Privacy Statement
This Statement explains what information BandInPlay collects, how we use it, and the choices you have. It applies to the BandInPlay website and application (the “Service”).
Information you provide
- Account information: your name, email address, and a password (stored only as a secure hash). If you sign in with Google, we receive your basic Google profile and verified email to identify your account; we do not receive your Google password.
- Band and workspace content: information you add to run your band — shows, venues, contacts, electronic press kits, performance-agreement terms, rehearsal files, messages, and similar data. This may include personal information about third parties you choose to add, such as a venue or purchaser contact.
- Communications content: the recipients, subjects, and content of messages you send through the Service (for example, a signing link sent to a purchaser).
- Billing details: if you subscribe to a paid plan, payment is handled by our payment processor. We receive subscription status and limited billing metadata; we do not store full card numbers.
Information collected automatically
- Authentication: we use a secure session token (a cookie) to keep you signed in.
- Usage and logs: standard server logs such as IP address, request times, and basic device/browser information, used to operate, secure, and troubleshoot the Service.
- Communications metering: we record per-band counts and metadata of messages sent (channel, recipient, subject, status, and cost) to measure usage and bill accurately.
How we use information
- To provide, maintain, and improve the Service;
- To authenticate you and keep accounts and bands secure and separated;
- To send messages you initiate, and transactional emails such as verification, password reset, and agreement links;
- To process subscriptions and prevent abuse;
- To meet legal obligations and enforce our Terms.
We do not sell your personal information, and we do not show third-party advertising in the Service.
Service providers we share with
We share information with vendors only as needed to run the Service:
- Email delivery — to send the emails you and the Service generate;
- Payment processing — to handle subscriptions and billing;
- Optional calendar integration — if you connect Google Calendar, to sync your shows;
- Hosting and infrastructure — to operate the application and store data.
These providers are permitted to use the information only to perform services for us. We may also disclose information if required by law or to protect rights, safety, and the integrity of the Service.
Data separation between bands
The Service is multi-tenant: each band’s data is scoped to that band, and access is limited to that band’s authorized members. The demo band is for evaluation; messages from a demo context are not delivered to outside recipients.
Retention
We keep your information for as long as your account is active or as needed to provide the Service. You can delete your band’s data from within the Service, which removes associated records. Some information may be retained as required for legal, accounting, or security reasons, and backups may persist for a limited period before being overwritten.
Your choices
- You can view and update your account and band information in the Service;
- You can delete band data you control;
- You can disconnect optional integrations such as Google Calendar;
- You can contact us to request access to or deletion of your personal information, subject to legal limits.
Security
We use reasonable technical and organizational measures to protect information, including hashed passwords, scoped access between bands, and encrypted transport. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Children
The Service is intended for adults running bands and is not directed to children under 13. We do not knowingly collect personal information from children under 13.
International users
The Service is operated from the United States. If you use it from outside the U.S., you understand your information may be processed in the U.S.
Changes
We may update this Statement from time to time. If we make material changes, we will take reasonable steps to notify you. The “last updated” date above reflects the current version.
Contact
Questions about privacy? Contact us at [email protected].