This Privacy Policy explains how Dynamoi collects, uses, discloses, and protects information when you use our SaaS platform ('Platform') and our smart link landing service ('Play'). By using our services, you agree to the practices described here.
We use information for the following purposes:
We do not sell personal data. We share information with trusted service providers that help us deliver services, such as hosting, authentication, analytics, error monitoring, communications, support, affiliates, and payments (e.g., Vercel, Supabase, PostHog, Sentry, Resend, Intercom, Rewardful, Stripe). In the event of non-payment, we may share necessary billing information with debt collection agencies. Where you connect third-party platforms (e.g., Spotify, Meta, Google/YouTube, TikTok, Snapchat), we exchange data with those platforms as necessary to provide features. We may disclose data to comply with law, respond to lawful requests, protect our rights or users, or in connection with a business transaction. We may provide aggregated or anonymized insights to clients (e.g., campaign performance) without identifying end users.
We employ administrative, technical, and organizational measures to protect information, including encryption at rest and in transit, role‑based access controls, and auditing. No system can be 100% secure; we cannot guarantee absolute security.
OAuth tokens (including Spotify tokens for Play) are stored server‑side only and encrypted using industry‑standard AES‑256‑GCM. OAuth state parameters are HMAC‑signed and time‑limited to mitigate tampering. Background sync endpoints require authenticated secrets. Access to production data is restricted to authorized personnel with least‑privilege.
We use first‑party cookies necessary for core functionality and to improve user experience. On Play, the 'play_spotify_uid' HTTP‑only cookie stores only your Spotify user ID to streamline authorized flows; it is not used for third‑party advertising. We also use analytics cookies and similar technologies (e.g., Google Analytics, PostHog) to understand usage and improve our services. You may control cookies via your browser; disabling some cookies may affect functionality.
Your information may be processed in the United States and other countries with different data protection laws. Where required, we implement appropriate safeguards for cross‑border transfers.
Depending on your location, you may have rights to access, correct, delete, or restrict processing of personal data, to object to processing, or to portability. You may withdraw consent at any time (e.g., revoke Spotify access via your Spotify account). To exercise rights related to Platform or Play data, contact support@dynamoi.com. We will verify requests and respond as required by law.
We retain personal data as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements. Spotify tokens and Play user records are removed when you revoke access in Spotify or request deletion; associated Play engagement data is minimized or deleted within a reasonable period (typically within 14 days), and aggregated or anonymized analytics may be retained longer for reporting and security.
For instructions on revoking Spotify access and requesting deletion of your Play data, visit dynamoi.com/data-deletion or navigate to the Data Deletion page from our site footer or legal pages.
Our services are not directed to children under the age required by applicable law. End users of Play must also meet Spotify’s age and eligibility requirements. If you believe a child has provided us personal data, contact support@dynamoi.com and we will take appropriate steps.
We may update this Privacy Policy to reflect changes to our practices or legal requirements. We will notify you of material changes (e.g., by posting to our site or via in‑product notices). Continued use after changes take effect indicates acceptance.
For questions about this Policy or to submit a data request (including deletion of Play data), contact support@dynamoi.com.
This Privacy Policy explains how Dynamoi collects, uses, discloses, and protects information when you use our SaaS platform ('Platform') and our smart link landing service ('Play'). By using our services, you agree to the practices described here.
We use information for the following purposes:
We do not sell personal data. We share information with trusted service providers that help us deliver services, such as hosting, authentication, analytics, error monitoring, communications, support, affiliates, and payments (e.g., Vercel, Supabase, PostHog, Sentry, Resend, Intercom, Rewardful, Stripe). In the event of non-payment, we may share necessary billing information with debt collection agencies. Where you connect third-party platforms (e.g., Spotify, Meta, Google/YouTube, TikTok, Snapchat), we exchange data with those platforms as necessary to provide features. We may disclose data to comply with law, respond to lawful requests, protect our rights or users, or in connection with a business transaction. We may provide aggregated or anonymized insights to clients (e.g., campaign performance) without identifying end users.
We employ administrative, technical, and organizational measures to protect information, including encryption at rest and in transit, role‑based access controls, and auditing. No system can be 100% secure; we cannot guarantee absolute security.
OAuth tokens (including Spotify tokens for Play) are stored server‑side only and encrypted using industry‑standard AES‑256‑GCM. OAuth state parameters are HMAC‑signed and time‑limited to mitigate tampering. Background sync endpoints require authenticated secrets. Access to production data is restricted to authorized personnel with least‑privilege.
We use first‑party cookies necessary for core functionality and to improve user experience. On Play, the 'play_spotify_uid' HTTP‑only cookie stores only your Spotify user ID to streamline authorized flows; it is not used for third‑party advertising. We also use analytics cookies and similar technologies (e.g., Google Analytics, PostHog) to understand usage and improve our services. You may control cookies via your browser; disabling some cookies may affect functionality.
Your information may be processed in the United States and other countries with different data protection laws. Where required, we implement appropriate safeguards for cross‑border transfers.
Depending on your location, you may have rights to access, correct, delete, or restrict processing of personal data, to object to processing, or to portability. You may withdraw consent at any time (e.g., revoke Spotify access via your Spotify account). To exercise rights related to Platform or Play data, contact support@dynamoi.com. We will verify requests and respond as required by law.
We retain personal data as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements. Spotify tokens and Play user records are removed when you revoke access in Spotify or request deletion; associated Play engagement data is minimized or deleted within a reasonable period (typically within 14 days), and aggregated or anonymized analytics may be retained longer for reporting and security.
For instructions on revoking Spotify access and requesting deletion of your Play data, visit dynamoi.com/data-deletion or navigate to the Data Deletion page from our site footer or legal pages.
Our services are not directed to children under the age required by applicable law. End users of Play must also meet Spotify’s age and eligibility requirements. If you believe a child has provided us personal data, contact support@dynamoi.com and we will take appropriate steps.
We may update this Privacy Policy to reflect changes to our practices or legal requirements. We will notify you of material changes (e.g., by posting to our site or via in‑product notices). Continued use after changes take effect indicates acceptance.
For questions about this Policy or to submit a data request (including deletion of Play data), contact support@dynamoi.com.
