Skip to content
Spotify
  • Premium
  • Support
  • Download
  • Sign up
  • Log in
  • Legal
  • Terms and Conditions of Use
  • Copyright Policy
  • Privacy Policy
  • User Guidelines
  • Premium Offer Terms

Spotify Privacy Policy

Effective as of 1 September 2021

  1. About this Policy
  2. Your personal data rights and controls
  3. Personal data we collect about you
  4. Our purpose for using your personal data
  5. Sharing your personal data
  6. Data retention and deletion
  7. Transfer to other countries
  8. Keeping your personal data safe
  9. Children
  10. Changes to this Policy
  11. How to contact us

To help you understand this Policy, our privacy videos bring privacy at Spotify to life.

1. About this Policy

This Policy describes how we process your personal data at Spotify AB

It applies to your use of:

  • all Spotify streaming services as a user. This includes use of these services under our free or paid options (each a "Service Option"); and
  • other Spotify services which include a link to this Privacy Policy (e.g. Spotify websites, Customer Support and the Community Site).

From now on, we'll collectively call these the "Spotify Service".

From time to time, we may develop new or offer additional services. They'll also be subject to this Policy, unless stated otherwise when we introduce them.

This Policy is not...

  • the Spotify Terms of Use. That's a separate document, outlining the legal contract between you and Spotify for using the Spotify Service. It also describes the rules of Spotify and your user rights.
  • about your use of other Spotify services which have their own dedicated privacy policy, such as Anchor, Soundtrap, Megaphone and Greenroom.

2. Your personal data rights and controls

Privacy laws, including the General Data Protection Regulation ("GDPR"), give rights to individuals over their personal data.

See your rights and their descriptions in this table. You can also watch our video about Your Privacy Controls.


It’s your right to...
Access Be informed of the personal data we process about you and to request access to it
Rectification Request that we amend or update your personal data where it’s inaccurate or incomplete
Erasure Request that we delete certain of your personal data
Restriction Request that we temporarily or permanently stop processing all or some of your personal data
Object Object to us processing your personal data at any time, on grounds relating to your particular situation
Object to your personal data being processed for direct marketing purposes
Data portability Request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service
Not be subject to automated decision-making Not be subject to a decision based solely on automated decision making (decisions without human involvement), including profiling, where the decision would have a legal effect on you or produce a similarly significant effect

How to exercise your rights with Spotify

Access: To request a copy of your personal data from Spotify, visit your account Privacy Settings. There you can automatically download much of your personal data and find out how to request more information.

Rectification: You can edit your User Data under "Edit profile" in your account.

Erasure:

  • You can remove audio content from your profile by selecting the relevant content and choosing to remove it. For example, you can remove playlists from your profile, or remove a track from your playlist.
  • To request erasure of your other personal data from Spotify (e.g. your User Data, Usage Data and other data listed in Section 3 'Personal data we collect about you' below), see our support page.

Your other rights: You can contact Spotify directly to exercise your rights at any time (see Section 11 'How to contact us').

In addition, here are more privacy resources and controls:

  • Privacy Center - more information about how Spotify uses your personal data, your rights, and how to use those rights, including our video, about Your Privacy Controls.
  • Privacy Settings - control the processing of certain personal data, including Tailored Ads.
  • Notification Settings - learn how to set which marketing communications you get from Spotify.
  • Settings (Desktop and Mobile) - control certain aspects of the Spotify Service such as "Social" and "Explicit Content".
  • Cookies Policy - information on how we use cookies and how to manage your cookie preferences. Cookies are files saved on your phone, tablet or computer when you visit a website.

You also have the right to contact the Swedish Authority for Privacy Protection or your local data protection authority about any questions or concerns.

3. Personal data we collect about you

These tables set out the categories of personal data we collect and use. You can also watch our video about Personal Data at Spotify.

Collected when you sign up for the Spotify Service or when you update your account
Category Description
User Data Personal data that we need to create your Spotify account and enables you to use the Spotify Service.
The type of data collected depends on the type of Service Option you have, how you create your account, the country you are in, and if you use third party services to sign in. This may include your:
  • profile name
  • email address
  • phone number
  • date of birth
  • gender
  • street address
  • country
We receive some of this data from you e.g. from the sign up form or account page.
We also collect some of this data from your device e.g. country. For more information about how we collect country, see “Your general (non-precise) location”.
Street Address Data We may ask for your street address for the following reasons:
  • to check eligibility for a Service Option
  • for tax administration
  • to deliver physical goods or gifts requested by you
In some cases, we may use a third party mapping application (such as Google Maps) to help you verify your address.
Collected through your use of the Spotify Service
Categories Description
Usage Data
Personal data collected about you when you’re accessing and/or using the Spotify Service.
There are a few types of information this includes, detailed in the following sections.
Information about how you use Spotify
Examples include:
  • Information about your Spotify Service Option.
  • Your actions with the Spotify Service (including date and time), such as:
    • search queries
    • streaming history
    • playlists you create
    • your library
    • browsing history
    • account settings
    • interactions with other Spotify users
    • your use of third party services, devices and applications in connection with the Spotify Service
  • Inferences (i.e., our understanding) of your interests and preferences based on your usage of the Spotify Service.
  • Content you post to any part of the Spotify Service, such as images, text, playlist titles, communications, and other types of content.

Your technical data
Examples include:
  • URL information
  • Online identifiers such as cookie data and IP addresses
  • Information about the devices you use such as:
    • device IDs
    • network connection type (e.g. wifi, 4G, LTE, Bluetooth)
    • provider
    • network and device performance
    • browser type
    • language
    • information enabling digital rights management
    • operating system
    • Spotify application version
  • Information (such as the device name, device identifiers, brand and version) which enables us to discover and connect with third party devices and applications such as those listed below:
    • devices on your wifi network (such as speakers) which can connect to the Spotify Service
    • devices made available by your operating system when connecting via Bluetooth, plugin, and installation
    • Spotify partner applications to determine whether the application is installed on your device

Your general (non-precise) location
This may be understood from technical data (e.g. your IP address, language setting of your device, or payment currency).
We need this to meet geographic requirements in our agreements with the owners of content on the Spotify Service, and to deliver content and advertising that’s relevant to you.
Your device sensor data
Motion-generated or orientation-generated mobile sensor data (e.g. accelerometer or gyroscope) if needed to provide features of the Spotify Service that require this data.
Additional data you may choose to give us
Categories Description
Voice Data
If voice features are available in your market and only where you’ve given permission, we collect voice data (audio clips of your voice).
This makes it possible for us to provide and improve Spotify’s voice features.
For more information see our Voice Control Policy.
Payment and Purchase Data If you make any purchases from Spotify (including a paid Service Option) or sign up for a trial, we will need to process your payment data.
The exact personal data collected will vary depending on the payment method, but will include information such as:
  • name
  • date of birth
  • credit or debit card type, expiration date, and certain digits of your card numberNote: For security, we never store your full card number
  • ZIP/postal code
  • mobile phone number
  • details of your purchase and payment history
Contests, Surveys, and Sweepstakes Data When you complete any forms, respond to a survey or questionnaire, or take part in a contest or sweepstake, we collect the personal data you provide.
Collected from other (‘third party’) sources
Categories of third parties Description
Authentication partners If you register for or log into our services using another service, we’ll receive your information from them to help create your account with us.
Third party applications, services and devices you connect to your Spotify account If you connect your Spotify account to a third party application, service and/or devices, we may collect certain information from them to make the integration possible.
These third party apps, services or devices may include:
  • social media
  • devices including:
    • audio (e.g. speakers and headphones)
    • smart watches
    • televisions
    • mobile phones and tablets
    • automotive (e.g. cars)
    • games consoles
  • services or platforms such as voice assistants
We’ll ask your permission before we collect your information from certain third parties.
Technical service partners We work with technical service partners that give us certain data, such as mapping IP addresses to non-precise location data (e.g., city, state).
This makes it possible for Spotify to provide the Spotify Service, content, and features.
Payment partners If you choose to pay Spotify by invoice, we may get data from our payment partners.
This allows us to:
  • send you invoices
  • process your payment
  • give you what you’ve purchased
Advertising and marketing partners We may get data about you from certain advertising or marketing partners.
This may include:
  • cookie id
  • mobile device id
  • email address
  • inferences (i.e., our understanding) of your interests and preferences

This allows us to deliver more relevant ads and marketing.

4. Our purpose for using your personal data

The table below sets out:

  • our purpose for processing your personal data
  • our legal justifications (each called a "legal basis") under data protection law, for each purpose
  • categories of personal data which we use for each purpose (see more about these categories in Section 3 'Personal data we collect about you')

You can also watch our video about Personal Data at Spotify.

Here is a general explanation of each "legal basis" to help you understand the table:

  • Performance of a Contract: When it's necessary for Spotify (or a third party) to process your personal data to:
    • comply with obligations under a contract with you, e.g. Spotify's obligations under the Terms of Use to provide the Spotify Service to you
    • or verify information before a new contract with you begins.
  • Legitimate Interest: When Spotify (or a third party) has an interest in using your personal data in a certain way, which is necessary and justified considering any possible risks to you and other Spotify users. For example, using your Usage Data to improve the Spotify Service for all users. Contact us if you want to understand a specific justification.
  • Consent: When Spotify asks you to actively indicate your agreement to Spotify's use of your personal data for a certain purpose(s).
  • Compliance with Legal Obligations: When Spotify must process your personal data to comply with a law.
Purpose for processing your data Legal basis that permits the purpose Categories of personal data used for the purpose
To provide the personalized Spotify Service. (You can watch our video about Personalization to understand more.)
  • Performance of a Contract
  • Legitimate Interest
  • Consent
  • User Data
  • Usage Data
  • Payment and Purchase Data
  • Street Address Data
  • Voice Data
To understand, diagnose, troubleshoot, and fix issues with the Spotify Service.
  • Performance of a Contract
  • Legitimate Interest
  • User Data
  • Usage Data
To evaluate and develop new features, technologies, and improvements to the Spotify Service.
  • Legitimate Interest
  • Consent
  • User Data
  • Usage Data
  • Voice Data
For marketing, promotion, and advertising purposes.
  • Legitimate Interest
  • Consent
  • User Data
  • Usage Data
  • Contests, Surveys and Sweepstakes Data
To comply with legal obligations and law enforcement requests.
  • Compliance with legal obligations
  • Legitimate interest
  • User Data
  • Usage Data
  • Payment and Purchase Data
  • Street Address Data
  • Voice Data
  • Contests, Surveys and Sweepstakes Data
To:
  • fulfill contractual obligations with third parties, for example our agreements with owners of content on the Spotify Service, and
  • take appropriate action with reports of intellectual property infringement and inappropriate content.

  • Legitimate interest
  • User Data
  • Usage Data
  • Payment and Purchase Data
To establish, exercise, or defend legal claims.
  • Legitimate interest
  • User Data
  • Usage Data
  • Payment and Purchase Data
  • Street Address Data
  • Contests, Surveys and Sweepstakes Data
To conduct business planning, reporting, and forecasting.
  • Legitimate Interest
  • User Data
  • Usage Data
  • Payment and Purchase Data
To process your payment.
  • Performance of a Contract
  • Compliance with legal obligations

  • User Data
  • Payment and Purchase Data
To detect and prevent fraud, including fraudulent payments and fraudulent use of the Spotify Service.
  • Performance of a Contract
  • Compliance with legal obligations
  • Legitimate Interest
  • User Data
  • Usage Data
  • Payment and Purchase Data
  • Street Address Data

To conduct research, contests, surveys, and sweepstakes.
  • Performance of a Contract
  • Legitimate Interest
  • Consent

  • User Data
  • Usage Data
  • Contests, Surveys and Sweepstakes Data

In jurisdictions where legitimate interest is not recognized as a legal basis, we rely on contractual necessity or consent.

5. Sharing your personal data

This section sets out the categories of recipients of the personal data collected or generated through your use of the Spotify Service.

Publicly available information

The following personal data will always be publicly available on the Spotify Service:

  • Your profile name
  • Your profile photo
  • Your public playlists
  • Who you follow on the Spotify Service
  • Who follows you on the Spotify Service (you can remove followers)

Personal data you may choose to share

We will only share the following personal data with those outlined in the table below:

  • where sharing of particular personal data is needed for the use of a Spotify Service feature, or a third party application, service or device, which you have chosen to use; or
  • if you otherwise grant us your permission to share the personal data, e.g. by selecting the appropriate setting in the Spotify Service or by giving your consent
Categories of recipients Reason for sharing
Third party applications, services and devices you connect to your Spotify Account To connect your Spotify account, and/or allow you to use the Spotify Service in connection with third party applications, services or devices.
Examples of such third party applications, services and devices include: social media applications, speaker devices, televisions, automotive platforms, or voice assistants, which interact with the Spotify Service.
You can see and remove many third party connections under “Apps” in your account.
Support community To enable you to use the Spotify Support Community service.
When you register for an account on the Spotify Support Community, we’ll ask you to create a specific profile name. This will be publicly displayed to anyone who uses the Spotify Support Community. We’ll also display any questions or comments you post.
Other Spotify users To share information about your use of the Spotify Service with other Spotify users, including your ‘Spotify Followers’.
For example, under “Social” settings you can choose whether to share your recently played artists and your playlists on your profile.
Artists and record labels To receive news or promotional offers directly from artists, record labels or other partners.
You may choose to share personal data (for example, your email address) for this purpose. You’ll always have the option to change your mind and withdraw your consent at any time.

Information we may share

See this table for details of who we share to and why.

Categories of recipients Reason for sharing
Service providers So they can provide their services to Spotify.
These service providers may include those we hire to:
  • give customer support
  • operate the technical infrastructure we need to provide the Spotify Service
  • assist in protecting and securing our systems and services (e.g. Google’s reCAPTCHA)
  • help market Spotify’s (and our partners’) products, services, events and promotions
Payment processors So they can process your payments, and for anti-fraud purposes.
Advertising partners So our ad partners can help us deliver more relevant advertising to you on the Spotify Service.
For example, our ad partners help us facilitate tailored advertising:
  • This is when we use third party information to tailor ads to be more relevant to you (also known as interest based advertising).
  • An example of a tailored ad is when an ad partner has information suggesting you like cars, which could enable us to show you ads about cars.
  • You can control tailored advertising in your account privacy settings under “Tailored Ads”.
  • If you are “opted out” of Tailored Ads, you may still get advertising on ad-supported services (such as podcasts or the Free Service Option) based on your registration information and ads based on the content you are streaming on our Services. For example, if you are streaming a cooking podcast, you may hear an ad for a food processor or if you are streaming a workout playlist, you may hear an ad for sports clothing.
Marketing Partners To promote Spotify with our partners. We share some personal data with these partners where necessary to:
  • enable you to participate in Spotify promotions, including trials or other bundled offers
  • to promote Spotify in media and advertising published on other online services
  • help us and our partners to measure the effectiveness of Spotify promotions

Examples of partners include:
  • marketing or sponsorship partners
  • websites and mobile apps who sell us advertising space on their services
  • device, app and mobile partners who also offer Spotify promotions

Our partners may also combine the personal data we share with them with other data they collect about you (e.g. your use of their services). We and our partners may use this information to present you with offers, promotions, or other marketing activities that we believe will be relevant to you.
Other partner sharing We may share personal data with partners to help us understand and improve the performance of our products and partnerships.
You can see and remove many partner connections under “Apps” in your account.
Academic researchers For activities such as statistical analysis and academic study, but only in a pseudonymised format. Pseudonymised data is where your data is identified by a code rather than your name or other information that directly identifies you.
Other Spotify group companies Where we have offices, to carry out our daily business operations and so we can maintain and provide the Spotify Service to you.
Law enforcement and other authorities When we believe in good faith it’s necessary for us to do so, for example:
  • to comply with a legal obligation
  • to respond to a valid legal process (such as a search warrant, court order, or subpoena)
  • for our own or a third party’s justifiable interest, relating to:
    • national security
    • law enforcement
    • litigation (a court case)
    • criminal investigation
    • protecting someone’s safety
    • preventing death or imminent bodily harm.
Purchasers of our business Where we sell or negotiate to sell our business to a buyer or possible buyer.
In this situation, Spotify will continue to ensure your personal data is kept confidential. We’ll give you notice before your personal data is transferred to the buyer or a different privacy policy starts to apply.

6. Data retention and deletion

Retention

We keep your personal data only as long as necessary to provide you with the Spotify Service and for Spotify's legitimate and essential business purposes, such as:

  • maintaining the performance of the Spotify Service
  • making data-driven business decisions about new features and offerings
  • complying with our legal obligations
  • resolving disputes

Deletion

If you close or request that we close your account, we'll delete or anonymise your personal data so it no longer identifies you, unless we're required to keep something or we still need to use it for a legally justifiable reason.

Here are some examples of situations where we're legally allowed or required to keep some of your personal data:

  • if there's an unresolved issue relating to your account, such as an outstanding credit or unresolved claim or dispute
  • for our legal, tax, audit and accounting obligations
  • for our legitimate business interests such as fraud prevention or to maintain security.

7. Transfer to other countries

When carrying out the activities described in this Policy, Spotify shares your personal data internationally with Spotify group companies, subcontractors and partners in order to provide the Spotify Service to you. They may process your data in countries whose data protection laws are not considered to be as strong as EU laws or those in your country, e.g. they may not give you the same rights over your data.

Whenever we transfer personal data internationally, we use tools to:

  • make sure the data transfer complies with applicable law
  • help to give your data the same level of protection as it has in the EU

We do this using a variety of protections, as appropriate for each data transfer. For example, we use:

  • Standard Contractual Clauses (or an alternative legal tool) to require the third party to protect your data and to provide you with EU-level rights and protections
  • technical protections, such as encryption and pseudonymisation
  • policies and processes to challenge disproportionate or unlawful government authority requests

You can exercise your rights under the Standard Contractual Clauses by contacting us or the third party who processes your personal data.

8. Keeping your personal data safe

We're committed to protecting our users' personal data. We implement appropriate technical and organisational measures to help protect the security of your personal data. However, be aware that no system is ever completely secure.

We have implemented various safeguards including pseudonymisation, encryption, access, and retention policies to guard against unauthorised access and unnecessary retention of personal data in our systems.

To protect your user account, we encourage you to:

  • use a strong password that is unique to your Spotify account
  • never share your password with anyone
  • limit access to your computer and browser
  • log out once you have finished using the Spotify Service on a shared device
  • read more detail on protecting your account

You can log out of Spotify in multiple places at once by using the "Sign out everywhere" function on your account page.

If other individuals have access to your Spotify account (for example if you've given them permission to use your account on a shared device), then they can access personal data, controls and the Spotify Service available in your account.

It's your responsibility to only provide individuals with permission to use your account where you're comfortable sharing this personal data with them. Anyone else's use of your Spotify account may impact your personalised recommendations and be included in your data download.

9. Children

Note: This Policy doesn't apply to Spotify Kids, unless the Spotify Kids Privacy Policy says so. Spotify Kids is a separate Spotify application.

The Spotify Service has a minimum "Age Limit" in each country. The Spotify Service is not directed to children whose age:

  • is under the age of 13 years
  • or, makes it illegal to process their personal data
  • or, requires parental consent to process their personal data

We do not knowingly collect personal data from children under the applicable Age Limit. If you're under the Age Limit, please do not use the Spotify Service, and do not provide any personal data to us. Instead, we recommend using a Spotify Kids account.

If you're a parent of a child under the Age Limit and become aware that your child has provided personal data to Spotify, please contact us.

If we learn that we've collected the personal data of a child under the applicable Age Limit, we'll take reasonable steps to delete the personal data. This may require us to delete the Spotify account for that child.

When using a shared device on the main Spotify Service, you should be cautious about playing or recommending any content to individuals under 18 years old which could be inappropriate for them.

10. Changes to this Policy

We may occasionally make changes to this Policy.

When we make material changes to this Policy, we'll provide you with prominent notice as appropriate under the circumstances. For example, we may display a prominent notice within the Spotify Service or send you an email or device notification.

11. How to contact us

For any questions or concerns about this Policy, contact our Data Protection Officer any one of these ways:

  • Use our privacy contact form
  • Email privacy@spotify.com
  • Write to us at: Spotify AB, Regeringsgatan 19, 111 53 Stockholm, Sweden

You can also visit our Privacy Center for more clarification of this Policy.

Spotify AB is the data controller of personal data processed under this Policy.

© Spotify AB

Spotify
Company
About
Jobs
For the Record
Communities
For Artists
Developers
Advertising
Investors
Vendors
Useful links
Support
Web Player
Free Mobile App
Botswana
  • Legal
  • Privacy Center
  • Privacy Policy
  • Cookies
  • About Ads
© 2022 Spotify AB