Privacy policy
Personal data/privacy policy


We at Auddly AB (the "Provider") are dedicated to treating our users' (the "User(s)"/"You"/"Your") personal data with care and respect in relation to Your use of the Auddly platform ("Auddly") and all services provided on Auddly (collectively the "Service"). This is the Privacy Policy for the Service and, as such, it describes how the Provider collects, uses, and shares the personal data of individuals whenever they use the Service.

1.1 The Provider complies with EU Directive 95/46/EC, and any laws implementing this in Your country. This law regulates the processing of personal data and grants individuals various rights in respect of their personal data. The Provider will be liable for the processing of personal data for which the Provider decides the purposes and the means for which the personal data is processed. Personal data is any information which directly or indirectly identifies a natural living person, e.g. name and address but also photos of individuals uploaded related to a Song. Terms starting with a capital letter and not defined herein are defined in the Terms of Use and have the meaning assigned to them in the Terms of Use.

1.2 The Provider may collect the following information, including personal data, about You and/or Your physical representatives, Creators and employees etc., the "Data Subject": 1.2.1 Registration information: When creating a user account with the Provider Data Subjects will be required to provide the following information: name; surname; email; phone number and IPI/IPN number. Please note that the Provider may be unable to provide the Services unless a Data Subject provides this personal data. The Provider may store this information so that it can be used for purposes explained in Section 1.3.

1.2.2 Song information: When a Data Subject starts a Song Data Subjects are required to provide certain information such as their name and the name of the Song. When a Data Subject starts or joins a Song, the Provider may also collect and process other information disclosed by Data Subjects, such as information about their (or others') skills (e.g. instruments played), experience (where, what and when performed), membership in relevant organisations, agreements they may have entered into, their representation, location, distribution arrangements and photos and recordings of the Data Subject.

1.2.3 Usage information: When a Data Subject uses the Service certain information will be collected automatically, including: (i) information about their interactions with the Service; (ii) the details of the queries they make; (iii) content they post, upload and/or contribute to the Service; (iv) technical data, which may include the URL they have come from or gone to, their IP address, unique device ID, network and computer performance, browser type, language and identifying information and operating system; and (v) location information. The Provider may store this information so that it can be used for purposes explained in Section 1.3.

1.3 The Provider will process the information described in Section 1.2 above for the following purposes: (a) to administer a User's account, to enable and provide the Service and integrate with collecting societies and any other third party services as applicable and as the User may have chosen, and to provide, personalise and improve the Data Subject's experience with the Service, and to otherwise fulfil the Agreement with the User; (b) to send the Data Subject alerts or messages by email or otherwise, including (with the Data Subject's consent) to provide them with marketing communications about the Provider's similar products and services and to inform them about updates of the Service or of the Agreement, (c) to improve and develop the Service or new services and products and to analyse their use of the Service, (d) to ensure the technical functioning of the Service and to monitor and prevent use of the Service in breach of the Agreement, (e) to enforce the Agreement, including to protect the rights, property and safety of the Provider and other persons, (f) as necessary to allow financing or transfer of all or part of the Provider and (g) to fulfil requirements by law.

1.4 From time to time and with the Data Subject's consent, the Provider may send the Data Subject direct marketing communications relating to its own similar products and services, by email or SMS or similar communication. The Provider may also provide the Data Subject's details to or send the Data Subject marketing from third parties so that the Data Subject can receive direct marketing relating to products or services that may be of interest to individuals and companies operating in the music industry. The Data Subject may at any time withdraw their consent to the use of their personal data for direct marketing purposes by emailing

1.5 The Provider may disclose personal data about Data Subjects to its contractors, service providers, partners, potential investors in or buyers of all or part of the Provider, and to collecting societies, within the EU/EEA and outside the EU/EEA, to countries or territories whose laws may not provide an adequate level of protection for personal data, for the purposes stated in Section 1.3 above. Where such third parties process personal data on the Provider's behalf, the Provider will control and be responsible for the use of such Personal Data.

1.6 For the purpose of spreading recognition and credit Users in relation to their contributions to musical works, the Provider may also share and/or sell personal data provided in the Service such as Your name and role in the creation or production of music shared through the Service to third parties who collect or publish information relating to track or other music information, such as online streaming services or collecting societies.

1.7 The Provider will not sell or share Your contact details for marketing purposes without your prior consent.

1.8 Data Subjects may be entitled, under local law, to exercise rights of access, rectification, erasure or blocking of personal data processed by the Provider. The ability to exercise such rights may be limited by local law. If a Data Subject wishes to exercise any of these rights, they should write to the address above stating their full name and, if applicable, their address, user name and the email address used for registration. The Provider will reserve the right to charge any fee permitted under national law to allow such rights to be exercised. California U.S.A. users under the age of 18 may request the removal of their content or information publically posted on the Service by emailing us at by emailing Please note that most of the user content that appears on the Service is stored and controlled by third party providers; thus, complete and comprehensive removal of the content may not be possible.

1.9 You must ensure that any Data Subject who are Your physical representatives and employees etc., whose personal data may be processed by the Provider, are made aware of the contents of this Section 1 and any sections to which it refers, and provide necessary consents, at the latest when their personal data is provided to the Provider.

1.10 You must also ensure that any personal data submitted by You relating to others (such as individuals not using the Service) whose personal data may be processed by the Provider, are made aware of the relevant contents and implications of these Terms Of Use and provide You with any necessary consent to the processing no later than at the time their personal data is shared with the Provider.

1.11 The Provider has implemented reasonable technical and organisational measures designed to secure personal data from accidental loss and from unauthorised access, use, alteration or disclosure. However, the Internet is an open system and the Provider cannot guarantee that unauthorised third parties will never be able to defeat those measures or use personal information for improper purposes.

1.12 The Service is intended for users who are 16 years old or older. Provider does not knowingly collect personal data from children under the age of 16. If Provider becomes aware that it has inadvertently received personal data from a child under the age of 16, Provider will delete such data from its records.


2.1 A cookie is a small text file that a website asks to place on Your computer, mobile phone, or other device when You visit a website. A cookie can help the website provider to recognise Your device the next time You visit the website, provide You with access to certain functions on the website and/or register Your browsing history. There are other technologies such as pixel tags, web bugs, web storage and other similar files and technologies that can do the same thing as cookies. The term "cookies" in this Agreement refers to cookies and all such similar technologies.

2.2 The Provider uses the following cookies for following purposes: 2.2.1 Essential operational cookies: These cookies are necessary for the Provider to operate the Service as You have requested. For example, they allow the Provider to recognise You and then provide You with the Service accordingly.

First-Party Essential Operational Cookies

Cookie name Description Domain Type of data stored Retention period
auddly_session A session cookie that constitutes a unique identifier necessary for user session management Authentication token When the browsing session ends or the user logs out of the service
auddly_csrf_token A session cookie (token) which mitigates the risk of man-in-the-middle attacks CSRF Token When the browsing session ends or the user logs out of the service

2.2.2 Analytics cookies: The Provider uses these cookies to analyse how the Service is accessed, used or is performing. The Provider uses this information to maintain, operate and continually improve the Service. The Provider may also obtain information from our email newsletters, to learn whether You opened or forwarded the newsletter or clicked on any of the content, to analyse the effectiveness of the newsletters and ensure that You will be receiving information that You find interesting.

Third-Party [Analytics] Cookies

Cookie name Third-party provider Description Domain Type of data stored Retention period
utma; utmb; utmc; utmt_UA-{id}; utmz Google Google Analytics solution used to: (i) distinguish users and sessions; (ii) determine new sessions/visits; (iii) explain how the user reached the website (e.g. via a specific campaign); (iv) throttle request rate and (v) set for interoperability with urchin.js Stores the traffic source or campaign that explains how the user reached your site. utma: 2 years; utmt_UA-{id}: 1 year; utmz: 6 months; utmb and utmc: session cookies
Intercom-id-{id}; Intercom-id-{id2}; Intercom-session-{id} Intercom Intercom tracking cookie provides communication, messaging and other marketing services, helping us to better reach our customers. Please see Intercom's Privacy Policy ( 20 years; (Intercom-session-{id}: a session cookie)
mp_{id}; mp_mixpanel_c Mixpanel Product analytics used to (i) get insight on how users arrive at the application and how they interact with it so that we could better their experience; (ii) identify the most used sections as well as for communications aimed at improving service use experience Information on users' interaction with the service such as their distinct ID and initial referral 1 year (mp_mixpanel_c : a session cookie)

2.2.3 Functional cookies: The Provider uses these cookies to operate certain functions of the Service in line with the choices You make. These cookies mean that when You continue to use or come back to the Service, it is provided as You have previously requested, e.g. remembering Your username and how You have customised the Service.

First-Party Functional Cookies

Cookie name Description Domain Type of data stored Retention period
auddly_refresh_token A persistent cookie allowing a returning user to be automatically logged in Authentication refresh token 30 days or when the user logs out of the service
auddly_refresh_expiry A persistent cookie allowing clients to determine if there is an auddly_refresh_token cookie Indication of the existence of a refresh token 30 days or when the user logs out of the service

2.3 Most web browsers allow You to manage Your cookie preferences. You can set Your browser to refuse cookies, or delete certain cookies. Generally You should also be able to manage similar technologies by using Your browser's preferences.

2.4 Please note that if You choose to block cookies, this may impair or prevent due functioning of the Service.

2.5 The Provider uses a third party services to track activity related to the Service, e.g. by placing cookies. You can install an opt-out in Your web browser if You do not want any information to be collected and used by this analytic service.

2.6 More information about the use of cookies and how to block them can be found on e.g. and If You have any questions or comments about the Provider's use of cookies, please contact

2.7 When you are using the service, you may notice that there are third-party cookies from other websites. Namely, Google Analytics and Mixpanel. We collect from and send visitor analytics data to them. The details about these cookies are in the table under section 2.2.2. Provider does not respond to “Do Not Track” signals.