Skip to content
This repository has been archived by the owner on Jan 14, 2020. It is now read-only.

Latest commit

 

History

History
executable file
·
71 lines (57 loc) · 5.18 KB

tidal.md

File metadata and controls

executable file
·
71 lines (57 loc) · 5.18 KB
Raw

Tidal Privacy Policy

Last reviewed: 2016-12-18

tl;dr Tidal:

  • collects too much information
  • shares information too readily
  • uses aggressive/pervasive tracking
  • may charge you if you contact them to request access to your information
  • may keep your information even if you delete it or close your account
  • may be working with data brokers

Information they collect

  • registration information: username and password
  • in case you provide it: your name, address, phone number, and age
  • payment information
  • content you generate, including photos and comments
  • metadata associated with such content (e.g. if you upload a photo, they may look for geotags, creation date, and so on, which is metadata stored in the photo)
  • usage information: how you use the service, favorites, etc.
  • time of log-in, Tidal client version
  • a unique identifier for the devices you use
  • information gathered by first or third party analytics tools
  • information gathered through server logs
  • information you provide when answering surveys
  • information that third parties share about you (including "Facebook, business partners, advertising networks, analytics providers or any telecommunications providers through which you may access" Tidal)

What they share and how

  • as usual, some information is shared with service providers (e.g. a hosting provider)
  • specific information will be shared, if you consent to it (e.g. if you connect Tidal to Facebook)
  • Tidal "may provide ... third parties with aggregated, anonymised data collected about you"
  • some information is shared with and collected by payment providers (and you're bound to their PP)
  • information may be shared when Tidal engages "third parties to perform services" on their behalf
  • information may be shared if necessary to comply with the law and any legal obligation
  • information may be shared if necessary to enforce the PP or the TCU
  • information may be shared for "fraud protection and credit risk reduction"
  • information may be shared if Tidal is bought or buys another business, including if Tidal sells some of their assets
  • "de-identified" information is shared with "third party rights holders" (musicians and labels); this information becomes non-anonymous if you choose so
  • "if you contest or dispute any of our charges", information may be shared with "your credit card company or financial institutions" (to resolve the issue)
  • cookie and streaming data may be shared with third party advertisers, including contact data; there is no guarantee that this is anonymised information
  • anonymised aggregate information may be shared with third party advertisers

What you can do about these rules

  • some of the third parties Tidal relies on may be located in countries that offer reduced protection of your data, including protection that is not adequate to protect it
  • "you may not be able to opt out of certain important email communications"
  • if you opt in to marketing communications, including those of third parties, you may unsubscribe from these later
  • Tidal vows to protect your personal data, but cannot guarantee its security during transmission; "you accept that any such transmission of your personal data is at your own risk"
  • Tidal retains your personal information "only for the period necessary to fulfil the purposes for which such data was collected"; if no longer necessary, information may be deleted, anonymised, or access to it blocked. This is bound by any applicable law regarding data retention.
  • if Tidal suspects misuse, they may use your information to investigate the misuse
  • Tidal will comply "at all times with applicable data protection legislation and regulations", but not necessarily those of your country
  • you can contact Tidal via [email protected] to request access, recitification or deletion of your information, or if you object to certain uses of your information; Tidal may charge you a fee "for accessing your personal data"
  • Tidal makes no claim to informing you if they change their Privacy Policy

Note that Tidal doesn't promise to delete your information once no longer necessary. Their wording suggests they might simply anonymise it, or keep it but prevent access to this information. Also note that your data will be hosted across the borders of your country. This means their respect for laws regarding data retention may make matters worse (i.e. if a country's law requires Tidal to keep data even after you delete your account).

Pervasive tracking

Tidal uses temporary and persistent cookies, including:

  • the cookies necessary to operate the service (e.g. a session cookie to keep you logged in)
  • cookies to monitor analytics and performance
  • cookies to recognise you and personalise the content for you
  • cookies to show you advertising, some of which may be shared with third parties
  • cookies placed by Google Analytics, which are bound to their PP
  • cookies for integration with Facebook, in case you connect the two services
  • cookies for integration with Twitter, in case you connect the two services

Note that Tidal shares your favorites with Facebook automatically, if you connect the two services. Also, note that cookies placed some third parties are bound to the Privacy Policy of the third party, instead of Tidal's.