Privacy Policy – USER DEV Tipino for Early Birds

Version: 1.0.1
Effective Date: 19. April 2026

Operator:
Tipino – Association for Fair Artist Support
c/o Stephan Lipp
8626 Ottikon, Switzerland
Email: getintouch@tipino.app
UID CHE-275.625.159

1. What Tipino does

Tipino is a platform that lets music fans support artists. Fans can create an account, connect supported music services, subscribe to a paid plan, buy or assign trophies, configure distribution preferences, follow or recommend artists, and use public profile or sharing features.

We process personal data only where it is needed to operate Tipino, keep the platform secure, comply with legal obligations, improve the service, or where you have given consent.

We do not sell personal data.

2. Data we collect

2.1 Account and registration data

When you create or use a Tipino account, we may process:

WordPress user ID, username, password hash, account role and account status
first name, last name, nickname and display name
email address
country, time zone and language or display preferences
date of birth or age-check information where needed to verify eligibility
profile picture, original uploaded avatar, crop settings and display settings
account activation codes, password recovery tokens and expiry timestamps
last login, login history, IP address and browser user agent
two-factor or security preference metadata
invitation codes, personal referral IDs, referrer IDs and artist referral IDs
policy acceptance records for the Terms of Service and Terms of Use
records showing whether you have seen platform news or update notices
onboarding status, reminders and account configuration choices

2.2 Public profile and community data

If you use public or social features, we may process:

whether your profile is public
profile text such as a short introduction
artist recommendations
social profile URLs you add to your profile
artists you follow or configure
achievements, badges or similar activity markers
public rankings and public top-artist or top-track summaries
share-link and share-image interactions, such as selected background, text
template and download timestamp
posts, reactions and shares where those features are enabled

Some of this information may be visible to other visitors or users, depending on your profile settings and the feature you use.

2.3 Connected music-service data

When you connect a music service, Tipino receives data from that service only
within the scope you authorise. Depending on the service and feature, this may
include:

service user ID, username, display name, country or storefront
OAuth access tokens, refresh tokens, session keys, auth state values and token
expiry timestamps
re-authentication status, error counts, cursors and last-fetch timestamps
listening history, recently played tracks, liked tracks, followed artists,
playlists, playlist tracks or library / collection information
track, album and artist metadata, such as names, external IDs, images,
genres, duration, play timestamp, play count and listened milliseconds
matching and attribution evidence used to connect a play to a Tipino artist,
track or album

Supported or experimental integrations may include Apple Music, Tidal, SoundCloud, Last.fm, Discogs.

Streaming Services may be used for account connection, listening data, artist metadata and playlist imports. Tipino never receives the password of any connected service. Tipino uses tokens or API credentials returned by the provider, not your provider password.

For Discogs, Tipino may process your Discogs username, OAuth token and token secret, collection count and cached collection releases. Disconnecting Discogs deletes the Discogs connection row and the related collection cache for your Tipino account.

2.4 Listening, attribution and recommendation data

To calculate artist support and improve matching quality, Tipino may process:

played track name, artist name, played-at timestamp and platform source
track, artist and album identifiers
listened time, resolved playtime and booster flags
matching confidence, matching decision and matching evidence
monthly or daily payout calculations and artist attribution records
recommendations, artist suggestions and artist identity review data
genre, track, artist and album metadata imported or enriched from public or
third-party music databases

Listening history can reveal personal preferences. We treat it as sensitive operational data and use it only for Tipino’s service purposes, platform quality, fraud prevention and aggregated statistics.

2.5 Payment, subscription, trophy and payout data

When you subscribe, switch a payment provider, buy trophies, assign trophies or
receive payouts, we may process:

subscription plan, billing cycle, status, start date, cancellation date,
renewal date and end date
payment provider, provider subscription ID, checkout session ID, order ID,
payment intent ID, invoice or transaction references
payment date, gross amount, provider fees, Tipino fee, artist amount,
referral amount and internal share records
subscription-switch state, target provider, approval URL, retry count and
error notes
trophy package type, trophy amount, trophy percentage, assignment status and
artist recipient
tip, payout, artist referral share and distribution records
chargeback, refund, failed-payment, webhook and manual-review records

Payments are processed by Stripe and PayPal. Tipino does not store card numbers, CVV codes, passwords or full payment credentials. Payment providers process payment data under their own terms and privacy policies.

2.6 Reports, moderation and safety data

If users report a profile or artist, or if Tipino investigates abuse, we may process:

reporter user ID
reported user ID or reported artist ID
report type, reason, free-text explanation and status
reviewer ID, review timestamp and admin notes
abuse flags, blocked status and internal moderation notes
security logs, IP addresses, user agents and event descriptions

This data is used to protect users, artists and Tipino from fraud, abuse, security incidents, false artist claims, stream manipulation and policy violations.

2.7 Communications and support data

We may process communications with you, including:

transactional emails about registration, activation, login, billing,
subscription renewal, provider changes, policy updates, account deletion,
payouts or security
optional marketing or community emails where you have opted in
support requests, privacy requests and related correspondence
email delivery metadata needed to send and troubleshoot emails

Transactional emails are necessary for the service and cannot be disabled while your account remains active. Marketing emails can be unsubscribed from.

2.8 Technical, cookie and log data

When you visit or use Tipino, we may process:

IP address, user agent, request time, requested URL and referrer
WordPress, session and login cookies
CSRF / nonce values and security tokens
theme or display preferences
device and browser information
server logs, application logs, scheduler logs and webhook logs
aggregate analytics and performance information

We use essential cookies for login, security and platform functionality. Optional analytics or marketing cookies are used only where enabled and, where required, with consent.

3. Sources of personal data

We receive personal data from:

you, when you register, configure your account, upload content, claim an
artist profile, make payments, contact us or use Tipino features
connected music services after you authorise a connection
payment providers, when they send checkout, subscription, webhook or payment
status information
public music metadata sources and music databases
other users, for example when they report a profile or interact with public
content
server, browser and security logs generated when the service is used

4. Why we process data

We process personal data for the following purposes:

to create, activate, authenticate and manage user and artist accounts
to provide public and private Tipino profile features
to connect music services and fetch authorised listening or library data
to calculate artist eligibility, attribution, tips, trophies, subscriptions
and payout records
to process payments, provider switches, refunds, failed payments and
subscription lifecycle events
to prevent abuse, stream manipulation, multi-account abuse, unauthorised
access, chargeback abuse and security incidents
to operate rankings, recommendations, shares, achievements and other platform
features
to send transactional emails and required legal or service notices
to send optional newsletters or community updates where consent is given
to answer support, privacy and legal requests
to comply with bookkeeping, tax, payment, accounting and legal obligations
to improve matching, metadata quality, platform stability and user experience
to create anonymised or aggregated statistics that no longer identify a user

5. Legal bases where the GDPR applies

Where the EU or UK GDPR applies, we rely on the following legal bases:

Processing purpose	Legal basis
Account creation, subscriptions, trophies, connected services, artist claims and payouts	Contract performance or steps before entering a contract
Payment, accounting, tax and mandatory retention	Legal obligation
Security logs, fraud prevention, abuse reports, moderation, service improvement and platform integrity	Legitimate interests
Optional music-service connection where consent is required by the provider flow	Consent and contract performance
Optional newsletters, community emails and optional analytics / marketing cookies	Consent
Public profiles, user-submitted profile content and social links	Contract performance and, where applicable, consent or legitimate interests
Policy acceptance records and legal notices	Legal obligation and legitimate interests

You may withdraw consent at any time where processing is based on consent. This does not affect processing that took place before withdrawal and does not affect processing that is still necessary for contract, legal or legitimate-interest reasons.

Under Swiss data protection law, we process personal data in line with the principles of lawfulness, good faith, proportionality, purpose limitation, transparency and data security.

6. Automated calculations and profiling

Tipino uses automated calculations to:

match listening data to tracks, albums and artists
decide whether an artist meets eligibility thresholds for a given period
calculate distribution amounts, trophies, tips and payout ledgers
generate recommendations, rankings, top artists and top tracks
identify suspicious activity, matching problems or claim-review priorities

These calculations are part of the Tipino service. They do not involve credit scoring. If you believe a calculation is wrong or unfair, contact us and we will review the relevant data where reasonably possible.

7. Public visibility

Some Tipino features are public by design. Depending on your settings and role, the following may be visible to other users or visitors:

nickname or display name
profile picture
public profile introduction
social profile links
artist recommendation
public rankings or public top-artist / top-track summaries
public artist claim status where shown on artist pages
artist pages, artist metadata, artist images and related public music data
posts, reactions or shares where social features are enabled

Payment details, raw listening history, OAuth tokens, claim-review internals, reports, security logs and private account settings are never public.

8. Music-service connections

Connecting a music service is optional unless a specific Tipino feature requires it. You can disconnect a service from your Tipino account where a disconnect option is available, or you can revoke Tipino’s access inside the provider’s own account settings.

After disconnection:

Tipino stops fetching new data from that service
provider tokens stored for that connection are deleted or marked revoked where
technically supported
past data that has already been used for completed payment, payout,
accounting, anti-fraud or aggregate-statistics purposes may be retained where
necessary
deletion of your Tipino account triggers the account-deletion process
described below

Provider terms and privacy policies continue to apply to your account with the music provider.

9. Payments and financial records

Stripe and PayPal process payments for Tipino. When you pay through one of these providers, you also interact with that provider. Tipino receives transaction and status information needed to activate subscriptions, confirm trophy purchases, process provider switches, handle webhook events, reconcile payments and maintain accounting records.

Tipino keeps internal financial records such as subscriptions, payments, provider references, Tipino share, artist share, trophies, tips, payout ledgers and related audit records. These records may remain after account deletion where retention is required for bookkeeping, tax, legal defence, fraud prevention or payment dispute handling.

10. Sharing data with third parties

We share personal data only where necessary for the service, where required by law, or where you have authorised the connection.

Recipient / service	Purpose	Typical data
Cyon or hosting infrastructure	Hosting, database, backups, email and server operation	Stored platform data, logs
Stripe	Card payments, subscriptions, trophy purchases, provider switches, webhooks	email, customer reference, amount, currency, provider transaction IDs
PayPal	PayPal payments, subscriptions, trophy purchases, provider switches, webhooks	account / payer data handled by PayPal, amount, currency, provider transaction IDs
Connected music services	OAuth connection and authorised data access	user ID, tokens, authorised music data
Discogs	Collection connection and authorised collection sync	Discogs username, OAuth tokens, collection data
Email provider / hosting mail system	Transactional and optional marketing emails	email address, name, delivery metadata
Drip or other marketing email tool, if enabled	Optional newsletters and community emails	name, email, consent status
Google / Meta or analytics / marketing tools, if enabled	Optional analytics or marketing measurement	cookie or device identifiers, event data, aggregated usage data
Professional advisers, authorities or courts	Legal, tax, accounting, compliance or dispute handling	data necessary for the specific request

Each third-party provider may process data under its own privacy policy where it acts as an independent controller. We aim to use processors and providers that provide appropriate contractual and technical safeguards.

For convenience, privacy information for frequently used external providers is available here:

Stripe: https://stripe.com/privacy
PayPal: https://www.paypal.com/privacy
Spotify: https://www.spotify.com/legal/privacy-policy/
Apple: https://www.apple.com/legal/privacy/
TIDAL: https://tidal.com/privacy
SoundCloud: https://help.soundcloud.com/hc/en-us/articles/115003570428-Privacy-on-SoundCloud
Last.fm: https://www.last.fm/legal
Discogs: https://support.discogs.com/hc/en-us/articles/360009334513-Privacy-Policy
MusicBrainz / MetaBrainz: https://metabrainz.org/privacy
Google, if enabled: https://policies.google.com/privacy
Meta, if enabled: https://www.facebook.com/privacy/policy/

11. International transfers

Tipino is operated from Switzerland. Hosting is intended to be in Switzerland. The European Commission recognises Switzerland as providing an adequate level of data protection, so personal data may be transferred from the EU / EEA to Switzerland without additional transfer safeguards.

Some third-party services, such as payment providers, music-service providers, analytics providers or email providers, may process data in the EU, EEA, United Kingdom, United States or other countries. Where required, we rely on adequacy decisions, standard contractual clauses or other legally recognised safeguards.

12. Cookies and similar technologies

Tipino uses cookies and similar technologies for:

login and authentication
session security and CSRF protection
remembering display preferences
account and checkout flows
consent management
optional analytics and marketing measurement, if enabled

Essential cookies are required for the service. Optional cookies can be managed through the cookie banner or browser settings where available. Blocking cookies may break login, checkout or account functionality.

13. Data retention

We keep personal data only as long as necessary for the purpose for which it was collected, unless a longer retention period is required or permitted by law.

Typical retention periods are:

account and profile data: while the account exists
connected-service tokens: until disconnection, revocation or account deletion,
unless needed temporarily to complete a pending operation
raw listening and library data linked to a user: while needed for service
operation, attribution, troubleshooting, fraud prevention and user-visible
history
completed payment, subscription, tip, trophy, payout and accounting records:
generally up to 10 years as required for Swiss accounting and bookkeeping
obligations
artist claim evidence: while needed to verify and document the claim, handle
disputes, prevent fraudulent re-claims and maintain payout integrity
policy acceptance records: while the account exists and for a reasonable
period afterwards to document legal acceptance
security, login and abuse logs: for a limited period appropriate to security
monitoring, incident response and legal defence; longer where an incident,
dispute or legal duty requires it
support and privacy-request correspondence: while needed to handle the
request and document compliance
anonymised or aggregated statistics: indefinitely, because they no longer
identify a person
backups: until overwritten under the applicable backup cycle; deleted data may
remain temporarily in backups but is not used except for restore, security or
legal purposes

14. Account deletion and disconnection

You can delete your Tipino account at any time. The deletion process removes or deletes active account, profile, connection, configuration, public-profile, onboarding, login-history, policy-version, additional-artist and connected-service records where technically and legally possible as well as it terminates any active subscription by the end of the subscription period.

When a Tipino account is deleted:

active music-service connection records are deleted or revoked where supported
Spotify, Apple Music, Tidal, SoundCloud, Last.fm and similar connection rows
are deleted where present
Discogs connection and collection cache are deleted where present
user-linked track plays may be anonymised by removing the user reference
public profile and social-link rows are deleted
WordPress user account data is deleted

Some records may remain where necessary for legal, accounting, payment, chargeback, tax, payout, anti-fraud, security, moderation or dispute purposes. Where feasible, we reduce or remove direct identifiers from retained records.

Deletion does not automatically delete data held independently by a connected music service, Stripe, PayPal or another third-party provider. You must manage those accounts directly with the provider.

15. Your rights

Depending on the applicable law, you may have the right to:

request access to your personal data
request correction of inaccurate or incomplete data
request deletion of personal data
request restriction of processing
object to processing based on legitimate interests
receive certain data in a portable format
withdraw consent where processing is based on consent
lodge a complaint with the Swiss Federal Data Protection and Information
Commissioner (FDPIC) or, where applicable, your local EU / EEA supervisory
authority

To exercise your rights, contact us at getintouch@tipino.app.

We may need to verify your identity before responding. We aim to respond within 30 days, unless the request is complex or the law allows a longer response time. Some requests may be limited where we must retain data for legal, accounting, security, fraud-prevention or dispute purposes.

16. Security

We use technical and organisational measures designed to protect personal data, including:

encrypted transport where supported
access controls for administrative areas
token-based provider connections instead of storing provider passwords
security logging and moderation tools
database and hosting protections
backup and recovery procedures
limited access for people who need data to operate Tipino

No online service can guarantee absolute security. If you suspect unauthorised access to your account, contact us immediately.

17. Children and age limits

Tipino is not intended for users below the minimum age stated in the Terms and the active registration flow. We may request date-of-birth information or use an age-check flow to verify eligibility. We do not knowingly allow under-age users to maintain accounts. If you believe a child has provided personal data to Tipino, contact us so we can review and delete it where appropriate.

18. Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in Tipino, connected services, payment flows, legal requirements or operational practices.

Material changes will be communicated by email, in-app notice or a policy re-acceptance flow where appropriate. The current version is published on the Tipino website.

19. Contact

For any privacy-related concerns or data access requests:
📧 getintouch@tipino.app
📞 +41 78 208 81 01
✉️ Tipino – Association for Fair Artist Support, c/o Stephan Lipp, Hinwilerstrasse 217, 8626 Ottikon, Switzerland