Music Scope

Privacy Policy

Last updated: 28 April 2026

This Privacy Policy explains what personal data Music Scope collects when you use the Music Scope app and related services, why we process it, who we share it with, and what rights you have under the EU General Data Protection Regulation (GDPR). We operate from Germany and apply German and EU data protection law.

1. Controller

The controller responsible for the processing of your personal data within the meaning of Art. 4 GDPR is:

Marcel Witte
Hansastr. 56
49134 Wallenhorst
Germany

Phone: +49 176 6090 9331
Email: support@music-scope.com

2. Data We Collect

We collect only what we need to operate the service. In particular:

  • Account data: your email address and a securely hashed password.
  • Artist links: the public identifiers (Spotify, Beatport, SoundCloud, Traxsource, Shazam, Apple Music) of the artists you connect, and the public streaming and chart statistics those platforms expose for those artists.
  • Device fingerprint (DeviceCheck): a per-device identifier provided by Apple, stored together with your user ID. We use this only to prevent abuse of the free trial (one trial per device).
  • Push token: the Apple Push Notification service (APNs) token of your device, used to deliver event notifications.
  • Subscription status: your current subscription tier, trial state, and renewal status, as reported to us by Apple In-App Purchase via RevenueCat.
  • Crashes and errors: anonymised crash reports and error traces processed via Sentry. We configure Sentry to scrub personally identifiable information (PII) before transmission.

We do not collect special categories of personal data, and we do not run any advertising, analytics, or behavioural tracking on the app or on these legal pages.

3. Purposes of Processing

  • Providing the core Music Scope service (account, artist analytics, event feed, notifications).
  • Managing your subscription, trial, and billing status.
  • Preventing abuse of the free trial and of the service in general.
  • Maintaining the stability, security, and reliability of the app and backend.

4. Legal Basis

  • Art. 6(1)(b) GDPR — performance of a contract: for processing your account data, artist links, push token, and subscription status, since these are necessary to deliver the service you signed up for.
  • Art. 6(1)(f) GDPR — legitimate interests: for trial-abuse prevention via DeviceCheck and for crash and error monitoring via Sentry. Our legitimate interest is in offering a fair free trial and in keeping the service stable and secure. You can object to processing on this basis under Art. 21 GDPR (see Section 7).

5. Recipients and Sub-Processors

We use a small number of carefully selected sub-processors to operate the service. Where data is transferred outside the European Economic Area, we rely on the EU Standard Contractual Clauses (SCC) as the transfer mechanism.

  • Apple Inc. (USA) — Apple Push Notification service and In-App Purchase. Transfer based on SCC.
  • Supabase Inc. (USA, with database hosting in the EU / Frankfurt region) — managed PostgreSQL database and authentication. Transfer based on SCC.
  • RevenueCat, Inc. (USA) — subscription state management on top of Apple In-App Purchase. Transfer based on SCC.
  • Functional Software, Inc. (Sentry, EU hosting) — crash and error monitoring. Hosted in the EU.
  • dogado GmbH / netcup GmbH (Germany, Frankfurt) — VPS hosting for the Music Scope backend.

The streaming platforms we read public data from — Spotify, Beatport, SoundCloud, Traxsource, Shazam, Apple Music — are data sources, not recipients. We pull public data from them; we do not push your personal data to them.

6. Retention

  • Active accounts: retained for as long as the account exists.
  • Deleted accounts: a 30-day soft-delete window during which deletion can be reversed, after which the account and associated personal data are permanently deleted (hard-delete).
  • Backend logs: 90 days.
  • Sentry events: 90 days.

7. Your Rights

Under the GDPR, you have the following rights with respect to your personal data:

  • Access (Art. 15): obtain confirmation of whether and how we process your data, and a copy of it.
  • Rectification (Art. 16): have inaccurate or incomplete data corrected.
  • Erasure (Art. 17): have your data deleted. The fastest way to exercise this is the in-app Delete Account button. You can alternatively email us at support@music-scope.com.
  • Restriction (Art. 18): have processing of your data restricted under certain conditions.
  • Data portability (Art. 20): receive your data in a structured, commonly used, machine-readable format.
  • Objection (Art. 21): object to processing based on our legitimate interests.
  • Complaint to a supervisory authority (Art. 77): lodge a complaint with a data protection authority. The authority responsible for our processing is the Landesbeauftragte für den Datenschutz Niedersachsen (Lower Saxony State Commissioner for Data Protection).

To exercise any of these rights outside the app, contact us at support@music-scope.com.

8. Cookies and Tracking

The Music Scope app and these legal pages do not set cookies and do not contain tracking pixels, advertising IDs, or third-party analytics scripts.

9. Changes to This Policy

We may update this Privacy Policy from time to time, for example when we add features or change sub-processors. The current version is always available here, with the Last updated date at the top. For material changes that affect you, we will notify you via email or in-app notification.