Privacy Policy

Last updated: October 2025

At MusDiary, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your personal information when you use our platform.

1. Information We Collect

Information You Provide

  • Account Information: Name, email address, username, and password
  • Profile Information: Display name, bio, location, instruments, genres, and profile images
  • Content: Diary entries, recordings, videos, repertoire information, and performance details
  • Payment Information: Processed securely through PayPal (we do not store credit card details)

Automatically Collected Information

  • Usage Data: How you interact with the platform, pages visited, and features used
  • Device Information: Browser type, operating system, IP address, and device identifiers
  • Authentication Data: Login times and session information via Supabase Auth

2. How We Use Your Information

We use your information to:

  • Provide and maintain the MusDiary platform
  • Create and manage your musician profile
  • Process membership subscriptions and payments
  • Communicate with you about your account, updates, and platform news
  • Display your public profile and content to your audience
  • Improve our services and develop new features
  • Prevent fraud and ensure platform security
  • Comply with legal obligations

3. Cookies and Tracking

MusDiary uses essential cookies to provide basic functionality:

  • Authentication Cookies: To keep you logged in and maintain your session
  • Security Cookies: To protect your account and prevent unauthorized access

We do not use tracking cookies for advertising or analytics purposes. Our cookies are strictly necessary for the platform to function properly.

4. How We Share Your Information

We share your information only in the following circumstances:

Public Information

Your musician profile is publicly viewable, you control what to share through your MusDiary dashboard, including:

  • Display name, bio, location, instruments
  • Public diary entries, recordings, performances
  • Repertoire and collaboration information
  • Photo gallery
  • Repertoire and practice stats, mood tracker entries
  • FAQ, polls
  • booking schedule, membership price and product offerings
  • Contact button, website URL, social media profiles

Service Providers

  • Supabase: Database hosting and authentication
  • PayPal: Payment processing for MusDiary monthly subscriptions ($14.95/month), fan memberships to musicians, and physical items. See detailed explanation below.
  • Vercel: Platform hosting
  • Cloudflare R2: Media storage

PayPal Integration & Data Processing

MusDiary Platform Subscription: When you subscribe to MusDiary ($14.95/month), your payment is processed by PayPal. We receive transaction confirmation to activate your musician account.

Fan Memberships & Physical Items: Musicians set up their own PayPal Business accounts to receive payments directly from their supporters. MusDiary does not process, hold, or have access to these payment funds.

What information we receive: To manage membership access and track sales, MusDiary receives automated notifications from PayPal called Instant Payment Notifications (IPN). However, we only process notifications that are specifically related to MusDiary fan memberships and physical perks.

IPN Filtering for Privacy: Musicians configure PayPal to send all payment notifications to MusDiary. To protect privacy and ensure we only process relevant transactions, we filter these notifications using:

  • PayPal Plan IDs: For subscriptions, we only process notifications that match a registered MusDiary fan membership tier (identified by Plan ID starting with "P-")
  • PayPal Button IDs: For physical item sales, we only process purchases made through registered MusDiary signed items (identified by Button ID)
  • Ignored transactions: All other PayPal activity from the musician's account (unrelated subscriptions, personal purchases, other products) is automatically ignored and not stored in our database

Information we collect from filtered notifications:

  • For subscriptions: PayPal subscription ID, Plan ID, payer email address, payment status, and transaction type (signup, payment, cancellation, expiration, or failed payment)
  • For physical item purchases: Transaction ID, Button ID, payer email address, item name, quantity, payment amount, payment date, and payment status
  • Merchant information: The musician's PayPal email address to identify which profile the transaction belongs to

What we do with this information:

  • Grant or revoke access to members-only content based on subscription status
  • Track active, cancelled, and expired memberships
  • Record sales of physical items for musicians' reference
  • Verify transaction authenticity with PayPal to prevent fraud

Your financial privacy: We never receive or store credit card numbers, bank account details, or full payment information. All payment processing is handled securely by PayPal. The payer email address is only used to match subscriptions to member accounts and is not shared publicly or used for marketing purposes.

Legal Requirements

We may disclose your information if required by law, to protect our rights, or to respond to legal processes.

5. Data Security

We implement appropriate security measures to protect your information, including:

  • Encrypted data transmission (HTTPS/SSL)
  • Secure authentication through Supabase Auth
  • Row-level security policies on database access
  • Regular security updates and monitoring

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your profile information through your settings
  • Deletion: Request deletion of your account and associated data
  • Data Portability: Request your data in a portable format
  • Opt-out: Unsubscribe from marketing emails (authentication emails cannot be disabled)

7. Data Retention

We retain your information for as long as your account is active or as needed to provide our services. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal purposes.

8. Children's Privacy

MusDiary is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected such information, we will delete it immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

10. Third-Party Links

MusDiary may contain links to external websites (such as social media profiles or external music platforms). We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a notice on the platform. Your continued use of MusDiary after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

Email: info@musdiary.com info@musdiary.com

GDPR & Privacy Compliance

For users in the European Union, MusDiary complies with the General Data Protection Regulation (GDPR). You have additional rights under GDPR, including the right to lodge a complaint with a supervisory authority.

MusDiary - Your Musical Journey