Privacy Policy

Last updated: April 2026

This Privacy Policy explains how MusiMap Accounts (“we”, “us”) collects, uses, stores, and protects personal data when you create and use a MusiMap account and sign in to applications using MusiMap Accounts (the “Services”).

Data Controller

MusiMap
Email: privacy@musimap.ai

What MusiMap Accounts Is

MusiMap Accounts is MusiMap's centralized identity service (OIDC / OAuth 2.0 provider). It lets you create and manage a MusiMap user account and then use that account to sign in to MusiMap applications and third-party applications that integrate with MusiMap Accounts.

Data Collection

Depending on how you use the Services, we may collect:

  • Account and profile information (e.g., name, email address, profile picture if provided)
  • Authentication and security data (e.g., login timestamps, security logs, multi-factor status if enabled)
  • Technical data (e.g., IP address, browser/device information, error logs)

Data Usage

We use personal data only to operate and secure MusiMap Accounts, including:

  • Authenticating you and managing your MusiMap user account
  • Granting access to applications that use MusiMap Accounts (with your consent where required)
  • Preventing fraud, abuse, and unauthorized access
  • Providing customer support and resolving issues
  • Producing aggregated operational analytics (non-advertising) to improve reliability and security

We do not use your data for advertising. We do not sell your data. We do not use Google user data to train AI/ML models.

Data Storage and Retention

Personal data is stored securely in our AWS infrastructure, hosted in Europe and managed directly by us. We retain account data for as long as your MusiMap account remains active, or as needed to comply with legal obligations and to prevent fraud/abuse. You may request deletion of your account and associated personal data at any time.

Connected Applications (OIDC Clients)

MusiMap Accounts can be used to sign in to applications (“Connected Apps”). When a Connected App requests access to your MusiMap identity, you will be shown what information is requested and you may be asked to consent. We aim to share the minimum information required for sign-in (typically your email address and basic profile information).

Each Connected App is responsible for its own privacy practices. We encourage you to review the Connected App's privacy policy and terms of service.

Data Sharing

We do not sell or rent personal data. We do not share personal data with third parties except:

  • Authentication providers you choose to use (e.g., Google Sign-In) solely to authenticate you
  • Connected Apps when you sign in and/or consent to share specific identity information
  • Service providers that help us operate the Services (e.g., infrastructure hosting), under appropriate safeguards
  • When required by law or to protect the security of the Services

Third-Party Sign-In Providers - Google

If you choose to sign in with Google, we use Google Sign-In to authenticate you and to create or link your MusiMap account. We request only the information needed for authentication and account matching:

  • Your email address
  • Your public profile information (such as name and profile picture, if available)
  • A unique Google account identifier

We do not store Google OAuth access tokens or refresh tokens. Google credentials are used only during the authentication process to verify your identity and are not retained by MusiMap Accounts.

We do not access, read, modify, or store any other data from your Google account.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data. To exercise your rights, contact us at privacy@musimap.ai.