Date of Last Revision: October 23, 2019
Thanks for choosing Anchor, a service offered by Spotify ("Anchor", "we", "our", "us"), which allows creators the opportunity to create, share and monetize podcasts.
We want to give you the best possible experience to ensure that you enjoy our service today, tomorrow and in the future. Your privacy and the security of your personal data is, and will always be, enormously important to us. So, we want to transparently explain how and why we gather, store, share and use your personal data - as well as outline the controls and choices you have around when and how you share your personal data. That is our objective, and this Privacy Policy (the "Policy") will explain what we mean in further detail below.
This Policy sets out the essential details relating to your personal data relationship with us when you use the Anchor website, mobile applications, and any other products and services that link to this Policy (collectively, the "Services").
From time to time, we may develop new or offer additional services. If the introduction of these new or additional services results in any change to the way we collect or process your personal data we will provide you with more information and additional terms or policies. Unless stated otherwise when we introduce these new or additional services, they will be subject to this Policy.
The General Data Protection Regulation or "GDPR" gives certain rights to individuals in relation to their personal data. As available and except as limited under applicable law, the rights afforded to individuals are:
In addition to the rights above, you always have the following choices regarding promotional communications and notifications:
If you have any questions about your privacy, your rights, or how to exercise them, please see the “How to contact us” section below for information on how to contact us. If you have concerns around our processing of your personal data, we hope you will continue to work with us to resolve them. However, you can also contact and have the right to lodge a complaint with the Swedish Data Protection Authority (Datainspektionen) or your local Data Protection Authority.
We collect personal data that you provide to us:
Categories of personal data | Description of category |
---|---|
User Data | If you are a creator, you will be required to provide certain required personal data to create an account, such as your name, email address, password, and address. You also have the option to provide us other information about yourself, such as a profile photo, biography, country information, and website. |
Payment and Purchase Data | If you are a listener and choose to support a creator, we collect your name and email address. Our payment processor collects your payment information. |
Payment and Purchase Data | Contests, Surveys and Sweepstakes Data When you complete any forms, submit a survey, or participate in a contest, we collect the personal data you provide. |
When you use the Services, we collect certain data automatically. Usage Data includes:
Categories of personal data | Description of category |
---|---|
User content | When you create and share content using our Services, we collect any personal data included in that content. |
Log data | Information that your browser automatically sends whenever you use the Services. Log Data includes your Internet Protocol (“IP”) address, browser type and settings, the date and time of your request, and how you interacted with the Services. |
Cookies | Information from cookies stored on your device. Please see our Cookie Policy to learn more about how we use cookies. |
Device information | Includes type of device you are using, operating system, settings, unique device identifiers, network information and other device-specific information. Information collected may depend on the type of device you use and its settings. |
Other usage information | We collect information about how you use our Services and Spotify’s other services, such as the types of content that you post or listen to, the features you use, the actions you take, the other Users you interact with and the time, frequency and duration of your activities. |
Categories of personal data | Description of category |
---|---|
Data from Social Media Services | If you create an account or log in to the Services using credentials from social media services such as Facebook, Google, or Twitter (“Social Media Services”), we will have access to certain information from that Social Media Service, such as your name and email address in accordance with the authorization procedures determined by such Social Media Service. |
When you use or interact with the Services, we use a variety of technologies to process the personal data we collect about you for various reasons. We have set out in the table below the reasons why we process your personal data, the associated legal bases we rely upon to legally permit us to process your personal data, and the categories of personal data (identified in Section 4) used for these purposes:
Description of why Anchor processes your personal data ('processing purpose') | Legal Basis for the processing purpose | Categories of personal data used by Anchor for the processing purpose |
---|---|---|
To provide, personalize, and improve our Services, for example, by allowing creators to create and distribute their content and to allow listeners to support that content. |
|
|
To provide, personalize, and improve your experience with the Services and other services and products provided by Spotify, for example by providing customized, personalized, or localized content, recommendations, features, and advertising. |
|
|
To understand how you access and use the Services to ensure technical functionality of the Services, develop new products and services, and analyze your use of the Services, including your interaction with applications, advertising, products, and services that are made available, linked to, or offered through the Services. |
|
|
To communicate with you for Service-related purposes. |
|
|
To process your payment to prevent or detect fraud including fraudulent payments and fraudulent use of the Services. |
|
|
To communicate with you, either directly or through one of our partners, for marketing, research, participation in contests, surveys and sweepstakes, promotional purposes, via emails, notifications, or other messages, consistent with any permissions you may have communicated to us. |
|
|
To comply with legal obligations and legal process, respond to requests from public and government authorities including public and government authorities outside your country of residence; enforce our Terms of Use; and to protect our rights, privacy, safety or property of others. |
|
|
We keep your personal data only as long as necessary to provide you with the Services and for legitimate and essential business purposes, such as maintaining the performance of the Services, making data-driven business decisions about new features and offerings, complying with our legal obligations, and resolving disputes. We keep some of your personal data, such as your user data and user content, for as long as you are a user of the Services.
If you have elected to receive marketing communications from us, we retain information required to send these communications until you opt out of receiving these communications in accordance with our policies.
Spotify USA, Inc. is based in the United States and we process and store personal data in the United States and other countries. Therefore, we and our service providers may transfer your personal data to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it.
If you are accessing our Services from the EU/EEA or other regions, please note that your personal data will be transmitted to our servers in the United States and the data may be transmitted to our service providers supporting our business operations (described above). In such instances we will ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical, and organizational measures are in place such as the Standard Contractual Clauses approved by the EU Commission.
Please note that this Policy only applies to the Services. When using the Services, you may find links to other websites not operated or controlled by us (“Third Party Sites”), including the Social Media Services. The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Policy. By providing these links we do not imply that we endorse or have reviewed these Third Party Sites. Please contact any Third Party Sites directly for information on their privacy practices and policies.
We are committed to protecting our users’ personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data; however, please note that no system is ever completely secure. We have implemented various policies including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.
Your password protects your user account, so we encourage you to use a strong password that is unique to your Anchor account, never share your password with anyone, limit access to your computer and browser, and log out after having used the Services.
The Services are not directed to children under the age of 13 years. The Services are also not offered to children whose age makes it illegal to process their personal data or requires parental consent for the processing of their personal data under the GDPR or other local law.
We do not knowingly collect personal data from children under 13 years or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, please do not use the Services, and do not provide any personal data to us.
If you are a parent of a child under the Age Limit and become aware that your child has provided personal data to us, please contact us, and you may request exercise of your applicable rights detailed in the ‘Your rights and your preferences: Giving you choice and control’ Section 3 of this Policy.
If we learn that we have collected the personal data of a child under the age of 13 years, we will take reasonable steps to delete the personal data. This may require us to delete the Anchor account for that child.
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, in case of material changes, we will provide you with additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review the Policy whenever you access the Services or otherwise interact with us to stay informed about our information practices and the choices available to you.
Thank you for reading our Policy. If you have any questions about this Policy, please contact our Data Protection Officer by emailing privacy@spotify.com or by writing to your relevant data controller at the address below.
Data controller if you reside in the US:
Data controller if you reside in any other country than the US: