Privacy Policy

Last updated: March 29, 2026

1. What we collect

When you sign in with Spotify, we access the following data through Spotify’s API:

  • Your Spotify display name, username, and profile image
  • Your email address (for account identification only)
  • Your currently playing track and recent listening history
  • Your playback state (what you’re listening to right now)

We only request the Spotify permissions (OAuth scopes) that are necessary to operate Amply. We do not request permissions to modify your Spotify account, playlists, or playback.

2. How we use your data

  • Display your currently playing track to other users in rooms
  • Track your listening history to build your profile stats (hours listened, top artists, etc.)
  • Calculate listener records and leaderboards
  • Send you notifications you’ve opted into

We do not sell your data. We do not use your data for advertising. We do not share your personal data with third parties except as required to operate the service (e.g., database hosting).

3. Imported listening history

If you import your Spotify extended streaming history, that data is processed on our servers and stored in our database. Imported data includes track names, artist names, timestamps, and play durations. This data is used solely to populate your listening stats and records within Amply.

4. Data storage and security

Your data is stored in encrypted databases with industry-standard security protections. Spotify access tokens are stored securely and refreshed automatically. We do not store your Spotify password. Temporary files created during data imports are deleted immediately after processing.

5. Disconnecting your Spotify account

You can disconnect your Spotify account from Amply at any time from your account settings. When you disconnect, we revoke our access to your Spotify data and stop tracking your listening activity. You can also request full account deletion, which permanently removes all of your data from our servers within 30 days.

6. Data deletion

You can delete your account and all associated data from your account settings. Account deletion removes your profile, listening history, messages, follows, badges, records, and any other personal data from our servers. This action is irreversible.

7. Cookies

We use essential cookies to maintain your login session. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

8. Third-party services

  • Spotify — authentication and listening data (governed by Spotify’s own privacy policy)
  • Stripe — payment processing for Amply+ (governed by Stripe’s privacy policy)
  • MongoDB Atlas — database hosting

Spotify is a third-party beneficiary of this privacy policy and our terms of service, and is entitled to directly enforce them.

9. Children

Amply is not intended for use by anyone under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. Contact

If you have questions about this privacy policy or want to request data deletion, contact us at privacy@amply.fm.