Privacy Policy

Last updated: December 10, 2025

1. Introduction

Welcome to Rocketship Music ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our artist analytics platform and related services. This policy complies with applicable data protection laws and the terms of third-party platforms we integrate with, including Meta's Platform Terms.


This privacy policy applies to the Rocketship Music artist analytics platform and related services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • First and last name
  • Authentication credentials (managed securely through Auth0)
  • Account preferences and settings

2.2 Artist Profile Information

When you create an artist profile, we collect:

  • Artist or band name
  • Base city/location
  • Instagram handle and verification status
  • Links to social media profiles (Spotify, YouTube, TikTok, SoundCloud)

2.3 Instagram/Meta Platform Data

When you connect your Instagram account to verify your artist identity, we access and process the following data from Meta's Instagram platform ("Platform Data") using the instagram_business_basic permission:

Data We Access:

  • username: Your Instagram @handle
  • user_id: A unique account identifier assigned by Instagram
  • account_type: The type of Instagram account you have
  • profile_picture_url: URL to your Instagram profile picture

Data We Store:

  • Instagram Username: Your public Instagram handle (stored to display on your artist profile)
  • Instagram User ID: Used to confirm account ownership and verification status
  • Verification Status: A flag indicating your Instagram account has been verified

How We Process This Data:

  • You click "Verify Instagram" on our onboarding page
  • You authenticate via Instagram OAuth popup
  • We retrieve your username and user_id to confirm account ownership
  • The verified Instagram handle is displayed on your artist profile
  • Data is transmitted over secure HTTPS connections

Access Token Handling:

We do NOT store Instagram access tokens long-term. Access tokens are only used during the verification flow to confirm your account ownership and retrieve your basic profile information. Once verification is complete, the access token is discarded.

Purpose of Processing:

  • Identity Verification: To verify that you own the Instagram account associated with your artist profile
  • Prevent Impersonation: Only verified account owners can claim their artist profile
  • Display Verification: To display your verified Instagram handle on your public artist page

Data We Do NOT Collect or Store:

  • Your Instagram password
  • Instagram access tokens (not stored long-term)
  • Your Instagram followers or following lists
  • Your Instagram posts, stories, reels, or media content
  • Your Instagram direct messages
  • Any data from accounts you follow or that follow you
  • Your Instagram insights or analytics

2.4 Song and Content Data

When you submit songs for analysis, we collect and process:

  • Audio files (MP3, WAV formats)
  • Album artwork images
  • Song metadata (title, album name, genre)
  • Lyrics (extracted during analysis)
  • AI-generated analysis data including audio features, sentiment analysis, and insights

2.5 Location Information

With your explicit permission, we may collect your geographic location through your browser's Geolocation API. This information helps us:

  • Provide location-relevant insights
  • Improve our services based on regional trends
  • Customize your experience

2.6 Payment Information

When you make purchases or subscribe to our services:

  • Payment processing is handled by Stripe, a PCI-compliant payment processor
  • We do not store your full credit card information
  • Billing records and transaction history are maintained for accounting purposes

2.7 Automatically Collected Information

When you use our platform, we automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Pages visited and features used
  • Session data and authentication tokens

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Create and manage your account
  • Process and analyze your submitted songs
  • Generate detailed analytics reports and insights
  • Verify your identity and social media account ownership (including Instagram verification)
  • Process payments and manage subscriptions
  • Send transactional emails (account confirmations, analysis completion notifications)
  • Provide customer support
  • Improve our services and develop new features
  • Comply with legal obligations

We only process your data as described in this Privacy Policy and in accordance with applicable laws and regulations.

4. Third-Party Services

We work with trusted third-party service providers to deliver our services:

Auth0

Authentication and identity management. Auth0 processes your login credentials and manages secure access to your account.

Meta (Instagram/Facebook)

Instagram account verification through OAuth. We use Meta's Instagram Graph API to verify your Instagram account ownership. Our use of Instagram Platform Data is subject to Meta's Platform Terms and this Privacy Policy.

For more information about how Meta handles your data, please visit: Meta Privacy Policy

Amazon Web Services (AWS)

Cloud storage for audio files and artwork. Your uploaded content is securely stored in AWS S3.

AI Music Analysis Engine

Third-party AI service that analyzes your submitted songs to generate insights, extract features, and provide recommendations.

Stripe

Payment processing. Stripe securely handles all payment transactions and is PCI DSS compliant.

5. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encrypted data transmission using TLS/SSL
  • Secure cloud storage with access controls
  • JWT-based authentication with secure token handling
  • Regular security assessments and updates
  • Access restrictions to personal data on a need-to-know basis
  • No long-term storage of third-party access tokens (Instagram tokens are discarded after verification)

6. Cookies and Local Storage

We use cookies and browser storage to enhance your experience:

  • Authentication cookies: To keep you logged in securely
  • Session storage: To maintain your session state during onboarding and form submissions
  • Local storage: To store authentication tokens for API access
  • OAuth state cookies: Temporary cookies used during Instagram verification (automatically expire after 5 minutes)

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services:

  • Account data: Retained while your account is active
  • Instagram verification data: Retained while your account is active and Instagram connection is maintained
  • Song and analysis data: Retained to allow continued access to your reports
  • Payment records: Retained as required by law for tax and accounting purposes

You may request deletion of your account and associated data at any time (see Section 8 below).

8. Your Rights and Data Deletion

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate personal data
  • Deletion: Request deletion of your personal data
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing of your personal data
  • Withdrawal of consent: Withdraw consent where processing is based on consent

How to Request Data Deletion

To request deletion of your data, including any Instagram/Meta Platform Data we have collected, you can:

  1. Email us directly: Send a deletion request to info@rocketship.music with the subject line "Data Deletion Request"
  2. Include in your request:
    • Your account email address
    • Your artist name (if applicable)
    • Specify if you want complete account deletion or specific data removal

What Happens When You Request Deletion

  • We will verify your identity to protect against unauthorized requests
  • We will process your request within 30 days
  • We will delete your account data, artist profiles, and uploaded content
  • We will delete any Instagram/Meta Platform Data associated with your account (username, user ID, verification status)
  • Some data may be retained if required by law (e.g., payment records for tax purposes)

Disconnecting Instagram Only

If you only wish to disconnect your Instagram account without deleting your entire account, you can also revoke access through your Instagram settings at Instagram App Settings. Once revoked, we will no longer have access to your Instagram data, and we will remove your Instagram verification status from your artist profile.

9. Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@rocketship.music to have the information removed.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our service providers, including AWS, Auth0, Meta, and our AI analysis partners, may process data in various locations globally. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws, including GDPR and CCPA where applicable.

11. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you explicitly agree to data processing (e.g., connecting your Instagram account)
  • Contract: To fulfill our service agreement with you
  • Legitimate Interest: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws and regulations

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.

13. Platform Compliance

Our use of data from third-party platforms is subject to their respective terms and policies. This Privacy Policy does not supersede, modify, or conflict with Meta's Platform Terms or any other applicable platform terms. In the event of any conflict, the platform's terms shall prevail with respect to that platform's data.

14. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your data rights, please contact us:

Rocketship Music
Email: info@rocketship.music

We aim to respond to all privacy-related inquiries within 30 days.

HomeTerms of ServiceLoginSign Up