Summary
Local playback, playlists, favorites and most settings are processed on your device. BlueMusic does not sell personal data and does not use third-party advertising or cross-app tracking.
Optional online features may process limited data needed to provide the feature: cloud storage browsing, artwork and metadata lookup, Firebase sign-in, Cloud Backup and subscription verification.
Local Music Library
Your audio files remain on your device unless you choose to access files from a cloud provider or your own media server. BlueMusic stores local app data such as playlists, favorites, hidden items, playback state and settings on your device.
BlueMusic does not upload your audio files to our servers as part of normal playback or Cloud Backup.
Account and Cloud Backup
You do not need an account to use BlueMusic as a local music player. If you enable Cloud Backup, BlueMusic uses Firebase Authentication so your backup belongs only to your account.
Depending on the sign-in method you choose, Firebase may process identifiers such as your Firebase user ID, email address, Google account identifier or Apple sign-in identifier. We use this only to authenticate you and protect your backup.
Cloud Backup stores an app-generated backup file in Firebase Storage. The backup can include app data such as playlists, favorites, settings, library metadata and album artwork used by the app. It is limited in size and is not intended to include audio files.
Cloud Backup requests and downloads use Firebase Cloud Functions, Firebase App Check, authentication and short-lived signed URLs. Backups are protected by server-side access controls and are transmitted over encrypted connections.
Subscriptions and Purchases
Cloud Backup is a paid feature. Purchases are handled by Google Play Billing or Apple In-App Purchase. BlueMusic verifies subscription status with Google Play or Apple before enabling premium backup features.
For fraud prevention, restore and support, BlueMusic stores limited subscription records in Firebase, such as product ID, platform, subscription state, expiration time, verification time and hashed purchase or transaction identifiers. Raw purchase tokens are not stored as plain text by our backend.
Billing, cancellation, refund and tax data are handled by Google or Apple according to the store account you used for the purchase.
Cloud Storage and Media Providers
Google Drive, OneDrive, Dropbox, Box, pCloud, self-hosted media servers
If you connect a cloud storage account, BlueMusic uses the permissions you approve to browse and play your own audio files. Where supported, BlueMusic requests read-only access. It does not modify, delete or upload files to those storage providers for playback.
OAuth tokens and media server credentials are stored on your device using the platform's secure storage when available. Requests to browse or stream cloud files are sent to the provider you selected.
If you manually configure a self-hosted server over plain HTTP, traffic to that server may not be encrypted by TLS. Use HTTPS for remote servers whenever possible.
Google API Services - Limited Use
BlueMusic's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
The read-only access to your Google Drive is used for a single purpose: to let you browse and play your own audio files inside BlueMusic. This Google user data:
- is used only to provide or improve the in-app music playback feature;
- is not transferred to or sold to third parties, except as strictly necessary to provide the feature, comply with applicable law, or as part of a merger or acquisition;
- is not used for advertising or unrelated profiling; and
- is not read by humans unless you give explicit consent for support, it is necessary for security, or it is required by law.
Artwork and Metadata Lookup
When you ask BlueMusic to find artwork or enrich song metadata, the app may send search terms, song title, artist, album, ISRC or other music identifiers to Apple services or to BlueMusic's Firebase backend so the app can retrieve public artwork and metadata.
These lookups are used to provide the requested in-app feature and are not used for advertising.
Diagnostics and Support
BlueMusic does not include advertising trackers. Platform providers, such as Google Play, Apple, Firebase, Google or Apple sign-in, may provide crash, integrity, billing or security information needed to operate their services.
If you email us for support, we will receive your email address and anything you choose to include in your message. We use that information only to respond, investigate bugs, protect the service or comply with legal obligations.
Account, Retention and Deletion
Local data can be removed by deleting the app or clearing its app data on your device. Cloud provider access can be revoked from the provider's account settings.
To request deletion of your BlueMusic Cloud Backup account or backup data, email laskyfeedback@gmail.com from the email address associated with your BlueMusic backup account and write "BlueMusic account deletion" in the subject.
After we verify ownership, we delete the Firebase Authentication account, Cloud Backup files, backup metadata and subscription entitlement records associated with that backup account, unless we must retain limited records for security, fraud prevention, legal compliance, dispute handling or tax/accounting obligations.
You can also request deletion of only Cloud Backup data without deleting your account. We aim to complete verified deletion requests within 30 days, unless a longer period is required by law or by an active dispute, security investigation or fraud-prevention hold.
Children
BlueMusic is not directed to children under the age required by applicable law to consent to online services. Do not enable online account or payment features if you are not allowed to do so.
Changes and Contact
We may update this Privacy Policy from time to time. Updates will be reflected on this page with a new date.
Technical Support: laskyfeedback@gmail.com