Skip to content
plyr.fm docs

privacy policy

note: the source of truth is frontend/src/routes/privacy/+page.svelte. this markdown is a plain-text mirror for reference.

last updated: february 6, 2026

plyr.fm (“we”, “us”, or “our”) is an audio streaming application built on the AT Protocol. this privacy policy applies to the instance at https://plyr.fm (the “site”).

plyr.fm is open source under the MIT license. other instances or derivatives hosted elsewhere are not covered by this policy.

this policy explains what data we collect, what’s public by design on the AT Protocol, and your rights.

1. the AT Protocol

Section titled “1. the AT Protocol”

plyr.fm uses the AT Protocol for identity and social features. this has important implications:

public by design: your DID, handle, profile, tracks, likes, comments, and playlists are stored on your PDS (Personal Data Server) and remain under your control. the AT Protocol is a public data protocol—this data is accessible to any AT Protocol application, not just plyr.fm.

your PDS: plyr.fm does not operate a PDS—we write records to wherever your account is hosted (e.g., bsky.social or a self-hosted PDS). we do not control that data; their privacy policies govern it.

private data: session tokens, preferences, and server logs are stored only on our servers.

2. data we collect

Section titled “2. data we collect”

you provide: your AT Protocol identity when you log in, audio files and metadata you upload, and preferences like accent color.

automatically: play counts, IP addresses, browser info, and session cookies for authentication.

3. how we use it

Section titled “3. how we use it”

we use your data to provide the service, maintain your session, and improve the platform. we do not sell your data or use it for advertising.

4. third parties

Section titled “4. third parties”

we use:

  • Cloudflare - CDN, storage (R2)
  • Fly.io - backend hosting
  • Neon - database
  • Logfire - error monitoring
  • AudD - audio fingerprinting for copyright detection
  • Anthropic - image analysis for content moderation
  • ATProtoFans - supporter validation for gated content
  • Modal - audio processing for search embeddings
  • turbopuffer - vector storage for semantic search
  • Replicate - ML inference for genre classification

we may also write records to your PDS using third-party lexicon namespaces (e.g., teal.fm for scrobbling) when you enable those features.

5. your rights

Section titled “5. your rights”

you can access, correct, or delete your data through settings. when you delete your account, we remove your files from our storage and your data from our database.

we cannot delete: your DID (you control it), data on other AT Protocol servers, or records in other users’ PDSes.

6. security

Section titled “6. security”

we use HTTPS, encrypt sensitive data, and use HttpOnly cookies. no system is perfectly secure—report vulnerabilities to plyrdotfm@proton.me.

7. children

Section titled “7. children”

plyr.fm is not for children under 13. we do not knowingly collect data from children.

8. changes

Section titled “8. changes”

we may update this policy. material changes will be posted with notice.

contact

Section titled “contact”

questions? plyrdotfm@proton.me