Skip to main content

Privacy Policy

Effective date: January 28, 2026

Controller

Mario Stjepanovic (“Muselink”, “we”, “us”, “our”)

Contact: support@muselink.app

This Privacy Policy explains how we collect, use, share, and protect personal data when you use the Muselink app and related services (the “Service”).

1. Scope

This policy applies to personal data processed through the Muselink app and the Service. It does not cover third-party services you may access through Muselink (for example, external social platforms you share to). Their policies apply to their services.

2. What Data We Collect

We collect the following categories of personal data:

2.1 Account and profile data

  • Email address (if you sign in with email)
  • Sign-in identifiers from Apple or Google (if you use those sign-in methods)
  • Date of birth (required for age verification)
  • Profile information you choose to provide (for example: username, roles, genre hashtags, and similar profile fields)

2.2 User content you provide

  • Audio files you upload to Muselink (including files shared in chat)
  • Messages and chat content (including metadata needed to deliver and display chat)
  • Any text or metadata you attach to uploads (for example: project goal tags)

2.3 Connection and activity data

  • Matches and connections (who you matched with)
  • Likes (your “Like/Save” actions shown in Activity → Likes)
  • Reports and blocks you create, and reports made about you (to support safety and enforcement)

2.4 Location data (if you allow it)

  • Approximate or precise location data (depending on your device permission settings) used to support location-based discovery and to show nearby creators.

2.5 Usage and device data (analytics and reliability)

  • App interaction events (for example: impressions, taps, playback starts, skips)
  • Technical logs needed to operate and secure the Service (for example: timestamps, device/OS, and identifiers used for session integrity and abuse prevention)

3. Why We Use Your Data (Purposes)

3.1 Provide and operate the Service

  • Create and manage your account
  • Enable discovery, playback, uploading, matching, and chat
  • Convert uploaded audio to the Service’s supported format (MP3)
  • Enforce feature rules such as expiring chat attachments (48 hours after upload completion)

3.2 Safety and enforcement

  • Prevent, detect, and investigate abuse, fraud, and violations
  • Screen images and content using automated moderation systems to detect prohibited material (such as adult or violent content)
  • Process user reports and blocks
  • Remove content or restrict accounts that violate rules

3.3 Improve the Service

  • Understand feature usage, performance, and stability
  • Debug crashes, fix errors, and optimize reliability

3.4 Communicate with you

  • Send service-related messages (for example: verification emails, important service notices, and safety-related communications)

4. Legal Basis (EEA/UK)

Where GDPR applies, we process personal data under these legal bases:

  • Contract: to provide the Service you request (account, uploads, matching, chat).
  • Legitimate interests: to secure the Service, prevent abuse, and improve performance (balanced against your rights).
  • Consent: where required, such as for location permissions and certain device-level permissions you can control.
  • Legal obligation: where we must comply with applicable law or lawful requests.

5. How We Share Your Data

5.1 With other users (as part of the Service)

  • Your profile and uploaded audio are shown to other users through discovery and matching.
  • Your chat messages and shared audio are shared with the matched user(s) you send them to.
  • Blocking affects visibility and interaction between you and the blocked user as implemented in the app.

5.2 With service providers (processors)

We use third-party providers to host, store, and deliver the Service (for example: database, file storage, analytics/logging, and infrastructure). These providers process personal data on our behalf under contractual obligations and security controls.

Muselink currently uses Supabase for core backend infrastructure (database/auth/storage) as part of operating the Service. Supabase offers a Data Processing Addendum for GDPR-related processing.

Muselink may use Google Cloud Vision or similar services for automated image content moderation. Images shared through the Service may be analyzed by these providers solely for safety screening purposes.

5.3 For legal reasons

We may disclose data if required by law, court order, or lawful government request, or to protect the rights, safety, and security of users and the Service.

5.4 Business changes

If Muselink is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

6. International Transfers

Your data may be processed in countries outside Norway/EEA depending on where service providers operate. When transfers outside the EEA occur and GDPR applies, we aim to use appropriate safeguards (such as contractual protections) where required.

7. Data Retention

We retain personal data only as long as necessary for:

  • providing the Service,
  • safety and abuse prevention,
  • legal compliance, and
  • resolving disputes.

Retention can differ by data type. For example:

  • Chat attachments expire after 48 hours after upload completion, meaning access is removed after that time.
  • Safety logs and enforcement records may be retained longer to prevent repeat abuse and comply with legal obligations.

8. Your Rights (GDPR)

If GDPR applies to you, you have rights that may include:

  • Access: request a copy of your personal data.
  • Rectification: correct inaccurate or incomplete data.
  • Deletion: request deletion of your personal data.
  • Restriction: limit processing in certain cases.
  • Objection: object to processing based on legitimate interests.
  • Portability: receive certain data in a portable format.
  • Withdraw consent: where we rely on consent (for example, location), you can withdraw by changing device settings.

To exercise rights, contact: support@muselink.app

We may need to verify your identity before responding.

Complaints: You also have the right to lodge a complaint with your relevant data protection authority. In Norway, that is Datatilsynet.

9. Account Deletion

You can delete your account directly within the app via Privacy & Account settings. You may also request account deletion by contacting support@muselink.app.

10. Security

We use reasonable technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children (13+)

Muselink is intended for users aged 13 and older. If we learn that we have collected personal data from someone under 13, we will take steps to delete it.

12. Campaigns, Reposts, and Interviews

  • Muselink does not use your content in marketing without permission.
  • If you voluntarily participate in a campaign that explicitly asks users to tag content with “#muselinkapp” for reposting, you are choosing to make that content discoverable for possible reposting by Muselink channels. You can ask us to stop future reposting by contacting support@muselink.app.
  • If we ask you to participate in an interview or creator story, we will request explicit consent before publication.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice within the app or by other reasonable means. The effective date at the top will be updated.

14. Contact

For privacy questions, requests, or complaints: support@muselink.app