Segno Privacy Policy
Last updated: February 25, 2026
Summary: Segno is a music app that plays audio files stored on your device. Your music library stays on your phone. We collect only the minimum data needed for accounts, friends, and collaborative listening sessions. We do not track you, sell your data, or run analytics.
1. Who We Are
Segno is developed and operated by haey ("we", "us", "our"). This policy explains how we collect, use, and protect your information when you use the Segno mobile application ("the App").
For questions about this policy, contact us at master@haey.org.
2. Information We Collect
2.1 Account Information
When you create a Segno account, we collect:
- Email address – for authentication and account recovery
- Username – your chosen display name, visible to friends
- Profile picture URL – if you choose to set one
2.2 Social & Activity Data
When you use social features, we store:
- Friend relationships – who you are friends with and pending requests
- Presence status – online/offline status and last-seen timestamp
- Listening activity – currently playing track name and artist (shared only with friends, subject to your privacy settings)
- Listening history – your recent play history (visibility controlled by you)
- Collections – playlists you create, including track references and metadata (title, artist, duration)
2.3 Session Data
When you participate in collaborative listening sessions:
- Session membership and participation status
- Queue contents and playback synchronization data
- Clock synchronization samples (used solely for playback alignment between devices)
2.4 Data Stored Only on Your Device
The following data never leaves your device unless you explicitly share it in a listening session:
- Audio file metadata (title, artist, album, genre, year, duration)
- Album artwork extracted from your audio files
- Lyrics extracted from your audio files
- Local file paths and directory preferences
- Playback queue state and position
2.5 Information We Do Not Collect
- Location or GPS data
- Contacts, call logs, or SMS
- Photos, camera, or microphone recordings
- Device identifiers (IMEI, advertising ID)
- Browsing history
- Analytics, behavioral tracking, or telemetry
- Crash reports
3. How We Use Your Information
| Purpose | Data Used |
|---|
| Account creation and authentication | Email, username |
| Friend discovery (if you opt in) | Username, searchability preference |
| Showing presence to friends | Online status, current track |
| Collaborative listening sessions | Session membership, queue, sync data |
| Push notifications | User ID, notification preferences |
| Sharing collections with friends | Collection metadata, track references |
4. Peer-to-Peer Data Transfer
Segno uses WebRTC for real-time audio streaming and file transfer during collaborative listening sessions. When you join or host a session:
- Audio data, track metadata, album art, and lyrics are transferred directly between devices (peer-to-peer). This data does not pass through our servers.
- A signaling server (
sign.haey.eu) coordinates the initial peer connection only. It does not relay or store audio content.
- All WebRTC connections are encrypted with DTLS-SRTP by default.
5. Third-Party Services
| Service | Purpose | Data Shared |
|---|
| Appwrite |
Authentication, database, real-time sync |
Account data, social data, session data |
| OneSignal |
Push notifications |
User ID, device token, notification preferences |
| Firebase |
Notification delivery infrastructure |
Push tokens (no analytics or crash data is collected) |
We do not use any analytics, advertising, or behavioral tracking services.
6. Device Permissions
Segno requests the following permissions. Each is used solely for the purpose described:
Android
| Permission | Purpose |
|---|
| Internet / Network State | Connecting to backend services and peer-to-peer sessions |
| Read Media Audio / Storage | Accessing your music files for playback |
| Foreground Service (Media Playback) | Continuing audio playback when the app is in the background |
| Foreground Service (Data Sync) | Maintaining session connectivity in the background |
| Wake Lock | Preventing the device from sleeping during playback |
| Post Notifications | Delivering friend requests, session invitations, and activity alerts |
iOS
| Permission | Purpose |
|---|
| Background Audio | Continuing playback when the app is in the background |
| Background Fetch / Processing | Maintaining session state and sync |
| Remote Notifications | Receiving push notifications |
Note on declared but unused permissions: Certain third-party libraries (used for WebRTC and push notifications) may declare permissions for location, camera, and photo library access in their manifests. Segno does not use or access any of these capabilities. These declarations exist solely because of library requirements and are never invoked by the App.
7. Your Privacy Controls
Segno gives you granular control over what you share:
- Profile discoverability – choose whether other users can find you by name search
- Status visibility – show or hide your online status from everyone
- Listening activity – toggle whether friends can see what you are currently listening to
- Session activity – toggle whether friends can see your session participation
- Collection visibility – set each playlist to private, friends-only, or public
- Per-friend notifications – enable or disable listening, session, and online status notifications for each friend individually
- Blocking – block specific users to prevent all interaction
8. Data Sharing & Disclosure
We do not sell, rent, or trade your personal information. Your data may be shared only in these circumstances:
- With your friends – presence, listening activity, and collections are shared with friends according to your privacy settings
- Session participants – track metadata and audio are shared peer-to-peer with other participants in sessions you join
- Service providers – Appwrite (backend), OneSignal (notifications), and Firebase (notification delivery) process data on our behalf to operate the App
- Legal requirements – if required by law, regulation, or valid legal process
9. Data Retention
- Account data – retained until you delete your account
- Presence data – automatically expires based on last-seen timestamp
- Listening history – retained until you delete your account (you control who can see it)
- Session data – deleted when the session ends
- Friend requests – retained until accepted, dismissed, or account deletion
- Local device data – persists until you clear app data or uninstall the App
10. Data Security
- All communication with our backend is encrypted via HTTPS/TLS
- Peer-to-peer connections use DTLS-SRTP encryption (WebRTC standard)
- Access to social data is controlled through role-based permissions tied to friend relationships
- Authentication is managed by Appwrite with industry-standard security practices
11. Children's Privacy
Segno is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at master@haey.org and we will promptly delete it.
12. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access – request a copy of your personal data
- Correction – request correction of inaccurate data
- Deletion – request deletion of your account and associated data
- Portability – receive your data in a portable format
- Restriction – request restriction of processing
- Objection – object to processing based on legitimate interests
- Withdraw consent – where processing is based on consent, withdraw it at any time
To exercise any of these rights, contact us at master@haey.org.
For EU/EEA/UK Residents
We process your data on the following legal bases under the GDPR:
- Contract performance – to provide the App and its features as described
- Legitimate interests – to maintain security and prevent fraud
- Consent – for optional features such as push notifications and profile discoverability
For California Residents
Under the CCPA, you have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the App or by updating the "Last updated" date above. Your continued use of the App after changes constitutes acceptance of the updated policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Email: master@haey.org