■ Privacy policy ■
Last Updated: January 20, 2026
1. Introduction
RetroReverse ("we", "our", or "us") is a web application that allows you to create Spotify playlists with a nostalgic 90-minute mixtape format. This Privacy Policy explains how we collect, use, and protect your information when you use our service.
2. Information we collect
2.1 Information from Spotify
When you log in with Spotify, we receive:
  • Your Spotify user ID and display name
  • Your profile image URL
  • Access to read and modify your playlists
  • OAuth access and refresh tokens
2.2 Information we store
We store:
  • Share codes and metadata when you share mixtapes (stored for 7 days)
  • Your Spotify OAuth tokens (stored in your browser session only)
2.3 Information we don't collect
We do NOT collect:
  • Your Spotify password
  • Your email address (unless provided by Spotify profile)
  • Payment information
  • Tracking cookies or analytics
  • Your listening history
3. How we use your information
We use your information solely to:
  • Authenticate you with Spotify
  • Create and manage your mixtape playlists
  • Enable sharing of mixtapes with friends
  • Display your profile information in the app

We never sell, rent, or share your personal information with third parties for marketing purposes.

4. Data storage and security
4.1 Session storage
Your Spotify access tokens are stored in PHP session storage on our server and expire after your browser session ends or after 1 hour of inactivity.
4.2 Database storage
Share codes and associated metadata are stored in our MySQL database with the following retention:
  • Share codes expire after 7 days
  • Expired shares may be periodically purged from the database
4.3 Security measures
  • HTTPS encryption for all data transmission
  • Prepared SQL statements to prevent injection attacks
  • OAuth 2.0 secure authentication flow
  • No plaintext storage of sensitive credentials
5. Third-party services
5.1 Spotify
Our service integrates with Spotify's Web API. Your use of Spotify is governed by Spotify's Privacy Policy.
5.2 CDN services
We use CDN services (Alpine.js, Google Fonts) to deliver frontend assets. These services may collect standard web analytics.
6. Your rights and choices
6.1 Access and control
  • You can revoke RetroReverse's access anytime via Spotify Account Settings
  • You can log out to end your session immediately
  • You can delete playlists created by RetroReverse at any time
6.2 Data deletion
To request deletion of your data:
  • Revoke app access via Spotify (removes authentication)
  • Contact us to request deletion of any share codes associated with your account
7. Children's privacy
RetroReverse does not knowingly collect information from children under 13. Our service is intended for users who meet Spotify's age requirements (13+ with parental consent, 18+ in some regions).
8. International users
Your data may be transferred to and processed in countries other than your own. By using RetroReverse, you consent to such transfers.
9. Changes to this policy
We may update this Privacy Policy from time to time. The "Last Updated" date at the top will indicate when changes were made. Continued use of the service after changes constitutes acceptance of the updated policy.
10. Contact us
If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: info@retrorever.se
Website: retrorever.se

← BACK TO RETROREVER.SE