Privacy Policy

1. Introduction

Welcome to JamSetlist ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

JamSetlist helps musicians display their PDF songbooks stored in Google Drive on JamSetlist.com and on Fire TV devices, record jam sessions, and manage their setlists.

2. Google API Services User Data Policy

We access Google Drive data solely for the purpose of displaying your PDF songbooks on your Fire TV device. We do not use this data for any other purpose, and we do not share it with third parties.

3. Information We Collect

3.1 Google Account Information

When you sign in with Google, we collect:

• Your email address
• Your name
• Your profile picture
• Google account ID

3.2 Google Drive Access

With your explicit permission, we access:

• Folder and file metadata only - We read the names, IDs, and types of files in your selected Google Drive folder
• Folder ID - We store the ID of the Drive folder you select to display on your Fire TV
• OAuth access and refresh tokens - Securely encrypted tokens that allow us to access your Drive folder on your behalf

Important: We only access folder and file metadata (names, IDs, file types). We do NOT access, read, modify, or delete the contents of your PDF files. PDF files are accessed directly by your Fire TV app using public sharing links you configure.

3.3 Usage Data

We collect information about how you use JamSetlist:

• Jam session recordings and metadata (song names, timestamps)
• Number of jam sessions created
• Last login date
• Device information (Fire TV, mobile device types)
• Feature usage (which features you use most)

3.4 Payment Information

If you subscribe to a paid plan, we collect:

• Subscription tier and status
• Payment information (processed securely by Stripe - we do not store your credit card details)
• Billing history

4. How We Use Your Information

We use your information to:

• Provide our service - Display your Google Drive PDF songbooks on your Fire TV
• Authenticate you - Verify your identity when you sign in
• Store your recordings - Save and manage your jam session recordings
• Manage subscriptions - Process payments and enforce subscription limits
• Improve our service - Analyze usage patterns to enhance features
• Communicate with you - Send important service updates and respond to support requests
• Comply with legal obligations - Respond to legal requests and prevent fraud

5. How We Store and Protect Your Data

5.1 Data Storage

• Database - User account information, subscription data, and Drive folder IDs are stored in a secure PostgreSQL database
• OAuth Tokens - Access and refresh tokens are encrypted and stored securely in JSON Web Tokens (JWT)
• Recordings - Jam session recordings are stored in Amazon S3 with encryption at rest
• Session Data - Temporary session data is stored in Redis cache

5.2 Security Measures

• All data transmission is encrypted using HTTPS/TLS
• OAuth tokens are encrypted at rest
• Database access is restricted and monitored
• Regular security audits and updates
• Access controls and authentication for all services

6. Data Sharing and Third Parties

We do not sell your personal information. We share your data only in these limited circumstances:

6.1 Service Providers

• Google - For authentication and Drive folder access (via OAuth)
• Stripe - For payment processing (subscription billing)
• Amazon Web Services (AWS) - For hosting and storage infrastructure

6.2 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights and safety.

6.3 Business Transfers

If JamSetlist is acquired or merged with another company, your information may be transferred to the new owner.

7. Your Rights and Choices

You have the following rights regarding your data:

7.1 Access Your Data

You can view your account information and settings at any time by logging into your JamSetlist account.

7.2 Revoke Google Drive Access

You can revoke JamSetlist's access to your Google Drive at any time by:

• Visiting your Google Account Permissions
• Finding "JamSetlist" in the list
• Clicking "Remove Access"

7.3 Delete Your Account

You can delete your JamSetlist account by visiting your Settings page or emailing us at support@jamsetlist.com. When you delete your account:

• Your account information is permanently deleted
• Your jam session recordings are deleted
• Your subscription is canceled
• OAuth tokens are revoked and deleted

Note: We may retain certain information for legal compliance, fraud prevention, or dispute resolution for up to 90 days.

7.4 Export Your Data

You can request a copy of your data by emailing support@jamsetlist.com. We will provide your data in a machine-readable format within 30 days.

7.5 Opt-Out of Communications

You can opt out of promotional emails by clicking the "unsubscribe" link in any email. You cannot opt out of essential service communications (e.g., security alerts, billing notifications).

8. Data Retention

We retain your data for the following periods:

• Account data - Until you delete your account
• OAuth tokens - Until you revoke access or delete your account
• Jam session recordings - Until you delete them or delete your account
• Payment records - 7 years for tax and legal compliance
• Deleted account data - Purged within 90 days (except payment records)

9. Children's Privacy

JamSetlist is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of JamSetlist after any changes indicates your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: