Stats Server

1. General provisions

These Terms of Use define the rules for using the Stats Server web application and Spotify-connected dashboard, referred to below as the "Service". The Service allows users to display, synchronize, import, export and delete listening statistics saved in the user's Stats Server backend.

The Service is operated by ATLASHC PAWEŁ DOLATOWSKI, Sadowa 9, 64-514 Pamiątkowo, Poland, e-mail: kontakt@atlashc.pl, NIP: 7871113283, EU VAT: PL7871113283, REGON: 302382396. By using the Service, the user accepts these Terms.

2. Scope of the Service

The Service may allow the user to:

• connect a Spotify account for authentication, if this feature is configured,
• display saved listening statistics from the Stats Server API,
• synchronize recent Spotify-related track data with the backend,
• import listening history files in a format supported by the backend,
• search, filter and review saved tracks, artists, albums and play counts,
• delete saved statistics from the dashboard.

3. Relationship with Spotify

The Service uses Spotify developer tools only to the extent needed to provide the Spotify-connected features selected by the user. The Service is not an official Spotify product. The operator does not make any warranties or representations on behalf of Spotify and does not imply endorsement, sponsorship, partnership or co-branding by Spotify.

Use of Spotify, a Spotify account and Spotify content remains subject to Spotify's own terms, policies and account settings. Spotify may change or restrict its APIs, quotas, scopes or platform rules independently of the operator.

4. Technical requirements

To use the Service, the user needs an up-to-date web browser, network access, a correctly configured Stats Server API endpoint and, for Spotify-connected features, a Spotify account and a valid Spotify developer configuration. Some features may be unavailable if the API, database, Spotify authorization, hosting provider or external service is unavailable.

5. User responsibilities

The user agrees to use the Service lawfully and responsibly. The user must not:

• submit data that the user is not entitled to use,
• attempt to bypass security, authorization or API limitations,
• interfere with the Service, backend, database, Spotify Platform or other services,
• use the Service to infringe third-party rights or violate applicable law,
• use Spotify data or content in a way that is not permitted by Spotify's terms.

6. Spotify content and user data

The user is responsible for the legality and accuracy of data submitted to the backend, including imported listening history and data associated with a Spotify account. Spotify metadata, cover art and related data may be displayed only as part of the Service's functionality and should not be offered as a standalone product or dataset.

7. Availability and liability

The Service is provided on an "as is" and "as available" basis. The operator aims to keep the Service stable, but does not guarantee uninterrupted availability, error-free operation or compatibility with every environment.

The operator is not responsible for incorrect API configuration, loss of access to Spotify or other third-party services, hosting outages, user-imported data errors, or decisions made based on statistics shown in the Service.

8. Changes to these Terms

The operator may update these Terms when the Service changes, legal requirements change, Spotify platform requirements change, or technical requirements change. The current version is published on this page.

1. Data controller

The controller of personal data is ATLASHC PAWEŁ DOLATOWSKI, Sadowa 9, 64-514 Pamiątkowo, Poland, e-mail: kontakt@atlashc.pl, NIP: 7871113283, EU VAT: PL7871113283, REGON: 302382396. No Data Protection Officer has been appointed.

2. Data that may be processed

Depending on configuration and user actions, the Service may process:

• Spotify account data, such as Spotify user ID, display name and, if provided by Spotify, email address,
• Spotify authorization data used temporarily during login; the frontend does not intentionally store the Spotify access token,
• listening statistics, including track title, artist, album, Spotify track ID, cover art URL, play count and playback time,
• data imported by the user from listening history files,
• technical data, such as IP address, browser information, server logs and request timestamps,
• browser localStorage data, such as API base URL, Spotify user ID and display name.

3. Purposes and legal bases

Personal data may be processed to:

• provide the Service and display the user's listening statistics,
• handle Spotify login and distinguish users in the backend,
• synchronize, import, export and delete user statistics,
• ensure security, debug errors and maintain the backend,
• respond to user requests and exercise or defend legal claims.

The legal basis may be performance of a contract or steps requested by the user, legitimate interest in maintaining and securing the Service, a legal obligation, or consent where a particular feature requires consent.

4. Spotify permissions and account disconnection

When the user connects a Spotify account, Spotify may ask the user to authorize access to selected account data. The Service should request only the permissions needed to operate its features. The user may disconnect from the Service by logging out in the dashboard, clearing local browser data, requesting deletion from the operator, and revoking access in the user's Spotify account settings where available.

After the user disconnects the Spotify account or requests deletion, the operator should delete or stop processing Spotify personal data unless further retention is required by law or necessary for legitimate claims.

5. LocalStorage, cookies and similar technologies

The dashboard may use browser localStorage to remember the API base URL, Spotify user ID and display name. These values remain in the browser until the user logs out, clears site data or removes them manually. The dashboard does not require marketing cookies to function.

6. Recipients of data

Data may be processed by providers supporting the Service, such as hosting, infrastructure, database, technical service and authentication providers. If Spotify login is enabled, the authorization process involves Spotify. The operator does not sell Spotify content or Spotify personal data obtained through the Service.

7. Transfers outside the EEA

If the operator uses providers with infrastructure outside the European Economic Area, personal data may be transferred outside the EEA based on appropriate safeguards, such as standard contractual clauses or other mechanisms allowed by applicable law. This section should be reviewed against the actual hosting and provider setup before publication.

8. Retention period

Listening statistics are stored until the user deletes them, requests deletion, removes the account, or until retention is no longer necessary for the purposes described in this Privacy Policy. Technical logs should be kept only for as long as needed for security and diagnostics. Set a concrete log retention period before publication, for example 30 days, if such a period applies.

9. User rights

Under applicable data protection law, the user may have the right to:

• access personal data and receive a copy,
• rectify inaccurate data,
• delete data,
• restrict processing,
• data portability,
• object to processing,
• withdraw consent where processing is based on consent,
• lodge a complaint with the President of the Personal Data Protection Office in Poland.

10. Security

The operator should apply technical and organizational security measures appropriate to the risk, including access controls, software updates, secure server configuration, limited database access and backups where needed. The user should also protect access to their browser, Spotify account and API endpoint.

11. Automated decision-making

The Service is not intended to make decisions about users that produce legal effects or similarly significant effects solely by automated means. If such functionality is added, this Privacy Policy should be updated.

12. Contact

For matters related to these Terms, privacy or user rights, contact the operator by e-mail: kontakt@atlashc.pl, or by post: Sadowa 9, 64-514 Pamiątkowo, Poland.