Last Updated: July 6, 2025

1. Introduction

SonicCrypt ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [Your Domain Name, e.g., soniccrypt.com], (collectively, the "Platform"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Platform.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date of this Privacy Policy. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect on the Platform includes:

2.1. Personally Identifiable Information (PII)

When you register on the Platform, we collect your chosen username, email address, and a hashed version of your password. Optionally, you can provide a display name (e.g., artist/DJ name), a biography, a website URL, links to your social media profiles (e.g., Facebook, Instagram), your Mixcloud, SoundCloud, or Twitch URLs, YouTube embed codes for your profile, and your preferred timezone. If you upload a profile picture, this image file is also stored.

When you use our contact form, we collect your name, email address, subject, and the message you send.

When you participate in our forum, your posts and topic creations are stored and associated with your user profile.

2.2. Content Data You Provide

If you are an artist or DJ, we collect the music files (MP3, WAV), cover art, release metadata (titles, dates, descriptions, genres, licenses), and event details (titles, dates, times, venues, descriptions, flyers, ticket links, recurrence rules, event timezone) you upload or create on the Platform.

2.3. Derivative Data (Log Data & Cookies)

Our servers automatically collect standard log data when you access the Platform, such as your IP address, browser type, operating system, access times, and the pages you have viewed. This information is used for system administration, security monitoring, and to analyze Platform usage for improvement purposes. Your IP address is not directly linked to your PII except where necessary for security or legal reasons.

We use cookies to enhance your experience on our Platform. Cookies are small text files stored on your device. Please see Section 5 ("Tracking Technologies & Cookies") for more details.

2.4. CAPTCHA Data

For spam protection during registration, password reset requests, and contact form submissions, we use an image-based CAPTCHA. The text you enter is compared against a value stored temporarily in your server-side session. This CAPTCHA data is not stored довгостроково after the session ends.

3. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Platform to:

• Create and manage your account, including sending account confirmation and password reset emails via our email service provider (Resend).
• Operate and maintain the Platform, including its forum, music archive, and event listings.
• Display your public profile, uploaded music, events you created, and forum contributions to other users and the public.
• Enable user-to-user interactions within the forum and release comments.
• Respond to your inquiries submitted through the contact form, using your provided email to reply.
• Personalize your experience, for example, by using your chosen timezone for event display defaults.
• Monitor and analyze usage and trends to improve the Platform and user experience.
• Protect the security and integrity of our Platform, for example, by using CAPTCHAs.
• Comply with legal obligations and enforce our Terms of Service.

4. Disclosure of Your Information

We do not sell your personal information. We may share information we have collected about you in certain situations:

• Publicly Displayed Information: Your username, display name, public profile information (bio, social media links, etc. if you provide them), your uploaded releases, created events, and forum posts are publicly visible on the Platform.
• Third-Party Service Providers: We use Resend (resend.com) as our email delivery service provider to send transactional emails such as account confirmations, password resets, and notifications from our contact form. We share your email address and the necessary content for these emails with Resend. Resend's use of your information is governed by their privacy policy. [Consider adding a link to Resend's Privacy Policy here].
• By Law or to Protect Rights: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies (including our Terms of Service and Takedown Policy), or to protect the rights, property, and safety of SonicCrypt, our users, or others, we may share your information as permitted or required by any applicable law, rule, or regulation.
• Aggregated/Anonymized Data: We may use or share aggregated or anonymized data, which does not identify you personally, for research or analytical purposes.

5. Tracking Technologies & Cookies

Our Platform uses cookies to ensure its proper functioning, enhance security, and improve your user experience. A cookie is a small text file stored on your computer or mobile device by your web browser.

5.1. Technically Necessary Cookies

These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site (e.g., your user dashboard). Without these cookies, services like user login and form submissions cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you've been on the internet.

• Session Cookies (e.g., `session`): Used by Flask-Login to manage your login session. This cookie allows you to stay logged in as you navigate the Platform. It is typically deleted when you close your browser.
• CSRF Token Cookies (e.g., `csrf_token`): Used by Flask-WTF to protect against Cross-Site Request Forgery attacks when you submit forms. This is a security measure.
• CAPTCHA Session Data: When you interact with our image-based CAPTCHA (during registration, password reset requests, or contact form submissions), a temporary value representing the CAPTCHA text is stored in your server-side session, which is identified by a session cookie. This is necessary to verify your input. This data is not stored long-term.
• "Remember Me" Cookie (Flask-Login): If you select the "Remember Me" option during login, a persistent cookie is stored on your device to keep you logged in for a longer period. This is a convenience feature you explicitly choose.

Because these cookies are strictly necessary for the operation of the Platform, they do not require your prior consent under current interpretations of ePrivacy regulations and GDPR. However, we inform you about their use here.

5.2. Third-Party Cookies and Embedded Content

YouTube Videos

Our Platform allows users (artists/DJs) to embed YouTube videos on their profiles. To protect your privacy, we strive to ensure these videos are embedded using YouTube's "privacy-enhanced mode" (using the `youtube-nocookie.com` domain). When this mode is used, YouTube will not store information about visitors on our Platform unless they play the video.

Once you click on a YouTube video player, YouTube may set cookies on your computer or device and collect information in accordance with its own privacy policy. We do not control the setting of these cookies by YouTube. For more information, please review Google's Privacy Policy (as YouTube is a Google service).

Links to Other Websites

Our Platform contains links to other websites (e.g., social media links in user profiles, ticket links for events). If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

5.3. Managing Cookies

Most web browsers allow you to control cookies through their settings preferences. You can usually set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Platform (e.g., you might not be able to stay logged in).

6. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. This includes hashing passwords, using CSRF protection, and implementing CAPTCHAs. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable.

7. Data Retention

We will retain your personal information for as long as your account is active or as needed to provide you with services. Log data may be retained for a shorter period for security and analytical purposes. We will also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

You have the right to request the deletion of your account. When you delete your account, the following actions are taken:

• Anonymization: Your personal information in our active systems (email address, profile information, social links, etc.) will be permanently removed or overwritten, and your account will be anonymized. Any remaining public content, such as forum posts, will be attributed to "[Deleted User]".
• Content Unpublishing: Content you have created, such as music releases and events, will be unpublished. They will no longer be visible or downloadable on the Platform.
• Legal Archival: To comply with our legal obligations and to aid in the resolution of disputes or the investigation of copyright or policy violations, we archive a minimal set of your original registration data (e.g., user ID, email address, username) in a separate, secure system. This data is held for a limited, legally required period and is not used for any operational purpose before being permanently erased.

You can initiate the account deletion process from your user dashboard.

8. Your Rights (e.g., under GDPR)

Depending on your jurisdiction (especially if you are in the European Economic Area - EEA), you have certain data protection rights. These may include the right to:

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data (data portability).
• Withdraw consent at any time (where processing is based on consent).

To exercise any of these rights, please contact us using the details provided in our Imprint or via our Contact Form. We may need to verify your identity before responding to such requests.

9. Policy for Children

Our Platform is not intended for children under the age of 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.

10. Contact Us

If you have questions or comments about this Privacy Policy, please contact us via the details in our Imprint or by using our Contact Form.

Back