Privacy Policy

Data We Collect

• Email address and display name (provided during account creation)
• Profile slug (your custom URL)
• Music preferences (your 6 Spotify track selections and customization choices)
• Usage analytics via PostHog (localStorage-based, no cookies)
• Error tracking data via Sentry

How We Use Your Data

• Account creation and authentication
• Displaying your public profile and music selections
• Product analytics to improve the service
• Error monitoring to fix bugs

Third-Party Services

We use the following services to operate Headsix:

• Supabase — authentication and database (US)
• Vercel — hosting (US)
• PostHog — product analytics (US)
• Sentry — error tracking (US)
• Spotify — track metadata via API

Data Storage

Your data is stored in Supabase Postgres (US region) and retained until you delete your account.

Your Rights

You can access, correct, or delete your data at any time. Account deletion is available in Settings. For any data requests, contact us at feedback@headsix.com.

Cookies & Tracking

PostHog uses localStorage for analytics — not cookies. Supabase sets an httpOnly session cookie strictly necessary for authentication. We do not use third-party advertising cookies.

Children

Headsix is not intended for users under the age of 13. We do not knowingly collect data from children.

Changes to This Policy

We may update this privacy policy from time to time. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

Questions about this policy? Email us at feedback@headsix.com.