Bluetape Privacy Policy
Last Updated: March 27, 2025
Introduction
Bluetape (“we,” “us,” or “our”) is an application built on the Authenticated Transfer Protocol (“AT Protocol”) that respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we handle any information when you use our application.
Bluetape is designed with privacy at its core. We minimize data collection and maintain transparency about the limited information we do need to provide our service.
Overview
- Minimal Data Collection: We collect only what is necessary to provide our service.
- Session Information Only: We store only session information required for authentication and AT Protocol interaction.
- Apple Music Integration: When you use Apple Music features, this data remains between your browser and Apple Music API - we never receive or process this information.
- No Tracking: We do not use cookies or any tracking technologies to monitor your behavior.
- Your Data Rights: As a GDPR-compliant service, you maintain full rights over the limited data we do store.
Personal Information We Collect
Bluetape is designed to collect the absolute minimum amount of data necessary:
- Session Information:
- Decentralized Identifier (DID)
- AT Protocol handle
- Cryptographic keys
- Personal Data Server (PDS) information
This session information is necessary solely for authentication purposes and to facilitate interaction with the AT Protocol.
We do not collect:
- Your email address
- Your name or biographical information
- Your location data
- Your browsing history
- Your device information beyond what is needed for basic functionality
- Any analytics about your usage patterns
How We Use Limited Personal Information
We use session information solely to:
- Authenticate your session with the AT Protocol
- Enable you to interact with the AT Protocol network
- Facilitate the core functionality of Bluetape
Third-Party Services
AT Protocol Network Services
Bluetape is built on the AT Protocol. When you use Bluetape, you are interacting with the broader AT Protocol network, which is operated by various entities including Bluesky PBC. Your public posts and profile information on the AT Protocol are subject to the Bluesky AT Protocol Network Services Privacy Notice.
PDS Operator Privacy Policies: The majority of your data within the AT Protocol ecosystem is handled by your Personal Data Server (PDS) operator. It is essential that you review and understand the privacy policy of your specific PDS operator, as their practices will govern how most of your data is processed, stored, and potentially shared. For example, if you use Bluesky’s PDS service, your data would be subject to their privacy policy.
Apple Music Integration
When you use any Apple Music-related functionality within Bluetape:
- All communication occurs directly between your browser and the Apple Music API
- No Apple Music data is transmitted to our backend servers
- Your listening preferences, playlists, and other Apple Music information remain private
- Your use of Apple Music features is subject to Apple’s Privacy Policy
Data Storage and Security
The limited session information we collect is:
- Stored securely using industry-standard encryption
- Used only for authentication purposes
- Deleted when you log out or when your session expires
- Not shared with third parties except as necessary to provide the service
Your Rights Under GDPR
Under the General Data Protection Regulation (GDPR), you have the right to:
- Access any personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to our processing of your data
- Request restriction of processing
- Data portability
- Withdraw consent
To exercise any of these rights, please contact us using the information provided below.
Children’s Privacy
Bluetape is not directed at individuals under the age of 16. We do not knowingly collect personal information from children.
International Data Transfers and PDS Operators
As Bluetape operates on the global AT Protocol network, your session information is transmitted to your Personal Data Server (PDS), which is not controlled by us. The AT Protocol is decentralized by design, and we cannot control or guarantee where your PDS may store or process data, which may include servers located outside your jurisdiction.
Important: We strongly recommend that you review the privacy policy of your PDS operator (such as Bluesky PBC if you use their PDS service) to understand how they handle your data, including international transfers. Your PDS operator’s privacy practices will govern most of your data within the AT Protocol network.
Important considerations:
- Your public content on the AT Protocol network (posts, profile information, etc.) is globally accessible by design
- We have no control over how your chosen PDS provider handles your data
- We cannot guarantee safeguards for data transfers that occur within the broader AT Protocol network
- Our control is limited to the session information within our application
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Legal Basis for Processing Under GDPR
We process your limited personal data on the following legal bases:
- Performance of Contract: Processing necessary to provide you with the Bluetape service
- Legitimate Interests: Where processing is in our legitimate interests and not overridden by your rights
- Consent: Where you have given clear consent for specific processing activities
Data Retention
We retain session information only for as long as necessary to provide the Bluetape service. This information is deleted when you log out.
Your Choices
You can:
- Log out at any time to delete session information
- Use Bluetape without enabling Apple Music integration
- Disconnect your account at any time