Spotify Privacy Policy

Effective as of August 19, 2015

1 Introduction
2 Key highlights of what you’re consenting to
3 The information we collect
4 How we use the information we collect
5 Sharing information
6 Your preferences
7 Transfer to other countries
8 Links
9 Security
10 Children
11 Accessing and updating user information
12 Changes to the Privacy Policy
13 Information about cookies, other technologies, and third-party data collection

Hello, and welcome to our Privacy Policy. This Privacy Policy helps you to make informed decisions about your relationship with us, so please read it carefully. We hope you’re sitting comfortably and getting ready for some great tunes. Here we go…

1 Introduction

Thanks for choosing Spotify. This Privacy Policy describes the information we collect, what we do with it, and how you can manage and control the use of your information.

Throughout this Privacy Policy we refer to the Spotify Service or the Service. These terms are defined in our Terms and Conditions of Use (the “Terms and Conditions of Use”).

2 Key highlights of what you’re consenting to

By using or interacting with the Service, you are consenting to:

  1. the collection, use, sharing, and processing of information about your location, including any related interactions with the Spotify service and other Spotify users (as described in The information we collect);
  2. the use of cookies and other technologies;
  3. the transfer of your information outside of the country where you live;
  4. the collection, use, sharing, and other processing of your information, including for advertising-related purposes (as described in the rest of this Privacy Policy, so please keep on reading!); and
  5. the public availability of your information and the controls over such information as described in Sharing information.

In each case, you consent to the processing of data by the entities described in this Privacy Policy, including the Spotify entity, as data controller, indicated at the bottom of this document (collectively, “Spotify”, “we”, “us”, “our”). In the Your Preferences section, we describe the controls and relevant settings associated with your Spotify account. If you don't agree with the terms of this Privacy Policy, then please don't use the Service.

3 The information we collect

We may collect and store the following information—

3.1 Registration data

When you sign up for the Service, we may ask you for information such as your username, password, email address, date of birth, gender, address, postal code, and country. You may also choose to voluntarily add other information to your profile, such as your mobile phone number and mobile service provider. If you connect to the Service using credentials from a Third Party Application (as defined in the Terms and Conditions of Use) (e.g., Facebook), you authorise us to collect your authentication information, such as your username and encrypted access credentials. We may also collect other information available on or through your Third Party Application account, including, for example, your name, profile picture, country, hometown, email address, date of birth, gender, friends’ names and profile pictures, and networks.

3.2 Usage, log data & cookies

When you use or interact with the Service, we may use a variety of technologies that collect information about how the Service is accessed and used. This information may include:

  1. information about your type of subscription and your interactions with the Service, such as interactions with songs, playlists, other audiovisual content, other Spotify users, Third Party Applications, and advertising, products, and services which are offered, linked to, or made available on or through the Service;
  2. the details of the queries you make and the date and time of your request;
  3. User Content (as defined in the Terms and Conditions of Use) you post to the Service including messages you send and/or receive via the Service;
  4. voice commands (if you’ve opted in to share that with us); and,
  5. technical data, which may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the Spotify Service, unique device ID, device attributes, network connection type (e.g., WiFi, 3G, LTE) and provider, network and device performance, browser type, language, information enabling digital rights management, operating system, and Spotify application version.

You may integrate your Spotify account with Third Party Applications. If you do, we may receive similar information related to your interactions with the Service on the Third Party Application, as well as information about your publicly available activity on the Third Party Application. This includes, for example, your “Like”s and posts on Facebook. We may use cookies and other technologies to collect this information; you can learn more about such use in the section Information about cookies, other technologies, and third-party data collection of this Privacy Policy.

3.3 Information Stored on Your Mobile Device

With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files. Local law may require that you seek the consent of your contacts to provide their personal information to Spotify, which may use that information for the purposes specified in this Privacy Policy.

3.4 Location and sensor information

Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit).

3.5 Widget data

Other websites may integrate Spotify widgets (such as the Spotify Play Button or Spotify Follow Button). When you visit a site with a Spotify widget embedded, we may receive certain information, including information about the web page you visited. Spotify and the widget can recognise you, and the widget may be used to show personalised content or advertising. We know when you interact with a widget, and websites containing the widgets may receive this information.

3.6 Payment data

If you sign up for a Trial (as defined in the Terms and Conditions of Use), purchase any of our Paid Subscriptions (as defined in the Terms and Conditions of Use), or make other purchases through the Service, your credit or debit card information (such as card type and expiration date) and other financial data that we need to process your payment may be collected and stored by us and/or the payment processors with which we work. We may also collect some limited information, such as your postal code, mobile number, and details of your transaction history, all of which are necessary to provide the Service. In addition, the payment processors generally provide us with some limited information related to you, such as a unique token that enables you to make additional purchases using the information they’ve stored, and your card’s type, expiration date, and certain digits of your card number.

If you choose to pay by invoice, Spotify may need to collect and store additional information, like your name, date of birth, and phone number, and provide it to payment processors we work with to issue invoices, to enable credit checks and to send you invoices.

BY ACCEPTING THE PRIVACY POLICY, YOU EXPRESSLY AUTHORISE SPOTIFY TO USE AND SHARE WITH OTHER COMPANIES IN THE SPOTIFY GROUP, AS WELL AS CERTAIN TRUSTED BUSINESS PARTNERS AND SERVICE PROVIDERS, WHICH MAY BE LOCATED OUTSIDE OF THE COUNTRY OF YOUR RESIDENCE (INCLUDING COUNTRIES WHICH DO NOT PROVIDE THE SAME LEVEL OF PROTECTION FOR THE PROCESSING OF PERSONAL DATA AS THE COUNTRY OF YOUR RESIDENCE), THE INFORMATION PROVIDED BY YOU TO SPOTIFY, EVEN IF SUCH INFORMATION IS COVERED BY LOCAL BANKING SECRECY LAWS. YOU ACKNOWLEDGE AND AGREE TO THE IMPORTANCE OF SHARING SUCH INFORMATION FOR THE PROVISION OF THE SPOTIFY SERVICE AND ALSO AGREE THAT, BY ACCEPTING THIS PRIVACY POLICY, WHERE APPLICABLE AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, YOU EXPRESSLY WAIVE YOUR RIGHTS UNDER SUCH BANK SECRECY LAWS WITH REGARD TO SPOTIFY, ANY COMPANY IN THE SPOTIFY GROUP, AND ANY TRUSTED BUSINESS PARTNERS AND SERVICE PROVIDERS, WHICH MAY BE LOCATED OUTSIDE YOUR COUNTRY OF RESIDENCE. THIS CONSENT IS GIVEN FOR THE DURATION OF YOUR RELATIONSHIP WITH SPOTIFY.

3.7 Sweepstakes, contests & surveys

From time to time, we may offer you the opportunity to participate in promotions such as sweepstakes, contests, offers, and/or surveys (“Special Promotions”) through the Service. A Special Promotion may be governed by a privacy policy and/or terms and conditions that are additional to, or separate from, this Privacy Policy and the Terms and Conditions of Use. If the provisions of the Special Promotion’s privacy policy or terms and conditions conflict with this Privacy Policy or the Terms and Conditions of Use, those additional or separate provisions shall prevail. If you participate in a Special Promotion, we may ask you for certain information in addition to what is stated in this Privacy Policy, including personal information. That additional information may be combined with other account information and may be used and shared as described in this Privacy Policy.

3.8 Spotify service providers and partners

We may also receive information about you from our service providers and partners, which we use to personalise your Spotify experience, to measure ad quality and responses to ads, and to display ads that are more likely to be relevant to you. We also use this information as explained in the section How we use the information we collect below.

4 How we use the information we collect

We may use the information we collect, including your personal information:

  1. to provide, personalise, and improve your experience with the Service and products, services, and advertising (including for third party products and services) made available on or outside the Service (including on other sites that you visit), for example by providing customised, personalised, or localised content, recommendations, features, and advertising on or outside of the Service;
  2. to ensure technical functionality of the Service, develop new products and services, and analyse your use of the Service, including your interaction with applications, advertising, products, and services that are made available, linked to, or offered through the Service;
  3. to communicate with you for Service-related or research purposes including via emails, notifications, text messages, or other messages, which you agree to receive;
  4. to communicate with you, either directly or through one of our partners, for marketing and promotional purposes via emails, notifications, or other messages, consistent with any permissions you may have communicated to us (e.g., through your Spotify account settings); in the section Your preferences below, we inform you of the controls you can use to opt out from receiving certain messages;
  5. to, with your permission, use your mobile phone number to send you informational, marketing and promotional text messages using an automatic dialing system; you are not required to provide consent as a condition of signing up for Spotify’s services;
  6. to enable and promote the Service and other services or products, either within or outside the Service, including features and content of the Service and products and services made available through the Service;
  7. to process your payment or prevent or detect fraud;
  8. to enforce this Privacy Policy, the Terms and Conditions of Use, and any other terms that you have agreed to, including to protect the rights, property, or safety of Spotify, its users, or any other person, or the copyright-protected content of the Service;
  9. to provide you with features, information, advertising, or other content which is influenced by your location and your location in relation to other Spotify users; and
  10. as otherwise stated in this Privacy Policy.

5 Sharing information

This section describes how the information collected or generated through your use of the Spotify service may be shared by you or by us.

5.1 Sharing by you

5.1.1 Generally

The Spotify Service is a social service that offers many ways to find, enjoy, and share content. We encourage you to take advantage of these social features with others on the Service.

Your name and/or username, profile picture, who you follow, who follows you, and your Spotify user profile will always be publicly available.

Playlists created or followed, your activity on the Service (e.g., what you listen to, music you share), recently played artists, your top tracks, your top artists, and User Content you post, upload, and/or contribute to the Service are made publicly available by default. Your activity on the Service (e.g., what you listen to, music you share) will automatically appear on the Service and will, for example, be accessible by users who follow you or view your Spotify profile. If you create a playlist, the playlist will be publicly displayed by default, which means that it will also be displayed publicly in third-party search engine results and may appear together with other public profile information, such as your picture and name and/or username. Although this information is made public by default, in Your preferences below, we describe the controls that you can use, along with other relevant settings associated with your Spotify account, to limit the sharing of your information.

Please remember that certain information is always publicly available, which means that it can be accessed by Third Party Applications through our APIs and developer tools. Based on your permissions, some additional information can be shared with Third Party Applications and with others through Third Party Applications. For example, you can use your settings to control whether your Spotify activity is posted to Facebook. Similarly, you may consent to provide Third Party Applications with access to your email address, subscription status, location, birthday, or similar information, upon their request.

We may use your public information to promote the Service and to help others find and follow you and/or your Spotify content, including through Facebook and other Third Party Applications and on websites that embed Spotify widgets. Your information may be used to notify others, including within the Service, via email, and through Facebook and Third Party Applications, about your use of the Service (e.g., that you have joined Spotify or activity related to a Spotify profile, such as adding or removing tracks from a playlist).

With your permission, we may notify other users of your location and activity on Spotify. Likewise, with other Spotify users’ permission, we may notify you about their whereabouts and activity on Spotify.

Learn more about how to manage notifications, your publicly available information, and what you share with others in Your preferences below.

5.1.2 Third Party Applications

If you connect your Spotify account to a Third Party Application, Spotify may automatically share your activity and activity-related stories with that service, including the content you consume. You understand and agree that that such information may be attributed to your account on the Third Party Application and may be published on such service. Although this information may be automatically shared by default, we inform you of the controls that you can use to limit the sharing of this information in the section Your preferences below. The Third Party Application may also provide similar controls.

If you log into a Third Party Application with your Spotify account, that Third Party Application may have access to certain information such as your playlists, content saved, and activity. With your permission, we may also share additional information such as your email address, subscription status, location, or birthdate with such Third Party Applications.

Spotify also enables you to share a particular item of content or a playlist that you have created, on an individual basis, to Third Party Applications, other third party services, other Spotify users, and others. Please note that if you share content to a Third Party Application or a third party service, it will be viewable by others within the Spotify Service, regardless of your Spotify account settings.

You understand and agree that a Third Party Application’s use of information collected from you (or as authorised by you) is governed by the Third Party Application’s privacy policies and your settings on the relevant service, and Spotify’s use of such information is governed by this Privacy Policy and your Spotify account settings.

5.1.3 Support Community

When you register for a Spotify Support Account on the Spotify Support Community, we will ask you to create a specific Spotify Support Community username, which will be publicly displayed to anyone who accesses the Spotify Support Community. If you choose not to create such a username, your Spotify username or your Facebook display name will be publicly displayed when you post User Content.

5.2 Sharing by Spotify

5.2.1 Marketing and advertising

We may share information with advertising partners in order to send you promotional communications about Spotify or to show you more tailored content, including relevant advertising for products and services that may be of interest to you, and to understand how users interact with advertisements. The information we share is in a de-identified format (for example, through the use of hashing) that does not personally identify you.

Please see the section Information about cookies, other technologies, and third-party data collection below for information about the cookies and other technologies that we and third parties use to serve you more relevant ads and your options.

5.2.2 Service providers and others

We may from time to time share your information with service providers to perform functions and process user data and help provide our Services, consistent with this Privacy Policy. For example, we work with service providers to host our Spotify Support Community Site and analytics providers to help us understand the use of our Services. Where a third party processes user data on our behalf (e.g., a hosting service provider), it is subject to security and confidentiality obligations consistent with this Privacy Policy and applicable law. Where a third party processes user data on its own behalf, its processing is subject to its own Privacy Policy and applicable law.

5.2.3 Rights holders

The Spotify service allows you to listen to fully-licensed streaming content. Spotify shares information with the rights holders that license this content to Spotify. The data that Spotify shares is in a de-identified format that does not identify you directly, unless you opt in to the sharing of your personal information.

5.2.4 Certain Spotify partners

If you access the Spotify Service through an offer that you received or purchased from a third party such as your mobile network operator, we may also share information with that third party about your use of the Spotify Service, such as whether and to what extent you have used the offer, activated a Spotify account, or actively used the Service.

5.2.5 Other sharing

In addition to the above, we may also share your information with third parties for these limited purposes:

  • to allow a merger, acquisition, or sale of all or a portion of our assets;
  • to respond to legal process (e.g., a court order or subpoena), if we believe in good faith that it is necessary to do so; to comply with requirements of mandatory applicable law; to protect the safety of any person; to protect the rights and property of Spotify, including to enforce the Terms and Conditions of Use and any other terms that you have agreed to; and to address fraud, security, or technical issues;
  • to academic researchers for purposes including statistical analysis and academic study, but only in a de-identified format;
  • to publish de-identified or aggregate information about the use of the Spotify Service; and
  • to allow other companies in the Spotify group to use your information as specified in this Privacy Policy.

6 Your preferences

We provide you with settings to allow you to choose which communications you receive from us, manage your public information, and set your sharing preferences. However, as explained in the section Sharing by you, certain information may always be publicly available to others and other information is made publicly available to others by default. And if you share information to a Third Party Application, that information is viewable on Spotify, regardless of how you set your privacy settings.

To change whether certain information is publicly available, you can adjust the settings in your account. View instructions for adjusting the relevant settings on Spotify’s website.

Information that is publicly available, such as playlists, may be used, re-shared, or linked to by others on the Service or across the web, so please use Spotify carefully and be mindful of your settings. Remember that even if you remove a playlist or make a playlist private, others who already subscribe to it or who otherwise have access to it (e.g., via a link) may still have access to it. Also keep in mind that playlists and other information added to your profile may include personal information, such as username, which could enable other persons to find you within the Spotify Service or other services.

7 Transfer to other countries

Spotify transfers, processes and stores information about our users on servers located in a number of countries. Accordingly, Spotify may share your information with other companies in the Spotify group in order to carry out the activities specified in this Privacy Policy. Spotify may also subcontract processing to, or share your information with, third parties located in countries other than your home country. Your personal information may therefore be subject to privacy laws that are different from those in your country of residence. Information collected within the European Economic Area (“EEA”) and Switzerland may, for example, be transferred to and processed by third parties identified above, located in a country outside of the EEA and Switzerland, where you may have fewer legal rights in relation to your information. The Spotify group will process your information as described in this Privacy Policy.

8 Links

We may display advertisements from third parties and other content that links to third party websites. We cannot control or be held responsible for third parties’ privacy practices and content. Please read their privacy policies to find out how they collect and process your personal information.

9 Security

We are committed to protecting our users’ information. Your password protects your user account, so you should use a unique and strong password, limit access to your computer and browser, and log out after having used the Spotify Service. While we take data protection precautions, no security measures are completely secure, and we do not guarantee the security of user information.

10 Children

The Spotify Service is not directed to children under the age of 13. (In some countries, stricter age limits may apply. See our Terms and Conditions of Use.) We do not knowingly collect personal information from children under 13 or under the applicable age limit (the “Age Limit”). If you are under the Age Limit, do not use the Service and do not provide any personal information to us. If you are a parent of a child under the Age Limit and become aware that your child has provided personal information to Spotify, please contact us at privacy@spotify.com and you may request exercise of your applicable access, rectification, cancellation, and/or objection rights. If you are a California resident under the age of 18 and you wish to remove publicly available content, please contact us at eraser@spotify.com.

11 Accessing and updating user information

You can view and amend much of the information we keep about you through your account and profile pages. If you have questions about your privacy on the Service, this privacy policy, or information we have about you, please contact us at privacy@spotify.com. You can also contact our privacy representative by sending a letter to Spotify, Attn: Privacy Officer, Legal Department, 45 West 18th Street, 7th Floor, New York, NY 10011, United States. We will respond to your request within a reasonable period of time upon verification of your identity in accordance with local laws. We recommend you include documents that prove your identity and a clear and precise description of the information which you request access to.

12 Changes to the Privacy Policy

Occasionally we may, in our discretion, make changes to the Agreements. When we make material changes to the Agreements, we’ll provide you with prominent notice as appropriate under the circumstances, e.g., by displaying a prominent notice within the Service or by sending you an email. In some cases, we will notify you in advance, and your continued use of the Service after the changes have been made will constitute your acceptance of the changes. Please therefore make sure you read any such notice carefully. If you do not wish to continue using the Service under the new version of the Agreements, you may terminate the Agreements by contacting us through the Customer Service contact form.

13 Information about cookies, other technologies and third-party data collection

This section describes use of cookies and other technologies. For further information about how information may be shared by Spotify, please see the section Sharing by Spotify.

13.1 What are cookies and other technologies?

A cookie is a small text file that is placed on your computer, mobile phone, or other device when you visit a website. The cookie will help website providers to recognise your device the next time you visit their website. There are other similar technologies such as pixel tags (transparent graphic images placed on a web page or in an email, which indicate that a page or email has been viewed), web bugs (similar to pixel tags), and web storage, which are used in desktop software or mobile devices.

There are also technologies such as mobile device identifiers and SDK integrations to help companies recognise your device when you return to an app or otherwise use the a service.

13.2 How we use cookies and other technologies

We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device for a set period of time or until you delete them). We use the following types of cookies for the purposes explained in this chart:

Cookie Type Purpose
Essential Operational These cookies are necessary to allow us to operate the Spotify Service as you have requested. For example, they let us recognise what type of subscriber you are and then provide you with services accordingly.
Performance / Analytics We use these cookies to analyse how the Spotify Service is accessed, is used, or is performing. We use this information to maintain, operate, and continually improve the Spotify Service. We may also obtain information from our email newsletters, including whether you opened or forwarded a newsletter or clicked on any of its content. This information tells us about our newsletters' effectiveness and helps us ensure that we're delivering information that you find interesting.
Functional These cookies let us operate certain functions of the Spotify Service in line with the choices you make. These cookies mean that when you continue to use or come back to the Spotify Service, we can provide you with our services as you have asked for them to be provided, such as knowing your username, remembering how you have customised our services, and reminding you of content you have enjoyed.
Targeting / Advertising We use these cookies to serve you with advertisements that may be relevant to you and your interests. The information may also be used for frequency capping purposes (e.g., to ensure we do not display the same advertisement to you repeatedly) and to help us regulate the advertisements you receive and measure their effectiveness.
Third Party We may allow our business partners to use cookies on or outside the Spotify Service for the same purposes identified above, including collecting information about your online activities over time and across different websites. We may also use service providers acting on our behalf to use cookies for the purposes identified above.
Spotify Ads We work with web publishers, advertising networks, and service providers to deliver Spotify ads on other web sites and services. Cookies may be used to serve you with advertisements that may be relevant to you and your interests on other web sites and services and to regulate the advertisements you receive and measure their effectiveness.

We also use mobile device identifiers and the other technologies identified in Section 13.1 for the purposes articulated in this Privacy Policy, for example to recognise your device when you return to the Spotify app or otherwise use the Spotify Services.

13.3 Manage your cookie and other preferences

Many web browsers allow you to manage your preferences. You can set your browser to refuse cookies or delete certain cookies. You may be able to manage other technologies in the same way that you manage cookies using your browser’s preferences.

Please note that if you choose to block cookies, doing so may impair the Spotify Service or prevent certain elements of it from functioning.

There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals. We use the AdChoices Icon on our website, and it may also appear on certain targeted advertisements that we (or a service provider acting on our behalf) send to you based on information about your online activities. You may click on the AdChoices icon or visit aboutads.info to receive more information about the collection and use of information about your online activities for online behavioral advertising or to learn how to opt out of having your data used for online behavioral advertising by Digital Advertising Alliance (DAA) participating companies. Canadian users can also visit youradchoices.ca. European users can also visit youronlinechoices.com to learn how to opt out of having their data used for online behavioral advertising by European Interactive Digital Advertising Alliance (EDAA) member companies.

Another available tool is the Network Advertising Initiative’s (NAI) Opt-Out Tool at networkadvertising.org/choices. This allows you to opt out from the use of information about your online activities for online behavioral advertising by NAI member companies.

On your mobile device, you may also have a “Limit Ad Tracking” setting (on iOS devices) or a setting to “Opt out of Interest-Based Ads” (on Android) which allows you to limit the use of information about your use of apps for purposes of serving ads targeted to your interests.

Please note that even if you opt out using the mechanisms above, you may still receive advertisements when using the Spotify Service.

We work with advertising partners to serve advertisements on the Spotify Service. One of the services we use to track activity related to the Service, e.g., by placing cookies, is Google Analytics by Google (Google, Inc. a company headquartered at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). We may use vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimise, and serve ads based on your past visits to our websites, including Google Analytics for Display Advertising. Google provides tools to manage the collection and use of certain information by Google Analytics at tools.google.com/dlpage/gaoptout and by Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads Settings at google.com/settings/ads.

You hereby consent to the use of the cookies and other technologies described above.

13.4 More information

For more information about the use of cookies and how to block them, visit allaboutcookies.org, youronlinechoices.eu (Europe), or aboutads.info/choices (United States). If you have any questions or comments about our use of cookies, please contact us at privacy@spotify.com.

Thank you for reading our Privacy Policy. We hope you enjoy Spotify!

Data controller:

Spotify AB
Birger Jarlsgatan 61, 113 56 Stockholm
Sweden

© Spotify AB.