Liner ⁄⁄ Privacy

Privacy Policy

Effective 2026-05-18 · v1 draft

This policy explains what data Liner collects, how we use it, who we share it with, and your rights. This is a v1 draft — we will publish the final version before opening to the public. The version effective when you signed up is the one that applies to you.

1. What we collect

To run Liner we collect:

  • Account data — your email, display name, and handle.
  • Spotify data — your Spotify user ID, recently played tracks, top tracks and artists, saved library, and an access token to create playlists on your behalf. Scopes are listed on the consent screen Spotify shows during connect.
  • Prompts and playlists — the text you write in the prompt input, the playlists we generate from it, and the tracks they contain.
  • Usage analytics — anonymous product-event data via PostHog (e.g., when a playlist is generated, when a poster is shared). No sensitive content is sent to analytics.
  • Server logs — error traces and timestamps so we can debug failures. Logs are not user-identifiable beyond user ID.

2. Why we collect it

  • To generate playlists tailored to your actual taste — the data you give us is the input.
  • To create and sync playlists on Spotify, attach posters, and manage your library.
  • To improve Liner: which features get used, which generations fail, which prompts work.
  • To send essential service emails (sign-in links, account changes). No marketing without your consent.

3. Who we share it with

Liner doesn't sell your data. We use third-party providers to operate, each with their own privacy policies:

  • Spotify — to access your listening data and write playlists.
  • DeepSeek — your prompt and an abbreviated snapshot of your top artists/tracks are sent to generate the playlist. No account identifiers are sent.
  • Pixabay — we send a short text query (no personal data) to fetch cover photography for your posters.
  • Supabase — hosts our database, authentication, and file storage.
  • Resend — sends transactional emails (sign-in links, confirmations).
  • PostHog — receives product-event analytics, no prompt text or playlist content.
  • Vercel — hosts our application; sees standard HTTP request logs.

4. Data retention

We keep your account data and content until you delete them. Server logs are retained for 30 days. Analytics events are aggregated and retained as needed for product analysis. Deleting a playlist removes it from Liner and unfollows the corresponding Spotify playlist. Deleting your account (coming soon to settings) removes your data within 30 days.

5. Your rights

  • Access — request a copy of the data we hold about you.
  • Correct — fix inaccurate data via account settings or by emailing us.
  • Delete — delete individual playlists from the app; ask us to delete your full account by emailing us.
  • Export — request a portable export of your prompts, playlists, and listening fingerprint.
  • Disconnect Spotify — remove our access to your Spotify account at any time from settings; you can also revoke the grant directly at spotify.com.

To exercise any of these, email privacy@liner.media.

6. Cookies

Liner uses cookies set by Supabase to keep you signed in. PostHog sets a cookie for anonymous analytics. We don't use advertising or cross-site tracking cookies.

7. Children

Liner is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has signed up, contact us and we will delete the account.

8. International transfers

Liner's primary servers are hosted by Supabase and Vercel. If you use Liner from outside the regions where our providers operate, your data is transferred to those regions for processing.

9. Changes

We may update this policy as Liner evolves. Material changes will be communicated by email or an in-app notice; the effective date at the top will move accordingly.

10. Contact

Privacy questions: privacy@liner.media. General contact: hello@liner.media.