← Back to home

Privacy Policy for Mozika

Last Updated: November 1, 2025

Introduction

Welcome to Mozika ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our iOS mobile application and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

1. Information You Provide

Account Information

  • When you sign up using Apple Sign-In or Google Sign-In, we collect:
  • Unique user identifier (UUID)
  • Email address (if provided by the authentication provider)
  • Name (if provided by the authentication provider)
  • Profile picture URL (if provided by the authentication provider)

Note: Apple Sign-In only provides name and email on first authorization. Google Sign-In typically provides name, email, and profile picture.

2. Information We Collect Automatically

Music Listening Data

  • Tracks you listen to (track ID, title, artist)
  • Listening duration and completion ratio
  • Tracks you like, dislike, or skip
  • Timestamp of interactions
  • Your music taste preferences (stored as mathematical vectors)

Usage Analytics (via PostHog)

  • App usage patterns and feature interactions
  • Session duration and frequency
  • Track recommendation performance
  • User engagement metrics
  • Device and app version information

Technical Data

  • IP address (for rate limiting and security)
  • API request logs (with sensitive data redacted)
  • Error logs and crash reports

3. Information We Do NOT Collect

  • We do NOT access your device's music library
  • We do NOT access your contacts
  • We do NOT access your location
  • We do NOT access your camera or microphone (except for music playback)
  • We do NOT track you across other apps or websites

How We Use Your Information

We use the collected information for the following purposes:

1. Provide and Improve the Service

  • Authenticate your account and maintain your session
  • Provide personalized music recommendations
  • Learn your music preferences over time
  • Improve our recommendation algorithm
  • Optimize app performance and user experience

2. Analytics and Research

  • Understand how users interact with the Service
  • Measure engagement and retention
  • Identify and fix bugs
  • Conduct research to improve our algorithms

3. Communication

  • Send important service updates
  • Respond to your support requests
  • Notify you of changes to our policies

4. Security and Compliance

  • Prevent fraud and abuse
  • Enforce our Terms and Conditions
  • Comply with legal obligations
  • Protect our rights and property

Data Storage and Security

Storage Location

  • User Data: Stored in our secure PostgreSQL database
  • Music Files: Stored in Cloudflare R2 object storage
  • Analytics Data: Stored in PostHog (optional, can be disabled)

Security Measures

  • All data transmitted over HTTPS/TLS encryption
  • Passwords are never stored (we use Apple/Google authentication)
  • Refresh tokens are hashed using SHA-256
  • Access tokens expire after 4 hours
  • Refresh tokens expire after 90 days
  • Regular security audits and updates

Data Retention

  • Account Data: Retained while your account is active
  • Listening History: Retained to improve recommendations
  • Analytics Data: Retained for up to 2 years
  • Logs: Retained for up to 90 days

Data Sharing and Disclosure

We Do NOT Sell Your Data

We do not sell, trade, or rent your personal information to third parties.

Third-Party Services

We use the following third-party services:

Authentication Providers

  • Apple Sign-In (Apple Inc.)
  • Google Sign-In (Google LLC)

Infrastructure Providers

  • Cloudflare R2 (Cloudflare, Inc.) - Music file storage
  • PostgreSQL Database - User data storage

Analytics (Optional)

  • PostHog (PostHog Inc.) - Usage analytics
  • You can opt out by contacting us

Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders)
  • Requests from law enforcement or government agencies
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activities

Your Rights and Choices

Access and Control

  • Access: Request a copy of your personal data
  • Correction: Update your profile information
  • Deletion: Request deletion of your account and data
  • Export: Request an export of your data in a portable format

Opt-Out Options

  • Analytics: Request to opt out of analytics tracking
  • Email: Unsubscribe from promotional emails (if applicable)

How to Exercise Your Rights

Contact us at: [email protected]

We will respond to your request within 30 days.

Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to such transfers.

We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy in the app
  • Updating the "Last Updated" date
  • Sending you an email notification (for material changes)

Your continued use of the Service after changes constitutes acceptance of the updated policy.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect and how we use it
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we don't sell data)
  • Right to Non-Discrimination: We won't discriminate against you for exercising your rights

To exercise these rights, contact us at: [email protected]

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Obtain a copy of your personal data
  • Right to Rectification: Correct inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time

Legal Basis for Processing:

  • Performance of contract (providing the Service)
  • Legitimate interests (improving the Service, security)
  • Consent (analytics, optional features)

To exercise these rights or lodge a complaint with a supervisory authority, contact us at: [email protected]

Cookies and Tracking Technologies

What We Use

  • Authentication Tokens: To keep you logged in
  • Session Management: To maintain your app session
  • Analytics Cookies: To understand app usage (optional)

What We Don't Use

  • We do NOT use advertising cookies
  • We do NOT track you across other websites or apps
  • We do NOT create user profiles for advertising

Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify you within 72 hours of discovery
  • Describe the nature of the breach
  • Explain the potential consequences
  • Outline the measures we're taking to address the breach
  • Provide recommendations to protect yourself

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected] Response Time: We aim to respond within 48 hours

Consent

By using the Service, you consent to:

  • The collection and use of information as described in this Privacy Policy
  • The transfer of your data to our servers and third-party service providers
  • The use of cookies and similar technologies

You can withdraw your consent at any time by deleting your account or contacting us.

Effective Date: November 1, 2025

This Privacy Policy is part of our Terms and Conditions. Please read both documents carefully.