Privacy Policy
Last updated: June 28, 2026
This Privacy Policy explains how William Mullin("Chop In", "we", "us"), who operates Chop In at chop-in.com (the "Service"), collects and handles information. By using the Service you agree to this policy.
Information we collect
- Account information. When you sign in, our authentication provider (Clerk) processes your email address and sign-in data so you can have an account.
- Spotify connection. If you connect Spotify, you authorize Chop In to read your currently playing trackthrough Spotify's API. We store the access/refresh tokens Spotify issues so the connection persists; these tokens are encrypted at rest. We do not collect your Spotify password, playlists, or listening history beyond the currently playing track needed to identify the piece.
- Usage and technical data. Standard server and log data (such as browser type, timestamps, and requests) used to operate and secure the Service.
- Cookies. A session cookie to keep you signed in. We do not sell your data or use it for advertising.
How we use information
To run the Service: identify the piece you are playing from your currently playing Spotify track, serve the matching public-domain score, keep you signed in, and operate, secure, and improve the Service. All piece detection happens server-side. We do not sell personal information.
Your Spotify data
Chop In uses the Spotify API and is subject to Spotify's Privacy Policy. We only read your currently playing track to do our one job. You can revoke Chop In's access at any timefrom your Spotify account settings (Account → Apps), which immediately ends our ability to read your playback.
Who we share information with
Service providers that help us run the Service, each processing data only to provide their service:
- Clerk: authentication and account management
- Neon: database hosting
- Vercel: web hosting and file storage (Vercel Blob)
- Spotify: the connected service that provides your currently playing track
We may disclose information if required by law, or to protect the rights, safety, or security of the Service or others.
Data retention
We keep your account and connection data while your account is active. You can ask us to delete your account and associated data, or disconnect Spotify yourself at any time. Deleting your account removes your stored tokens.
Your rights
You can request access to, correction of, or deletion of your personal information by contacting us. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA; we honor these requests as required by applicable law.
Data security
We use reasonable administrative and technical safeguards, including encrypting Spotify tokens at rest. No system is perfectly secure, but we work to protect your information.
Children
Chop In is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will delete it.
Changes
We may update this policy; we will revise the date above when we do.
Contact
Questions or requests: willmullinvsn@gmail.com.