Starify
Web & Mobile

Starify – Privacy Policy

Effective date: January 13, 2026

Service: Starify mobile application and related website (together, the “Service”)
Data Controller: Pinc Consulting SRL
Address: Av. Louise 65/11, 1050 Brussels, Belgium
Company number: 0742.706.135
Email: privacy@pinc.be

1. Scope

This Privacy Policy explains how we collect, use, share, and protect personal data when you use the Service.

2. Personal data we collect

2.1 Data you provide

  • Account data: your email address (used to authenticate via “magic link”).
  • Profile data: role/voice part/instrument (as provided by you).
  • Content shared in groups: audio files and any metadata you provide (e.g., title). Uploads are performed on the website only.
  • Reports & support: information you submit when reporting illegal content or contacting support.

2.2 Data collected automatically

  • Server logs (minimal): timestamp and request ID (retained for 30 days).
  • Error and diagnostic data: we use Sentry and LogRocket to diagnose errors and improve reliability on the website and the mobile app. Depending on configuration, these services may collect technical and diagnostic information (for example: device/browser details, IP address, identifiers, and interaction data necessary to reproduce issues). We aim to minimize collection and may mask or sanitize inputs where supported.

We do not use a separate product for marketing analytics, and we do not serve ads.

3. Device permissions

Starify does not request access to your device microphone, camera, notifications, photos/media, contacts, or location.

4. How we use your data

We use personal data to:

  • Provide authentication (magic-link login) and operate your account.
  • Provide core features (access to group-shared audio and playback).
  • Handle abuse prevention and respond to illegal content reports.
  • Maintain security and troubleshoot issues (including via Sentry/LogRocket).
  • Comply with legal obligations and enforce our terms.

5. How sharing works inside groups

Audio content is shared only within the group(s) you choose. Other group members can listen to shared MP3 files in the Service (no download feature in the app, as currently implemented).

Within groups, Starify does not display the identity of the person who uploaded a specific MP3 to other group members.

6. Legal bases (EEA/UK – GDPR)

Where GDPR applies, we process personal data based on:

  • Contract (to provide the Service you request)
  • Legitimate interests (security, reliability, debugging, abuse prevention)
  • Legal obligation (where applicable)

7. Service providers (processors) and data sharing

We do not sell personal data and we do not share data for advertising.

We share data only with service providers that help us run Starify, under contractual obligations:

  • Render (hosting, database, and file storage) — data hosted in Frankfurt, Germany
  • Mailjet (email delivery for magic-link authentication/registration and invitation to a band)
  • Sentry (error monitoring)
  • LogRocket (monitoring and diagnostics / session replay where enabled on the website and mobile app)

We may also disclose information if required by law or to protect users, our rights, and the integrity of the Service.

8. Data retention

  • Account & profile data: retained while your account is active.
  • MP3 audio files: retained as long as they are kept by the user/group; deleted when removed from the Service.
  • Server logs: timestamp and request ID retained for 30 days.
  • Reports of illegal content: retained for 90 days.

We do not maintain separate backups of user data.

9. Account deletion

You can request account deletion via the link available in the app (which directs you to email us). We process deletion requests within 15 days.

10. Security

We use reasonable technical and organizational measures to protect data (for example: access controls, secure hosting, encryption in transit). No system is 100% secure.

11. Children

Starify is not intended for children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided personal data, contact us at privacy@pinc.be.

12. Cookies and similar technologies (website) and app storage

The website may use essential cookies or local storage required for the Service to function (e.g., login/session). If LogRocket is enabled, it may use cookies/local storage (on the website) or equivalent app storage (on mobile) to support diagnostics and session replay.

13. International data transfers

Your primary hosting is in Germany (EU) via Render. Some service providers (Mailjet, Sentry, LogRocket) may process data in other locations depending on their infrastructure and your configuration; where required, appropriate safeguards are used.

14. Your rights

Depending on your location, you may have rights to access, correct, delete, or object to certain processing of your personal data, and to lodge a complaint with your local data protection authority.

To exercise rights, contact privacy@pinc.be.

15. Changes to this policy

We may update this policy from time to time. We will post the updated version and revise the effective date.

16. Contact

Pinc Consulting SRL
Av. Louise 65/11, 1050 Brussels, Belgium
Company number: 0742.706.135
Email: privacy@pinc.be