Record Pin — Privacy Policy
Last updated: 27 April 2026. This policy explains what
personal data the Record Pin app collects, why, who it
is shared with, how long it is kept, and the rights you have over it.
It applies to the Record Pin app on Google Play
(com.wharety.recordpinff) and on the App Store.
Summary
- Record Pin stores the account details you sign up with, the Spotify-linked album collection you build inside the app, and a small amount of pseudonymous diagnostic data.
- Record Pin does not collect your location, audio, photos, contacts, calendar, or advertising IDs.
- Record Pin does not sell or share your personal information for advertising or any other purpose.
- You can delete your account and associated data at any time from inside the app — see Account & Data Deletion.
1. Who we are
Record Pin is a personal music-collection app developed and operated by Ian Hudspith as a sole developer. For the purposes of the EU and UK General Data Protection Regulation (GDPR / UK GDPR), Ian Hudspith is the data controller for personal data processed through the Record Pin app.
Contact for any privacy question, request, or complaint: recordpin@outlook.com.
2. What we collect, why, and our legal basis
The categories below cover everything Record Pin collects or stores about you. Where possible we have stated the GDPR / UK GDPR legal basis relied on; in jurisdictions with similar regimes (for example California's CPRA), the same categories apply.
| Data | Why we collect it | Legal basis | Where it is stored |
|---|---|---|---|
| Account identity: email address, display name, profile photo URL, Firebase user ID, and (only if you sign in via phone auth) phone number. | To create and authenticate your account. | Performance of a contract (providing the app you signed up for). |
Firebase Authentication and the Firestore users
document.
|
| Sign-in provider linkage: which provider you used (email/password, Google, Apple, GitHub, anonymous, phone, custom token) and the provider's identifier for you. | So you can sign back in with the same provider. | Performance of a contract. | Firebase Authentication. |
| Spotify connection: an OAuth access token and refresh token issued to Record Pin by Spotify, and the data Record Pin reads with them — your saved albums, the album and artist metadata Spotify returns (titles, artists, artwork URLs, release dates, popularity, available markets, genres), and your email address as Spotify reports it. | To show your Spotify library inside Record Pin and let you build and browse your collection. | Performance of a contract; the OAuth grant itself relies on your consent given to Spotify. |
Tokens are cached in your Firestore users document
and on your device in encrypted secure storage. Album data is
cached in the usersAlbums subcollection and locally.
|
| Discogs metadata: genres and styles associated with albums in your collection, fetched from the public Discogs API. | To enrich your collection view with genre and style information. | Legitimate interests (improving the core feature of the app). | Your Firestore users document. |
| Push notification tokens: a Firebase Cloud Messaging (FCM) token plus the device type (iOS or Android) for each device you have signed in on. | To deliver push notifications you have agreed to receive at the OS level. | Consent (you must grant the OS-level notification permission). |
The users/{uid}/fcm_tokens Firestore subcollection.
|
| Diagnostic and analytics data: pseudonymous event logs (which screens were viewed, sign-up vs. login, sign-in method), crash reports, performance traces, and Cloud Function / server logs. Analytics events include your Firebase user ID as an event parameter so support questions can be traced; crash and performance data uses Firebase's pseudonymous install IDs. | To detect crashes, fix bugs, and understand which features are used. | Legitimate interests (keeping the app working and stable). | Firebase Analytics, Crashlytics, Performance Monitoring, and Google Cloud Logging. |
3. What we do not collect
Record Pin has only the network permission on Android and the background-fetch / remote-notification entitlements on iOS. In particular, Record Pin does not request, collect, or use:
- Your location (precise or approximate).
- Your microphone, camera, photos, contacts, or calendar — despite the app's name, Record Pin does not record audio or capture media.
- Advertising identifiers (IDFA on iOS, AAID on Android). Record Pin shows no ads and runs no third-party advertising or tracking SDKs.
- Health, fitness, biometric, or financial data.
- Payment or billing data — the app is currently free. If a paid tier is introduced, this policy will be updated before any billing data is collected.
4. Who we share data with
Record Pin uses a small number of established service providers (sub-processors) to run the app. We do not sell or rent your personal data, and we do not "share" it for cross-context behavioural advertising as defined by the California CPRA.
- Google LLC (Firebase) — hosts authentication, the Firestore database, file storage, push notifications, analytics, crash reporting, performance monitoring, and Cloud Functions. See Firebase privacy & security.
- Spotify AB — provides authentication and album/ library data via the Spotify Web API when you connect your Spotify account. See Spotify's privacy policy.
- Discogs — supplies public album genre and style metadata. See Discogs' privacy policy.
Personal data may be processed in the United States and other countries where these providers operate. Where data leaves the UK or EEA, we rely on the providers' Standard Contractual Clauses and equivalent transfer safeguards.
We may also disclose information if required by law, legal process, or to protect the rights, property, or safety of Record Pin, its users, or others.
5. How long we keep your data
Account data and your collection are retained while your account exists. When you delete your account — through the in-app flow or by emailing us — the deletion behaviour is documented on the Account & Data Deletion page. In summary:
-
Your Firebase Auth credentials, your Firestore user document, your
usersAlbumscollection, and yourfcm_tokensare deleted immediately. Spotify tokens cached on your device are cleared at the same time. - A small amount of pseudonymous data is kept by our service providers on standard retention schedules: Firebase Analytics events for up to 14 months; Crashlytics crash reports for 90 days; Cloud Function and server logs for 30 days (these may contain your user ID until they age out).
6. Your rights
EEA, United Kingdom, and similar regimes
Under GDPR / UK GDPR you have the right to access the personal data we hold about you, to have inaccurate data corrected, to have your data erased, to restrict or object to certain processing, to data portability, and — where processing is based on consent — to withdraw that consent at any time. You also have the right to lodge a complaint with your local supervisory authority (in the UK, the Information Commissioner's Office; in the EEA, the supervisory authority of your country of residence).
California (CCPA / CPRA)
If you are a California resident you have the right to know what personal information we collect and how it is used, the right to request deletion or correction of that information, the right to opt out of any "sale" or "sharing" of personal information (Record Pin does not sell or share personal information for cross-context behavioural advertising, so there is nothing to opt out of), the right to limit use of sensitive personal information (Record Pin does not use sensitive personal information for the purposes that would trigger this right), and the right not to be discriminated against for exercising these rights. The categories of personal information we collect map onto the CPRA categories identifiers (email, name, user ID), internet or other electronic network activity (analytics, crash, performance), and inferences (the genre and style preferences derived from your collection).
Other regions
Where local law gives you similar rights — for example under the Australian Privacy Principles, New Zealand's Privacy Act 2020, or Canada's PIPEDA — we will respect equivalent requests on a best-effort basis.
How to exercise your rights
The fastest route to erasure is the in-app Delete Account flow on the Profile screen, which deletes the categories listed in section 5 immediately. For any other request, email recordpin@outlook.com from the address associated with your account. We aim to respond within 30 days.
7. Account deletion
Full instructions, including the email-based fallback if you have lost access to your account, are on the dedicated Record Pin — Account & Data Deletion page.
8. Children
Record Pin is a general-audience music-collection app and is not directed to children under 13 (or, in jurisdictions where the applicable threshold is higher, under that threshold — for example 16 in parts of the EEA). Record Pin does not knowingly collect personal information from children. If you believe a child has created an account, email recordpin@outlook.com and the account will be deleted.
9. Security
Network traffic between the app and our service providers is encrypted in transit using TLS. Data stored in Firebase services is encrypted at rest by Google. Spotify tokens cached on your device are held in the operating system's secure storage (Keychain on iOS, encrypted SharedPreferences on Android) and are cleared when you sign out or delete your account. No system is perfectly secure, and we cannot guarantee absolute security; we do, however, design Record Pin to keep the surface area small (no advertising SDKs, no unnecessary permissions).
10. Changes to this policy
If this policy changes in a material way we will update the "Last updated" date at the top of this page and, where the change affects an active account, surface a notice in the app. Continued use of Record Pin after the updated policy takes effect indicates acceptance of the changes.
11. Contact
Questions, requests, or complaints about this policy or how Record Pin handles your data: recordpin@outlook.com.