Privacy Policy

Last Updated: December 18, 2025

DivineBeats ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our mobile app and website.

By using DivineBeats, you agree to this Privacy Policy. If you do not agree, please do not use our services.

1. Information We Collect

1.1 Information You Provide

When you create an account and use our service, we collect:

  • Email address (required)
  • Name (when registering or signing in with Google/Apple)
  • Account credentials (username, password if applicable)
  • Subscription information
  • Survey responses (age/gender, use case, decision factors) - collected for app functionality and improvement
  • Customer support communications

1.2 Information Collected Automatically

When you use our app or website, we automatically collect:

  • Device information: device type, model, name, operating system version, unique device identifier (deviceId), app version
  • Usage data: features accessed, session duration, listening preferences
  • Country location (for language detection)
  • Log data: access times, technical errors

1.3 Authentication Services

If you sign in with Google or Apple, we receive:

  • Basic profile information (name, email address)
  • Authentication tokens

2. How We Use Your Information

We use your information to:

  • Create and manage your account
  • Provide access to the app and its features
  • Process and manage your subscription
  • Enforce our 2-device limit per account
  • Send transactional emails (purchase confirmation, renewal, cancellation, expiration, billing issues)
  • Send marketing emails (only if you opt in)
  • Provide customer support
  • Improve our service and develop new features
  • Comply with legal obligations

3. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

  • Contract Performance: To provide the service you requested
  • Legitimate Interests: To improve our service, prevent fraud, ensure security
  • Consent: When you opt in for marketing communications or provide explicit consent
  • Legal Obligation: To comply with applicable laws

4. How We Share Your Information

We do not sell your personal information.

We share information with:

4.1 Service Providers

  • Firebase (Google): Authentication, data storage (Firestore), file storage
  • RevenueCat: Subscription management
  • Brevo: Transactional emails
  • MailerLite: Marketing emails (website only, opt-in required)
  • Apple App Store / Google Play Store: Payment processing (we do not store payment card information)

All service providers are contractually obligated to protect your data.

4.2 Legal Requirements

We may disclose information if required to:

  • Comply with legal obligations or court orders
  • Protect our rights or the safety of users
  • Prevent fraud or security threats

4.3 Business Transfers

If DivineBeats is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

5. Cookies and Tracking (Website Only)

Our website uses:

  • Google Analytics: To analyze website traffic and improve user experience
  • MailerLite tracking cookies: For marketing email campaigns (if you opt in)
  • Session cookies: To maintain your preferences and language settings

You can manage cookie preferences through your browser settings. Disabling cookies may affect website functionality.

Note: Our mobile app does not currently use analytics or tracking cookies.

6. Data Retention

6.1 Active Accounts

We retain your information as long as your account is active and necessary to provide the service.

6.2 Closed Accounts

After you delete your account:

  • Most data is deleted immediately from our primary systems
  • Transactional email data (Brevo) is retained for 60-90 days for legal, accounting, and fraud prevention purposes, then deleted
  • Some information may be retained longer if required by law

6.3 Legal Requirements

Information may be retained longer if required for legal proceedings or compliance.

7. Data Security

We implement security measures to protect your information:

  • Encryption of data in transit and at rest
  • Secure authentication mechanisms
  • Access controls
  • Regular security assessments

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Your Rights (GDPR)

If you are in the EEA or other jurisdictions with data protection laws, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Request deletion of your information
  • Receive your data in a portable format
  • Restrict processing in certain circumstances
  • Object to processing based on legitimate interests
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at support@divinebeats.app

9. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information is collected
  • Know if personal information is sold or disclosed (we do not sell personal information)
  • Request deletion
  • Non-discrimination for exercising your privacy rights

To exercise these rights, contact us at support@divinebeats.app

10. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence. When we transfer data outside the EEA, we use:

  • Standard Contractual Clauses approved by the European Commission
  • Other legally approved transfer mechanisms

11. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect information from children under 16. If you believe your child has provided us with personal information, contact us at support@divinebeats.app and we will delete it.

12. Email Communications

12.1 Transactional Emails (cannot opt out)

  • Account creation, password resets
  • Subscription confirmations, renewals, cancellations
  • Billing issues and payment receipts

12.2 Marketing Emails (can opt out)

  • Product updates, new features
  • Promotional offers

12.3 Opting Out

To opt out of marketing emails:

  • Click "unsubscribe" in any marketing email
  • Contact us at support@divinebeats.app

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you by:

  • Posting the updated policy in the app and on our website
  • Sending an email notification (for material changes)
  • Updating the "Last Updated" date

Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights:

Email: support@divinebeats.app
Operated by: Vasja Ferrari
Location: Slovenia, European Union

For GDPR or data protection inquiries, use the email above.