections
• Clarifications and improvements
• Service provider changes

Your Rights Regarding Changes:

• 30-day review period for major changes
• Right to object to material changes
• Option to delete your account if you disagree
• Continued use constitutes acceptance of updates

Change Documentation:

• Previous versions archived and available for review
• Summary of changes provided with each update
• Effective date clearly stated
• Reason for changes explained

Our Commitment:

We will never make changes that:

• Significantly reduce your privacy rights without clear notice
• Use your content for AI training or generation
• Share your data for advertising without consent
• Compromise the core privacy principles of Lyrc

Staying Informed:

• Check this page regularly for updates
• Enable notifications for important policy changes
• Contact us with questions about changes
• Review changes before they take effect

We believe in transparency and will always communicate privacy policy changes clearly and in advance.