Privacy Policy

1. Information We Collect

Information you provide directly:

• Account information: Email address, name (optional), profile picture (optional)
• Countdown data: Song votes, shortlists, countdown settings
• Payment information: Processed securely by our payment provider (Polar.sh). We do not store your card details.

Information collected automatically:

• Usage data: Pages visited, features used, actions taken
• Device information: Browser type, operating system, device type
• Log data: IP address, access times, referring URLs

Information from third parties:

• Authentication providers: If you sign in via Google or other providers, we receive your email and basic profile information
• Spotify: If you connect Spotify, we access your Spotify user ID to enable playlist export (we do not access your listening history)

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our service
• Process transactions and send related information
• Send administrative emails (account confirmations, voting reminders, countdown notifications)
• Respond to your comments, questions, and support requests
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and fraud

We do not:

• Sell your personal information to third parties
• Use your data for advertising purposes
• Share your individual votes with other countdown members (votes are private until reveal)

3. Third-Party Services

We use the following third-party services to operate Countdown Party:

4. Data Retention

• Account data: Retained while your account is active. Deleted upon account deletion request.
• Countdown data: Retained indefinitely to preserve your countdown history. Votes are anonymized if you delete your account.
• Payment records: Retained for 7 years as required for tax and accounting purposes.
• Log data: Retained for 90 days, then deleted.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/HTTPS)
• Encryption of sensitive data at rest (OAuth tokens, payment references)
• Row-Level Security (RLS) ensuring countdown data isolation
• Regular security audits of our codebase and dependencies
• Access controls limiting employee access to personal data

6. Your Rights (Australian Privacy Principles)

Under Australian privacy law, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your account and associated data
• Complaint: Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the Privacy Act

To exercise these rights, contact us at: privacy@countdown.party

We will respond to requests within 30 days.

7. International Data Transfers

Our service providers may store data in countries outside Australia (primarily the United States). We ensure appropriate safeguards are in place through:

• Selecting providers with strong privacy practices
• Contractual protections requiring data protection standards
• Using providers that participate in recognized data protection frameworks

8. Children's Privacy

Countdown Party is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date
• Sending an email notification for material changes

10. Contact Us

If you have questions about this Privacy Policy or our privacy practices:

Email: privacy@countdown.party