Privacy Policy

Information you provide: email address, username and display name, profile information you choose to add (bio, status, location, genres, avatar), posts and ratings you create, and reports you file about other users or content.

Information collected automatically: device type, operating system, app version, push notification tokens, IP address (for security and abuse prevention), in-app usage events, crash and error logs.

Information from third parties: when you search for songs or follow artists, we send queries to Apple Music's API. We do NOT receive your personal Apple Music history. We only receive the song or artist metadata you searched for.

• Provide and operate the Service
• Authenticate your account and prevent fraud
• Show you content from people and artists you follow
• Send push notifications you've opted into (drop alerts, follower activity)
• Improve the Service through analytics and crash reporting
• Respond to your support requests
• Enforce our Terms and protect against abuse
• Comply with legal obligations

We do NOT sell your personal information to third parties.

By default, your profile (username, display name, avatar, bio, claims, ratings, posts) is public to other Notabl users. You can adjust some visibility settings in the App.

Other Notabl users can see:

• Your public profile
• Songs you've claimed and your tier/position
• Songs you've rated (if your profile is public)
• Posts you've written
• Your follower and following lists
• Artists you follow

• Supabase — hosts our database, authentication, and storage
• Apple Push Notification Service — delivers notifications to your iPhone
• PostHog — product analytics for understanding app usage
• Apple Music API — song and artist metadata lookup

Each of these services has its own privacy policy and data handling practices.

We retain your information for as long as your account is active. If you delete your account, we will delete or anonymize your personal information within 30 days, except: information needed for legal compliance, backup copies maintained for up to 90 days, and anonymized analytics that cannot be linked back to you.

Depending on your location, you may have rights to:

• Access the personal information we hold about you
• Correct inaccurate information
• Delete your account and personal information
• Object to or restrict certain processing
• Export your data in a portable format
• Withdraw consent for processing where consent is the legal basis

To exercise these rights, email privacy@notabl.fm. We will respond within 30 days.

California residents have additional rights under CCPA / CPRA. EU/UK residents have rights under GDPR including the right to lodge a complaint with your local data protection authority.

Notabl is not intended for children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information, contact privacy@notabl.fm and we will delete it.

We implement reasonable security measures including encryption in transit (HTTPS), encrypted storage, row-level security on user data, and access controls. No method of transmission over the internet is 100% secure, however, and we cannot guarantee absolute security.

Our servers are located in the United States. By using Notabl, you consent to your information being transferred to and processed in the U.S., which may have different data protection laws than your country.

We may update this Privacy Policy. Material changes will be communicated through the App or by email. The "Last updated" date at the top reflects the current version.

For privacy questions or requests, email privacy@notabl.fm. For general questions, contact@notabl.fm.