Cassetto Privacy Policy

Effective: April 27, 2026 Last updated: April 27, 2026

1. Introduction

Cassetto LLC (“Cassetto,” “we,” “us,” or “our”) provides a music-sharing application and website that lets people share songs they’ve been listening to and discover new music through real-person recommendations rather than algorithms (collectively, the “Service”). This Privacy Policy explains how we collect, use, share, and protect information when you use the Service through our mobile applications or our websites at cassettosocial.com, cassetto.social, and cassetto.link.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please do not use the Service.

2. Eligibility

The Service is intended only for individuals who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected information from a person under 18, we will delete that information promptly. If you believe a minor has provided us with personal information, please contact us at legal@cassettosocial.com.

3. Information We Collect

3.1 Information You Provide to Us

When you create an account or use the Service, we collect information you provide directly, which may include:

• Your phone number, which we use as your primary account identifier and to authenticate you. We do not collect or store passwords; instead, we sign you in by sending a one-time passcode (OTP) by SMS to the phone number on your account.
• Profile details you choose to add, such as a username, display name, bio, and profile picture.
• Content you post: songs you share, captions, comments, lists, follows, likes, and any other content or interactions you create on the Service.
• Communications you send us, including support requests and feedback.

3.2 Information Collected Automatically

When you access or use the Service, we automatically collect:

• Device and technical information: device type, operating system, browser type, mobile device identifiers, app version, and crash and error reports.
• Usage information: screens or pages viewed, features used, time spent, search queries within the Service, and interactions with content.
• Log data: IP address, access times, and referring URLs.
• Cookies and similar technologies: see Section 6 below.
• Time zone preference: we collect your selected or device-reported time zone to display timestamps correctly. We do not collect precise GPS or geolocation data.

3.3 Information from Third-Party Services

When you link a song from a streaming service (such as Spotify, Apple Music, or YouTube), we retrieve and cache publicly available metadata from that service’s API, such as song title, artist name, album name, album art, and a link back to the source. We do not access your private listening history, library, or account on those services unless you separately and explicitly authorize that connection through their authentication flow.

4. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service, including authenticating your account by SMS one-time passcode and displaying your content.
• Improve and develop new features, including recommendation systems, ranking systems, and other automated or machine learning-based features.
• Communicate with you about your account, security alerts, and important changes to the Service, primarily through SMS to your registered phone number and through in-app notifications.
• Analyze how the Service is used so we can improve performance, fix bugs, and develop new features.
• Measure how our own marketing efforts on third-party platforms (such as Instagram and Facebook) perform.
• Detect, prevent, and address fraud, abuse, security incidents, and violations of our Terms of Service.
• Comply with legal obligations and enforce our agreements.

5. How We Share Your Information

We do not sell your personal information for money. We share information only in the following circumstances:

5.1 Public Content

Content you post on Cassetto—such as songs you share, your username, your profile, your followers, and your comments—is generally visible to other users of the Service and may be visible to the public. Do not post information you do not want others to see. Your phone number is not displayed publicly.

5.2 Service Providers

We share information with vendors who help us operate the Service. They are permitted to use the information only to perform services for us and are required to protect it. The vendors we use, and what they receive, are:

• Hetzner — provides our cloud hosting infrastructure. Hetzner stores and processes Service data on servers located in the United States. Hetzner has access to data necessary to host the Service.
• Sentry — provides error monitoring and crash reporting for our mobile applications and website. Sentry receives technical information about errors, including device information, IP address, app version, and limited contextual data needed to diagnose issues.
• Telnyx — provides SMS delivery for transactional purposes, including one-time passcodes used to sign in and account-related notifications. Telnyx receives your phone number and the SMS content we send through it.
• Textla — provides SMS delivery for marketing purposes. Textla may receive your phone number and the content of messages we send through it.
• Framer — provides hosting and infrastructure for our website at cassettosocial.com. Framer receives standard web traffic information about visitors to the website.
• Meta (Meta Pixel) — we use the Meta Pixel on our website to measure how our own marketing campaigns on Instagram, Facebook, and other Meta platforms perform. The Meta Pixel collects information including your IP address, browser and device information, pages viewed on cassettosocial.com, and certain actions you take on the site, and sends that information to Meta. Meta may use this information in accordance with its own privacy policy and data use terms. See Section 6 and Section 7.3 below for opt-out options.

We may update or add service providers from time to time as our business evolves. We require all such providers to process personal information on our behalf and in accordance with applicable data protection laws.

5.3 Legal and Safety Reasons

We may disclose information if we believe in good faith that disclosure is necessary to: (a) comply with a law, regulation, subpoena, or other legal process; (b) protect the rights, property, or safety of Cassetto, our users, or the public; (c) detect, prevent, or address fraud, security, or technical issues; or (d) enforce our Terms of Service.

5.4 Business Transfers

If Cassetto is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify users of any change in ownership or use of personal information by sending an in-app notice or SMS.

5.5 With Your Consent

We may share information for any other purpose with your consent.

6. Cookies, Analytics, and Tracking Technologies

We use cookies, web beacons, software development kits (SDKs), local storage, and similar technologies to operate the Service, remember your preferences, keep you signed in, and understand how the Service is used.

On our website, the Meta Pixel sets cookies and collects browser and device information so we can measure how visitors arrive at and interact with the site. The Pixel’s data is sent to Meta. You can opt out of Meta’s use of this information for advertising purposes through your account settings on Meta platforms (facebook.com/adpreferences) and through industry opt-out tools at optout.aboutads.info and optout.networkadvertising.org. You may also block third-party cookies in your browser settings.

In our mobile applications, our Sentry SDK collects technical information about errors and crashes. This data is used to diagnose and fix problems with the Service.

Most browsers and mobile devices let you control cookies and similar technologies through settings. Disabling them may affect functionality. We honor Global Privacy Control (GPC) signals from browsers as a valid opt-out of sharing where applicable. We do not currently respond to other “Do Not Track” signals because no common industry standard exists.

7. Your Rights and Choices

7.1 Access, Update, and Deletion

You can access and update most of your account information directly within the Service. You may delete your account at any time by contacting us at legal@cassettosocial.com. Because your phone number is your account identifier, we may verify a deletion or rights request by sending a one-time passcode to that number. After deletion, we will delete or de-identify your personal information within a reasonable period, except where we are required or permitted to retain it (for example, for legal compliance, fraud prevention, dispute resolution, or enforcing our agreements). Residual copies may remain in backup systems for a limited time.

7.2 Communications

We send service-related SMS messages, including one-time passcodes for sign-in and important account or security notices. These messages are necessary to operate the Service and you cannot opt out of them while you have an account. If we ever send marketing SMS, we will obtain any required consent and you will be able to opt out at any time by replying STOP to the message or by adjusting your in-app settings. Where required by law, we will obtain your consent before sending marketing messages, and we will maintain records of such consent.

7.3 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights regarding your personal information, subject to certain exceptions:

• The right to know what personal information we collect, use, disclose, and (where applicable) share.
• The right to request a copy of the personal information we have collected about you.
• The right to request deletion of personal information we have collected from you.
• The right to request correction of inaccurate personal information.
• The right to opt out of the “sharing” of personal information for cross-context behavioral advertising. We do not sell personal information for money. Our use of the Meta Pixel on our website may be considered “sharing” under California law. You may opt out of this sharing by enabling Global Privacy Control in your browser, by adjusting your Meta ad settings at facebook.com/adpreferences, or by contacting us at legal@cassettosocial.com.
• The right to limit use of sensitive personal information. We do not use sensitive personal information for purposes that would trigger this right.
• The right to non-discrimination for exercising your privacy rights.

To exercise these rights, contact us at legal@cassettosocial.com. We will verify your identity before responding, generally by sending a one-time passcode to the phone number on your account. You may also designate an authorized agent to make a request on your behalf, in which case we will require proof of authorization.

7.4 Other U.S. State Privacy Rights

Residents of certain other U.S. states (including Colorado, Connecticut, Virginia, Utah, and others) may have similar rights to access, correct, delete, or obtain a copy of their personal information, and to opt out of targeted advertising or profiling. To exercise these rights, contact us at legal@cassettosocial.com.

8. Data Retention

We retain personal information for as long as your account is active and as needed to provide the Service. Retention periods may vary depending on the type of data, the purpose for which it was collected, and applicable legal or operational requirements. After you delete your account, we will delete or de-identify your personal information within a reasonable period, except where we are required or permitted to retain it longer—for example, to comply with legal obligations, resolve disputes, prevent fraud, or enforce our agreements.

8.1 Use of De-Identified and Aggregated Data

We may use information that has been de-identified or aggregated so that it can no longer reasonably be used to identify you for purposes such as analyzing usage trends, improving the Service, and developing new features. Such information is not considered personal information.

9. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect your information, including encryption in transit. Because we authenticate users by SMS one-time passcode rather than passwords, we do not store user passwords. However, no security measure is perfect, and we cannot guarantee the absolute security of your information. Keep your phone secure, do not share one-time passcodes with anyone, and notify us at legal@cassettosocial.com if you suspect unauthorized access to your account or if you lose access to your phone number. You are responsible for maintaining the security of your device and phone number. Cassetto is not responsible for unauthorized access resulting from compromise of your device, SIM, or mobile carrier account.

10. Third-Party Services and Links

The Service includes links to and integrations with third-party services such as Spotify, Apple Music, and YouTube. When you follow a link to a third-party service or play content hosted on a third-party service, that service’s own privacy policy and terms apply. We are not responsible for the privacy practices of third parties.

11. International Users

Cassetto is operated from the United States, and our servers are located in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by posting the updated policy on the Service and updating the “Last Updated” date above, and where appropriate, by sending you an in-app notice or SMS. Your continued use of the Service after the updated policy takes effect constitutes acceptance of the changes.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Cassetto LLC
321 19th Ave S, Ste 2-212
Minneapolis, MN 55455-0438
United States

Email: legal@cassettosocial.com