Privacy Policy

Last updated: 18 June 2026

This policy explains what personal data mousetro (“we”, “us”) collects, why, how long we keep it, who we share it with, and the rights you have over it under the UK GDPR and EU GDPR.

mousetro is operated from the United Kingdom, and for the purposes of the UK GDPR and the Data Protection Act 2018 the data controller is [CONTROLLER NAME]. The best way to reach us about your privacy, or to exercise any of the rights below, is by email at [email protected]. Our postal address is [BUSINESS ADDRESS].

What we collect

  • Account — email address, username, your public @handle and display name, optional bio and profile picture, and (if you set them) a phone number and two-factor authentication details. Passwords are stored only as a salted hash.
  • Listening activity — a record of the tracks you play (time, how much of each track you listened to), per-song totals, and your overall stream count. We also store an approximate country for each play, derived from your IP address at play time. We store only the two-letter country code — not your IP address.
  • Your library and activity — albums and playlists you save, your favourites shelf, playlists you create, artists you follow, reviews you write and likes you give, and the notifications addressed to you.
  • Taste profile — a musical-taste summary we infer from your listening to power recommendations. It is computed on our own infrastructure; it is never used to train third-party AI models and is never sold.
  • Payments — when you buy a release or tokens, we record the amount, currency, status, and the Stripe identifiers for the transaction. Card details are handled entirely by Stripe and never reach our servers.
  • If you are an artist — the releases, tracks, and broadcast posts you publish, plus your Stripe Connect account reference and your earnings and payout records.

Why we use it, and our legal basis

  • To provide the service (your account, playback, library, purchases and downloads) — performance of a contract with you.
  • Recommendations and your taste profile, aggregate analytics, and security — our legitimate interests in operating and improving mousetro and keeping it safe. The approximate country is used to suggest a currency and for aggregate analytics.
  • Keeping transaction and payout records — compliance with our legal obligations (accounting and tax).

We do not send marketing email and we do not use your data for advertising.

Who we share it with

We use a small number of processors, and we do not sell your personal data:

  • Stripe — payment processing and artist payouts. When you check out, your name and email are shared with Stripe. See Stripe’s own privacy policy for how they handle it.
  • A geolocation lookup — to turn an IP address into a country, your IP is sent to a third-party lookup service at the time of a play. We retain only the resulting country code.
  • Our email provider — to send transactional email (confirmation links, password resets).

Sending data outside the UK

Some of our processors are based outside the United Kingdom, so your personal data may be transferred to and processed in other countries (for example, Stripe and our email and geolocation providers may process data in the United States). Where we do this, we rely on safeguards recognised under the UK GDPR — a UK “adequacy” decision for the destination country where one exists, or otherwise the UK International Data Transfer Agreement (or the EU Standard Contractual Clauses with the UK Addendum) — so your data keeps an equivalent level of protection. You can ask us for more detail about the safeguards we use.

Children

mousetro is intended for adults. You must be at least 18 years old to create an account or use the service, and we do not knowingly collect personal data from anyone under 18. If you believe a child has given us their data, contact us and we will delete it.

How long we keep it

We keep your account data for as long as your account is open. When you close your account (see Delete personal data), we anonymise it: we remove your identifying details (email, username, handle, display name, bio, picture) and lock the account so it can no longer be used. Some records are retained in de-identified form because we are required to keep them or because they no longer identify you:

  • purchase and earnings records, which we must retain for legal and accounting reasons;
  • reviews and listening history, retained without your identity attached;
  • for artists, the releases and content you published remain available.

Aggregate and statistical data that does not identify you may be kept indefinitely.

Your rights

Under the GDPR you can:

  • Access and port your data — download a machine-readable copy of your personal data at any time from Personal data.
  • Correct it — edit your profile details from your account settings.
  • Erase it — close and anonymise your account, subject to the retained records described above.
  • Restrict or object to certain processing, and where we rely on consent, withdraw it.

If we cannot resolve your concern, you have the right to complain to the Information Commissioner’s Office (ICO), the UK’s data protection regulator, at ico.org.uk or by calling their helpline on 0303 123 1113. We would, however, appreciate the chance to address your concern first.

Cookies

mousetro uses only strictly necessary cookies: the sign-in/session cookies that keep you logged in, and an anti-forgery cookie that protects form submissions. We do not use analytics, advertising, or third-party tracking cookies. Because these cookies are essential to provide the service you ask for, no consent banner is required.

Changes

If we make material changes to this policy we will update the date above and, where appropriate, notify you. Continued use of mousetro after a change means you accept the updated policy.

See also our Terms of Service.

An unhandled error has occurred. Reload 🗙