With Vybes you can inspire and get inspired by music from your friends by sending tracks to one another. Vybes is a social network and with that comes great responsibility in terms of privacy and data handling. At Momics (the company behind Vybes) we take that responsibility seriously.
We only store data that is needed to make the application tick. Below we describe what data we store, why we store and your rights as a user.
If you feel we could improve this policy in any way, please reach out to us at email@example.com.
Data we collect
Account and profile
In order to use Vybes you will need to create an account by connecting with your Spotify account. When you create an account we store your profile name, profile picture, your country code, subscription type and spotify id.
Your profile is public and can be found and seen by anyone in Vybes. In addition we offer a feature for every profile called 'Play Vybe' that allows anyone to listen to a sample of your musical taste. This music is comprised of your 'hypes' in Vybes and your top tracks in Spotify.
Your profile name: Vybes stores your Spotify profile name so your buddies can find you. Your profile name can be changed to anything you like inside the Spotify app.
Your profile picture: if your Spotify account has a profile picture it is stored and used throughout the app to personalize the experience and to allow your buddies to quickly identify you visually. Your profile image can be changed in the Spotify app.
Your country code: not all music is available in every country in Spotify. We store the country code (ISO 3166) associated with your Spotify account to check what music you and your friends are allowed to listen.
Your subscription type: we store what type of Spotify subscription you have to check if your account can make use of premium functionality such as ‘connect’ features: directly playing, pausing and queueing music from the Vybes app. Freemium users can still use Vybes, but playing tracks directly from the Vybes app is disabled by Spotify.
Your spotify id and uri: these are unique identifiers from spotify that we need to ensure there is only one ‘you’ on our platform and to create and edit playlists in your account.
Top tracks: your top tracks are not stored in our databases, but rather retrieved on demand through Spotify. They are used as a fallback for your personal 'vybe' on your profile page.
Followers & Buddies
By following someone on Vybes you can access their publicly shared vybes. If both of you follow each other, you become 'buddies' and you can share music directly with one another. Vybes stores who followed you and who you followed.
Shared tracks, comments & hypes
The core of Vybes is to share music and discuss it with your buddies. All shared tracks, comments and hypes are stored in our database. These 'messages' can only be accessed by those you've chosen to share them with. You can share tracks, comment and hype publicly in Vybes, in which case anyone can access the data.
When you ‘hype’ music in Vybes (with the fancy button) we store what you hyped and how often you pressed the button. This allows you to be expressive about how much you like certain music. Hypes are used to create a personal playlist on your profile page (button with 'Play Vybe' text) that is publicly accessible.
Text: the text that you typed when sending the message.
Track: if you've shared a track, we need to store the id of that track.
Context: we store the track you are listening to while sending a message, including the position in ms. This is displayed in the app with every message to ‘expose’ what you are listening to when sending messages. It is an extra level of musical inspiration for and from your buddies.
Users: we store who sent a message and who received it.
Reply to: if a message is a reply to another message, we store a reference to the original message.
Hype count: we store how often you hit the hype button.
Timestamps: with every message we store when the message was sent.
Playing & Queueing music
When you queue or play a track or a collection of tracks, we store this in our database. This allows us to conveniently match what you are listening to with the vybe it came from.
Reaching out to us
When reaching us through our support email, our email providers will store your email address so we can get back to you. Any personal data you choose to include in these emails will be directly available to our team. Please ensure you never share personal data with us other than needed to fulfill your query or request.
How we protect your personal data
We take the security of your data seriously and we take appropriate measures to prevent misuse, loss, unauthorized access, inappropriate disclosure and unauthorized modification. If you believe your personal data is not secured well enough, please reach out to our customer service via firstname.lastname@example.org. Momics has taken the following measures to protect your personal data:
Firewall Our servers are all protected with a firewall.
Closed database access Databases cannot be accessed directly from the network. Their addresses are not exposed to the web. Access is only possible within our the network of our infrastructure.
TLS All data transferred goes over a secure internet connection using TLS.
DKIM, SPF and DMARC Our customer service and other mail services use the G-mail service. G-mail uses DKIM, SPF and DMARC to prevent you from receiving emails on our behalf that contain viruses, are spam or are trying to acquire sensitive information from you.
DNSSEC DNSSEC is an additional security measure to DNS that converts a domain name to its matching IP address. It uses a digital signature that can be verified by you, the user. In this way we prevent you from being redirected to a fake IP address.
Storage of your personal data
Vybes stores data no longer than necessary to provide its services. We believe that Vybes becomes more powerful over time as you interact more and more about music with your buddies. All your personal data will be kept on our servers until you request us to remove it.
Account and data removal can be requested over email (email@example.com) for now. We will build a feature for this inside the app itself eventually. When requesting account removal, Vybes will remove all your personal data immediately. When your data is removed there is no way of retrieving it.
Analytics & crash reports
Vybes does not use any third party analytics. In order to keep in touch with our product and community we may run anonymous aggregations on any stored data. Examples of this may be; how many users do we have? How many shares are there per day? Do people send messages more often than hypes?
When investigating such questions, we will always do analysis anonymously. As mentioned earlier, we do not and never will store data that is only for the purpose of analytics. We only store data that has a functional benefit for you.
SIDENOTE: Because we have no Analytics setup we mostly rely on our community to provide us with feedback. So please feel free to reach out to us if you have any thoughts to share.
We use Sentry (https://sentry.io/) to keep track of fatal errors in the app (like crashes and errors) these contain no personal data.
Third party data sharing
Vybes does not share personal data with any third party unless requested by you, or to comply with any legal obligations.
Cookies & comparable technologies
Vybes does not use any (tracking) cookies except for an authentication cookie, which is used to verify that you are logged in to our service.
You have the right to view, correct or delete your personal data. You also have the right to request your consent to withdraw data processing or to object to the processing of your personal data by Momics and you have the right to data portability. This means that you can submit a request to us for any personal data that we have on you. We will then bundle all your personal data in a computer file and share this with you or any other organization mentioned by you.
You can send any request related to access, correction, deletion or transfer of personal data, cancellation of your consent or objection to the processing of your personal data to firstname.lastname@example.org.
To ensure that the request for access has been made by you, we ask you to send a copy of your ID with the request. Please make sure that you mask the following things with black before sending it: your passport photo, the MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN). This is to protect your privacy.
We will respond to your request as soon as possible, at least within four weeks. We also would like to point out that you always have the opportunity to file a complaint with the national supervisory authority (e.g. the Dutch Data Protection Authority). In the Netherlands this can be done using this link.
Momics https://momics.eu Eindhoven