Privacy Policy

Privacy Policy for Ubetoo

Last updated: June 1, 2025

Ubetoo, a brand operated by Yours Truly, Denmark (“we,” “us,” or “our”), is committed to protecting the privacy and security of your personal information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit https://www.ubetoo.com (the “Site”) or use any related services (collectively, the “Services”).

By accessing or using the Services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access the Site or use our Services.

1. Definitions

  • “Personal Data”
    Any information relating to an identified or identifiable natural person (the “Data Subject”). Examples include name, email address, IP address, and usage data.

  • “Processing”
    Any operation or set of operations performed on Personal Data, whether or not by automated means (e.g., collection, recording, storage, adaptation, alteration, retrieval, consultation, use, disclosure, erasure, or destruction).

  • “Controller”
    The natural or legal person who determines the purposes and means of the Processing of Personal Data. For European users, Yours Truly (Frederiksberg, Denmark) serves as the Data Controller.

  • “Processor”
    A natural or legal person who Processes Personal Data on behalf of the Controller (e.g., third-party service providers).

2. Information We Collect

2.1 Information You Provide Voluntarily

  • Account Registration and Profile

    • Full name

    • Email address

    • Password (securely hashed and stored)

    • Username or display name

    • Profile picture (optional)

    • Date of birth (optional; used to verify age when necessary)

  • User-Generated Content

    • Playlists you create

    • Track favorites or “likes”

    • Comments, feedback, and messages on the Site or via support channels

  • Artist Submission Information

    • Biographical information and biography text

    • Sample audio files (in WAV or MP3 format)

    • Press kit or promotional materials (links to social media, website)

    • Payment or banking details (for payout when applicable)

  • Contact and Support Communications

    • Emails, chat transcripts, support tickets, or other correspondence you send to us

2.2 Automatically Collected Information

  • Usage Data

    • IP address (anonymized or pseudonymized for EU users when feasible)

    • Device type, operating system, and browser information

    • Browser language and time zone (e.g., Europe/Copenhagen)

    • Pages and features you access (e.g., “Download” button usage, streaming history)

    • Date and time stamps for each interaction

    • Referral and exit pages, clickstream data

  • Cookies and Tracking Technologies

    • Session cookies (temporary cookies that expire when you close your browser)

    • Persistent cookies (stored on your device until you delete them or they expire)

    • Local storage (HTML5) and similar technologies

    We use cookies and similar tracking technologies (e.g., web beacons, pixel tags) to collect information about how you use the Site—including pages visited, features used, and interactions with content—and to remember your preferences and settings.

2.3 Third-Party Sources

  • Social Login Providers
    If you choose to register or log in through a third-party service (e.g., Google, Facebook), we may collect certain information from that service, such as your name, email address, and profile picture, subject to that provider’s privacy policy.

  • Analytics and Advertising Partners
    We work with third-party analytics and advertising providers (e.g., Google Analytics) that may collect information about your interactions with the Site (e.g., pages viewed, time spent) to help us understand usage patterns and improve our Services. These providers may use cookies, device identifiers, or other technologies to collect information.

  • Payment Processors
    When you purchase a premium feature or make any transaction (if and when such features become available), we may collect transaction-related information (e.g., purchase amount, payment method). All payment processing is handled by third-party payment processors, and we do not store your full payment card details on our servers.

3. How We Use Your Information

We use the information we collect for the following purposes:

  1. To Provide and Maintain the Services

    • Create and maintain your Ubetoo account.

    • Enable you to stream, download, and save music, create playlists, and access personalized features.

    • Verify your identity and age (if you provide date of birth).

    • Process artist submissions, review content, and payout royalties where applicable.

  2. To Improve and Personalize Your Experience

    • Analyze usage patterns to tailor music recommendations, playlists, and curated content.

    • Remember your preferences (e.g., preferred genre, audio quality settings) across sessions.

    • Test new features, perform quality assurance, and conduct internal research and analysis.

  3. Communication and Notifications

    • Send you transactional communications regarding your account (e.g., welcome emails, password reset instructions, account changes).

    • Provide optional email newsletters, artist spotlights, or promotional offers (only if you opt in).

    • Alert you to Service updates, scheduled maintenance, policy changes, or security advisories.

  4. Analytics and Monitoring

    • Use aggregated, anonymized data to monitor Site performance, usage trends, and user behavior.

    • Detect, prevent, and respond to security incidents, fraudulent activities, and other potentially prohibited or illegal activities.

  5. Legal and Compliance Obligations

    • Comply with applicable laws, regulations, court orders, and government requests.

    • Investigate and defend against any third-party claims or allegations.

    • Exercise, establish, or defend our legal rights in court or other forums.

4. Legal Basis for Processing (Applicable to EU/EEA Users)

For users in the European Economic Area (“EEA”) and the United Kingdom (“UK”), the legal bases on which we rely to collect and use your Personal Data include:

  • Consent (Art. 6(1)(a) GDPR):
    When you provide explicit consent to receive marketing communications (e.g., newsletters), or when you grant permission for cookies that are not strictly necessary for the operation of the Site.

  • Performance of a Contract (Art. 6(1)(b) GDPR):
    When we process your information to perform our contract with you—e.g., creating and maintaining your Ubetoo account, providing streaming and download services, processing artist payments.

  • Legal Obligation (Art. 6(1)(c) GDPR):
    When we need to process your data to comply with applicable laws or regulations—e.g., tax reporting, recordkeeping requirements, responding to legal requests.

  • Legitimate Interests (Art. 6(1)(f) GDPR):
    When we process your information to further our legitimate interests—e.g., improving our Services, preventing fraud, ensuring network and information security, or promoting new features—provided that such interests are not overridden by your rights and fundamental freedoms.

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

  • Strictly Necessary Cookies
    Essential for the operation of the Site (e.g., session management, user authentication). Without these cookies, parts of the Site would not function properly.

  • Performance and Analytics Cookies
    Collect information about how visitors use the Site (e.g., pages visited, time spent). We use this data to improve our Services. Example: Google Analytics.

  • Functionality Cookies
    Remember your preferences (e.g., language, font size) and customize the Site accordingly.

  • Advertising and Targeting Cookies
    Used to deliver relevant advertisements and measure the effectiveness of ad campaigns. We do not allow any third-party ad networks to deliver targeted ads on Ubetoo without explicit user consent.

5.2 Your Cookie Choices

  • You may accept or decline cookies by modifying your browser settings.

    • Most browsers provide instructions on how to disable cookies (e.g., Google Chrome, Mozilla Firefox, Safari).

    • If you disable cookies, some parts of the Site may no longer be fully functional.

  • During your first visit, you may be presented with a cookie banner asking for consent to use non-essential cookies. You can withdraw consent at any time by following the instructions in the banner or adjusting your cookie preferences in your browser.

6. Third-Party Services and Disclosures

6.1 Service Providers

We may share your Personal Data with trusted third-party service providers that perform services on our behalf, including but not limited to:

  • Hosting and Infrastructure Providers (e.g., AWS, Google Cloud)

  • Payment Processors (e.g., Stripe, PayPal)

  • Analytics and Marketing Tools (e.g., Google Analytics, Mixpanel)

  • Email Delivery Services (e.g., SendGrid, Mailchimp)

  • Customer Support Platforms (e.g., Zendesk)

These service providers are contractually obligated to maintain the confidentiality, security, and appropriate use of your Personal Data in accordance with our instructions and applicable laws.

6.2 Legal Obligations and Law Enforcement

We may disclose your Personal Data if required to do so by law or in response to a valid subpoena, court order, or other governmental request. We may also disclose your information when we believe in good faith that such disclosure is necessary to:

  • Enforce or apply our Terms of Service and other agreements.

  • Protect the rights, property, or safety of Ubetoo, our users, or others.

  • Investigate fraud, security breaches, or other prohibited activities.

6.3 Corporate Transactions

In the event that Ubetoo is involved in a merger, acquisition, reorganization, sale of assets, or bankruptcy, Personal Data may be transferred as part of that transaction. We will notify you via prominent notice on our Site and/or by email if your Personal Data is transferred and becomes subject to a different privacy policy.

7. Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Account Information: Retained for the duration of your account’s existence and for a reasonable period thereafter to comply with legal obligations (e.g., financial, tax, or audit requirements).

  • Usage Data and Analytics: Aggregated anonymized data may be retained indefinitely for internal analysis. Personal Data tied to usage may be retained for up to 3 years after the last account activity, unless otherwise required by law.

  • Artist Submission Data: Retained for as long as the artist’s content remains available on Ubetoo, plus a reasonable period thereafter for accounting, tax, and legal compliance.

  • Support Communications: Retained for up to 1 year after resolution of the support ticket, unless needed longer for legal purposes.

After the applicable retention period, we will securely delete or anonymize your Personal Data. If you request deletion of your account (see Section 9, “Your Rights”), we will delete or anonymize your data within 30 days, unless retaining it is required to comply with legal obligations, resolve disputes, or enforce agreements.

8. Data Security

We implement and maintain reasonable technical and organizational measures to protect your Personal Data against unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:

  • Encryption

    • TLS (Transport Layer Security) for data in transit between your device and our servers.

    • AES-256 or equivalent encryption for data at rest, where applicable.

  • Access Controls

    • Role-based access controls (RBAC) to limit employee and contractor access to Personal Data on a need-to-know basis.

    • Multi-factor authentication (MFA) for privileged accounts.

  • Network Security

    • Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) to monitor and protect our networks.

    • Regular vulnerability assessments and penetration testing.

  • Operational Security

    • Security awareness training for employees and contractors.

    • Written policies and procedures for incident response, data classification, and secure handling of Personal Data.

  • Physical Security

    • Secure data centers with 24/7 monitoring, controlled access, and environmental controls.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Consequently, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials and notifying us promptly if you suspect unauthorized access to your account.

9. Your Rights and Choices

If you are a resident of the European Economic Area (EEA) or the United Kingdom (UK), you have certain data protection rights under the General Data Protection Regulation (GDPR) and/or the UK Data Protection Act 2018. These include:

  1. Right to Access
    You have the right to request a copy of the Personal Data we hold about you and information about how it is being processed.

  2. Right to Rectification
    You may request correction of inaccurate or incomplete Personal Data.

  3. Right to Erasure (“Right to Be Forgotten”)
    You can request deletion of your Personal Data when it is no longer necessary for the purposes for which it was collected, when you withdraw consent, or when the processing is unlawful, subject to certain exceptions (e.g., for compliance with legal obligations).

  4. Right to Restrict Processing
    You have the right to request that we limit the processing of your Personal Data when the accuracy of the data is contested, the processing is unlawful, or we no longer need the data but you require it to establish, exercise, or defend a legal claim.

  5. Right to Data Portability
    You may request to receive your Personal Data in a structured, commonly used, and machine-readable format, and you may request transmission of that data to another Controller.

  6. Right to Object
    You can object to the processing of your Personal Data when processing is based on legitimate interests or necessary for the performance of a task in the public interest. If you object, we will no longer process your Personal Data unless we can demonstrate compelling legitimate grounds.

  7. Right to Withdraw Consent
    When processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

  8. Right to Lodge a Complaint
    If you believe our processing of your Personal Data violates applicable law, you have the right to lodge a complaint with a supervisory authority in your country (e.g., the Danish Data Protection Agency for users in Denmark).

9.1 Exercising Your Rights

To exercise any of the rights listed above, please contact us as follows:

In your request, please provide sufficient information to identify your account (e.g., email address, username) and the nature of your request. We may require additional verification to ensure that you are the Data Subject. We will respond to your request within 30 days, unless a longer period is required (in which case we will notify you).

If you reside outside the EEA/UK, you may still have certain rights under local laws. We will respect and honor those rights to the extent required by applicable law.

10. Children’s Privacy

Ubetoo does not knowingly collect Personal Data from children under the age of 13 (or under the age of digital consent in your country, if older than 13). If you are under the required age in your jurisdiction, please do not create an account or provide any Personal Data on the Site. If we learn that we have collected Personal Data from a child under the required age, we will take steps to delete such data as soon as possible. If you suspect that a child has provided us with Personal Data, please contact us at [email protected].

11. International Data Transfers

Ubetoo is a subsidiary of Yours Truly is headquartered in Denmark, and our servers may be located in the European Union or other jurisdictions. By using the Services, you acknowledge and agree that your Personal Data may be transferred to, stored, and processed in a country that may have different data protection laws than your country of residence. Whenever we transfer Personal Data outside the EEA/UK, we rely on one of the following safeguards:

  • Adequacy Decision: The European Commission or the UK has determined that the third country ensures an adequate level of protection for Personal Data.

  • Standard Contractual Clauses (SCC): We have implemented SCCs approved by the European Commission for transfers of Personal Data.

  • Binding Corporate Rules (BCRs): Applicable within our corporate group for intra-group transfers, where required.

To request additional information about the safeguards we use for international transfers, please contact us at [email protected].

12. Third-Party Links and Widgets

The Site may contain links to third-party websites, applications, and services that are not operated or controlled by Ubetoo (e.g., social media plugins, embedded YouTube players). This Privacy Policy does not apply to those third-party websites. We encourage you to review the privacy policies of any third-party website you visit. We are not responsible for the privacy practices or content of other websites, even if you access them through the Site.

13. Marketing Communications

If you have opted in to receive promotional emails or newsletters from Ubetoo, you may receive marketing communications about new features, music releases, or special promotions. You can opt out of such communications at any time by:

  1. Clicking the “unsubscribe” link at the bottom of any marketing email, OR

  2. Updating your notification preferences in your account settings, OR

  3. Contacting us at [email protected] with a clear request to unsubscribe.

Even after unsubscribing from marketing communications, we may still send you non-marketing emails (e.g., transactional messages, security alerts, legal notices).

14. How We Protect Your Password and Account

When you create an account, you choose a password. It is your responsibility to keep your password and account credentials confidential. You should not share your password with anyone. If you suspect unauthorized access to your account, please immediately change your password and notify us at [email protected]. We will not ask for your password in any official communication.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we update this Privacy Policy, we will:

  1. Revise the “Last updated” date at the top.

  2. Post the updated Privacy Policy on the Site.

  3. Provide a notice (e.g., banner or email) if the changes are material and may significantly impact how we use your Personal Data.

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

16. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

If you are located in the EEA or UK and believe we have infringed your privacy rights, you also have the right to lodge a complaint with your local data protection authority—for example, the Danish Data Protection Agency (Datatilsynet).

Thank you for choosing Ubetoo. We value your trust and are dedicated to safeguarding your privacy and providing a secure, transparent, and enjoyable music streaming and download experience.

Back to top button