SENTY Pty Ltd (ABN 62 652 427 579) ("Company") operates a web application located at the domain address huangdarren1106.github.io that allows users to analyse their listening history on their Spotify accounts ("Web Application").
Our Web Application is an independent application that uses the official Spotify API to provide our services and is not associated with the Spotify AB company, its partners or associates.
This Privacy Notice explains how we manage the personal data that we collect, hold, use and disclose and how to contact us if you have any further queries about our management of your personal data.
This Privacy Notice applies to you only to the extent that the collection and handling of your personal data is subject to the Privacy Act 1988 (Cth) ("Privacy Act").
The following Privacy Notice is intended to inform you in particular about the type, scope, purpose, duration, and legal basis for processing your Personal data under our control or in conjunction with others.
We also inform you below about the third-party components (referred below to as the "Third-party Cookies") we use to optimise our Web Application and improve the user experience, which may result in said third parties also processing data they collect and control.
Users' rights and data
How we handle complaints
Changes to our Privacy Notice
Cookies are small text files or other storage technologies stored on your computer by your internet browser. These cookies process specific information about you, such as your browser version, location data, IP address, etc. For more information about cookies and disabling them, consult them at https://www.allaboutcookies.org/manage-cookies/.
Personal data ("data") is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. The data will only be processed by us to the extent necessary and for the purpose of providing a functional and user-friendly Web Application, including its contents and services. Further information about the application of the Privacy Act can be found on the Office of the Australian Information Commissioner website at https://www.oaic.gov.au.
Processing as per GDPR (The General Data Protection Regulation) as per Art. 4 No. 1 of Regulation (EU) 2016/679, refers to any operation or set of operations such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction performed on personal data, whether by automated means or not.
Spotify Single Sign-On ("Spotify SSO") is a convenient and secure authentication method allowing users to access their Spotify account with a single login credentials. This improves security by reducing the risk of password-related vulnerabilities and enhances user experience.
Regarding the processing of data, users have the right to:
Confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
Correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
Request an immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
Receive copies of the data concerning them and/or provided by them and have the same transmitted to other providers (cf. also Art. 20 GDPR);
File complaints with the supervisory authority if they believe the Company is processing data concerning them in breach of data protection provisions (see also Art. 77 GDPR).
In addition, the Company is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR.
However, this obligation does not apply if such notification is impossible or involves a disproportionate effort.
Nevertheless, users have a right to information about these recipients.
Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the Company's future processing of their data pursuant to Art. 6 Para.1 lit. f) GDPR. In particular, an objection to data processing for the purpose of direct advertising is permissible.
When using our Web Application, your data will be deleted or blocked as soon as the purpose for its storage ceases to apply, provided the deletion of the same is not in breach of any statutory storage obligations or unless otherwise stipulated below.
For the purpose of this Web Application, the Company does not use any servers.
We do not collect or store any user data. Your user's data is processed in your internet browser.
For the purpose of this Web Application, there are no session cookies.
In addition, you can use your internet browser to delete cookies that have already been stored in it.
Please refer to the documentation of your internet browser to be able to do so.
You do not need to create a new account with our Web Application because we use the Spotify SSO.
When you log in with your Spotify account in our Web Application, we only use a limited set of data to provide our services, namely:
Your Spotify Username
Top 20 artists from your listening history.
Our Web Application does not request data from Spotify in the background if you are not actively using our web application.
During the login process, we obtain your consent to be able to access the above data from Spotify. The data retrieved from your Spotify account will be exclusively used to provide you with our services.
As we do not use servers to store your data, your data is deleted from your web browser memory once you close our Web Application.
You should log in with Spotify every time you wish to use our Web Application.
We use Google Analytics on our website. This web analytics service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
For more information about how Google uses data when you use our Web Application, please refer to https://policies.google.com/technologies/partner-sites.
Through certification according to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Google Analytics guarantees it will follow the EU's data protection regulations when processing data in the United States.
The Google Analytics service is used to analyse how our website is used. The legal basis is Art. 6 Para.1 lit. f) GDPR. Our legitimate interest lies in our Web Application's analysis, optimisation and economic operation.
Usage and user-related information, such as IP address, place, time, or frequency of your visits to our Web Application, will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymisation function, whereby Google truncates the IP address within the EU or the EEA before it is transmitted to the US.
Google Analytics uses the data collected in this way to provide us with an evaluation of visits to our Web Application and what visitors do once there.
This data can also be used to provide other services related to the use of our website and of the internet in general.
Google Analytics states that it will not connect your IP address to other data.
In addition, Google Analytics provides further information with regard to its data protection practices at https://policies.google.com/technologies/partner-sites?hl=en, including options you can exercise to prevent such use of your data.
In addition, Google Analytics offers an opt-out add-on at https://tools.google.com/dlpage/gaoptout?hl=en in addition to further information.
This add-on can be installed on the most popular web browsers and offers further control over the data that Google Analytics collects when you visit our Web Application.
However, this does not prevent information from being transmitted to us or other web analytics services we may use as detailed herein.
We use Plausible Analytics on our website. This web analytics service is provided by Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, Registration number 14709274.
Plausible Analytics is privacy-friendly web analytics that does not track, collect cookies or store personal data or personally identifiable information and is fully compliant with GDPR, CCPA and PECR.
We use a self-hosted version of Plausible Analytics hosted on Linode cloud infrastructure in Dallas, US.
For further information on Plausible Analytics's GDPR, CCPA and cookie law compliance and all the data points they collect, please refer to their data policy at https://plausible.io/data-policy.
We may use third-party advertising companies to serve programmatic ads when you visit our Web Application.
These advertising companies may use information about your visits to our Web Application and other websites in order to provide advertisements about goods and services of interest to you.
These advertising advertisements may appear on our Web Application and on other websites. These companies may employ cookies, clear GIFs and other tracking technologies to cause relevant ads to be displayed to you.
For purposes of the Privacy Act and data protection laws, the Company's data protection officer, Elena Osipova.
Company's Email address: firstname.lastname@example.org
Company's Postal address:
ATTN: SENTY Pty Ltd
173A Melbourne Road, Rippleside VIC 3215, Australia.
If you have any concerns or complaints about the manner in which we have collected or handled your personal data, please advise us of your concern or complaint in writing and send it to email@example.com.
Your concern or complaint will be considered or investigated, and we will endeavour to respond to your complaint within 30 days.
It is our intention to use our best endeavours to resolve any complaint to your satisfaction.
However, if you are unhappy with our response, contact the Office of the Australian Information Commissioner, who may investigate your complaint further.