Privacy Policy

Version: v2.2

Effective: May 25, 2026

Updated: May 24, 2026

This Privacy Policy explains how BandFan collects, uses, shares, and protects your personal information when you use our website and services.

Policy Scope

This policy applies to all users, including guests, registered fans, band owners, and admins. By using the Service, you consent to the data practices described here.

1. Data We Collect

A) Information You Provide Directly:

- Account Data: Username, email, password (hashed), name, age, avatar, and any future profile fields.

- Band Data: Band name, URL slug, biography, links, social media handles, visual style and theme, band member profiles, and donor/fan lists (if configured).

- Song & Content Data: Song titles, lyrics, publication status, artwork images, audio files in multiple quality levels or formats, videos, and release metadata.

- Permissions & Settings: Download permissions, public/private toggles, radio syndication consent, and band access and permission settings.

- Playlists: Tracks, order, name, and privacy status.

- Feedback & Reports: Any submissions via forms, including content reports.

B) Information Collected Automatically:

- Usage Data: Pages viewed, songs played, variants selected, comments posted, donation link clicks, playlist activity.

- Device & Log Data: IP address, browser type, operating system, referring URLs, and server logs.

- System Data: Timestamps, versioning info, error logs, and engagement analytics.

C) Information from Third Parties:

- Google Firebase: We use Firebase for authentication, database, and storage. Google's Privacy Policy governs how Google processes data on our behalf.

2. How We Use Your Data

- To provide, operate, and personalize the Service.

- Admin oversight: To monitor, restrict, suspend, or delete any user, content, or feature as needed for platform integrity.

- Enforcement: To detect violations of our audio provenance policy, prohibited content rules, or other Terms.

- Communication: Service announcements and support responses.

- Security and abuse prevention: To combat spam, malware, and policy violations.

- Analytics and improvement: To analyze usage patterns and troubleshoot errors.

- Future features: To enable planned features such as live streams, collaborations, social features, and radio syndication.

3. How We Share Your Data

With Other Users (Public Information):

- Your band profiles, public songs, public playlists, and comments are visible to all users.

- Your display name, avatar, and username are visible.

With Service Providers:

- Google Firebase and Google Cloud: Our primary infrastructure provider for authentication, database, and media storage. Data is processed subject to Google's terms and Privacy Policy.

- Hosting and CDN providers as required to deliver the Service.

- Third-party syndication and streaming platforms: If a band enables radio syndication or distribution features, the necessary audio, metadata, and artwork may be shared with those platforms.

For Legal Reasons and Business Transfers:

- To comply with applicable law, enforce our rights, or protect safety.

- In a merger, acquisition, or similar transaction, your data may be transferred, with reasonable notice where required.

No Sale of Personal Information: We do not sell your personal data to third parties.

4. Data Retention & Deletion

Retention: We retain your data for as long as your account is active or as needed to provide the Service and comply with legal obligations.

Deletion: You may request deletion of your account and personal data via account settings or by contacting us. We will delete your profile and personal data, subject to retaining de-identified or aggregated data and any data required for legal compliance (e.g., records of policy violations).

5. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data. To exercise these rights, contact katsman.nikita@gmail.com. We reserve the right to decline requests that are unreasonable, repetitive, or technically impractical.

6. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

7. Data Processing and International Transfers

Your data is processed primarily through Google Firebase's infrastructure (authentication, database, and storage), subject to Google's Privacy Policy and data processing terms. As a result, your data may be stored or processed in the United States or in other countries where Google operates data centers.

We implement reasonable security measures appropriate to the nature of the data we hold, but no method of transmission or storage is completely secure. By using the Service, you consent to your data being processed as described.

8. Changes to This Policy

We may update this policy at any time. Material changes will be communicated via the Service. Continued use after notice constitutes acceptance of the revised policy.

9. Contact

For privacy questions or data requests:

katsman.nikita@gmail.com

35/89 Chaiyaphruek Village Soi6, Moo 7, Nong Hoi, Mueang, Chiang Mai 50000, Thailand