Privacy Policy

SoundOff (“SoundOff,” “we,” “us”) operates the SoundOff website at playsoundoff.comand the SoundOff iOS app (together, the “Service”). SoundOff is a music discovery game for friend groups: you join private leagues, submit songs on a theme, and vote on each other’s picks. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have.

We do not sell your personal information, we do not show you ads, and we do not build advertising profiles about you.

1. Information you give us

• Account information. When you sign up, we collect your email address and (if you use email/password sign-in) a password, which is stored as a salted hash by our authentication provider.
• Profile information. Display name, optional bio, optional avatar image, and profile visibility preference (public, league-only, or hidden).
• Game content. Leagues you create or join, songs you submit (including track title, artist, album, artwork URL, release year, genre, and any optional note you attach), votes you cast (and any in-progress vote drafts), and messages you post in league chat.
• Support requests. If you contact us through our support form or by email, we receive your name, email address, and the contents of your message.

2. Information collected automatically

• Device and session data. IP address (used for rate limiting and abuse prevention), browser or app user agent, approximate time zone (used to format deadlines), and authentication session cookies or tokens.
• Diagnostic data. Crash reports and error traces from the website and iOS app, sent to our error-monitoring provider. We have configured this service to omit personally identifying information from default reports.
• Push notification tokens. If you grant notification permission in the iOS app, we receive a device-specific token from Apple Push Notification service so we can send you league updates.

3. Information from connected services

• Apple Music.If you use Apple Music in the app, your Apple Music user token is requested through Apple’s MusicKit on your device. We use it to search the Apple Music catalog and create round playlists when you choose to.
• Music metadata. When you submit a song, we may look up supplementary metadata (such as genre tags) from third-party music databases like MusicBrainz using only the track and artist names.

4. iOS app permissions

The iOS app asks for the following permissions, only when you use the feature that needs them:

• Camera and Photo Library. Used only to let you choose or take a profile picture. Photos are not uploaded automatically; only the file you select is sent to our servers.
• Notifications. Used to deliver league activity alerts (new rounds, voting open, deadlines approaching, results ready). You can change this at any time in iOS Settings.

The app does not collect location, contacts, microphone audio, health data, or advertising identifiers.

• To create and operate your account and your leagues.
• To accept your song submissions and votes, and to compute round results.
• To create Spotify and Apple Music playlists for each round at your request.
• To send transactional emails about your leagues (round opens, submission and voting reminders, results), and push notifications if you have opted in. You can unsubscribe from emails using the link in any email or by contacting us.
• To respond to your support requests.
• To prevent abuse, rate-limit requests, detect bots on public forms, and protect the integrity of the Service.
• To diagnose crashes and fix bugs.
• To comply with legal obligations.

If you are in the European Economic Area or the United Kingdom, we process your information under the following GDPR legal bases:

• Performance of a contract — to provide the Service you signed up for (running leagues, accepting submissions and votes).
• Legitimate interests — to keep the Service secure, prevent abuse, and improve reliability.
• Consent — for push notifications, marketing email (if any), and connecting third-party music services. You can withdraw consent at any time.
• Legal obligation — when we must retain or disclose information to comply with applicable law.

With other users in your leagues. Your display name, avatar, bio (subject to your visibility setting), submissions, votes, and chat messages are visible to other members of leagues you join. Votes are shown anonymously to other players during a round and are only attributed after results are revealed, as described in-app.

With service providers (“processors”). We use the following vendors to operate the Service. Each only processes data on our behalf and is bound by their own privacy commitments:

• Supabase: database, authentication, file storage (avatars), and background functions.
• Vercel: website and API hosting.
• Resend: sending transactional and support email.
• Upstash: Redis-backed rate limiting (stores hashed IPs and short-lived counters).
• Cloudflare Turnstile: bot protection on our public support form.
• Sentry: crash and error monitoring.
• Apple Push Notification service: delivering push notifications to iOS devices.
• Spotify: when you submit songs or generate round playlists, we send track and search queries to Spotify.
• Apple Music: only when you opt in and grant MusicKit access on your device.
• MusicBrainz: looking up public song metadata using track and artist names.

For legal reasons. We may disclose information if we believe in good faith that disclosure is required by law, legal process, or to protect the rights, property, or safety of SoundOff, our users, or the public.

In a business transfer. If SoundOff is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you and continue to honor this Policy.

We do not sell your personal information, and we do not share it with third parties for cross-context behavioral advertising.

We keep your account information and game content for as long as your account is active. When you delete your account, we delete your profile, submissions, votes, chat messages, league memberships, push tokens, and connected-service tokens. Leagues you created may continue to exist for the remaining members, with your content removed or attributed to a deleted user.

Backups, audit logs, error reports, and email delivery logs may persist for a limited period (typically up to 90 days) before being overwritten in the ordinary course of operations.

• Access and update. View and edit your profile, bio, avatar, and visibility setting from Settings.
• Email preferences. Use the unsubscribe link at the bottom of any email, or visit /unsubscribe.
• Push notifications. Toggle them in iOS Settings or in the app.
• Delete your account. You can permanently delete your account from Settings. This action cannot be undone.
• Region-specific rights. Depending on where you live (for example, the EEA, UK, California, or other US states with privacy laws), you may have additional rights — including the right to access, correct, port, or delete your personal information, to object to or restrict certain processing, and to lodge a complaint with your local data protection authority. To exercise any of these, email us at support@playsoundoff.com.

We use industry-standard measures to protect your information, including TLS in transit, encryption at rest for our database and file storage, hashed passwords, row-level security on our database, and limited internal access. No system is perfectly secure; please use a strong, unique password and let us know if you suspect your account has been compromised.

SoundOff is operated from the United States, and our service providers may process information in the United States and other countries. Where required, we rely on appropriate safeguards (such as the European Commission’s Standard Contractual Clauses) for international transfers of personal information.

SoundOff is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@playsoundoff.com and we will delete it.

The Service includes links to third-party websites and the catalogs of Spotify and Apple Music. This Policy does not apply to those services. We recommend reviewing the privacy policies of any third-party service you interact with, including Spotify and Apple.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by updating the “Last updated” date above and, where appropriate, by email or an in-app notice. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.

Questions about this Privacy Policy or your information? Email us at support@playsoundoff.com or use the support form.