Privacy Policy

Last updated: 10/23/2025

1. Introduction

HiFi.Fan ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website hifi.fan (the "Site").

This policy complies with the EU General Data Protection Regulation (GDPR), and we are committed to respecting your privacy rights.

2. Information We Collect

2.1 Personal Data You Provide

• Account Information: When you create an account, we collect your email address, username, and password.
• Profile Information: You may choose to provide additional information such as your name, bio, location, and profile picture.
• Content: Information you post, including setups, comments, votes, and other contributions.
• Communications: When you contact us, we collect the information you provide.

2.2 Information Collected Automatically

• Usage Data: We collect information about how you interact with our Site, including pages visited, time spent, clicks, and scrolling behavior.
• Device Information: Browser type, operating system, device type, screen resolution, language preferences.
• IP Address and Location: We collect your IP address and derive approximate location (country/region) for content localization and security.

2.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience. These include:

• Essential Cookies: Required for the Site to function properly (e.g., authentication, security).
• Analytics Cookies: Help us understand how visitors use our Site (Google Analytics).
• Advertising Cookies: Used to deliver relevant advertisements (Google AdSense).

EU users will be prompted to consent to non-essential cookies. You can manage your cookie preferences at any time through our cookie consent banner.

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Consent: For analytics and advertising cookies, email marketing
• Contract: To provide our services when you create an account
• Legitimate Interests: For security, fraud prevention, and improving our services
• Legal Obligations: When required by law

4. How We Use Your Information

We use the collected information for:

• Providing and maintaining our services
• Creating and managing your account
• Personalizing your experience
• Analyzing usage patterns to improve our Site
• Communicating with you about updates, security alerts
• Detecting and preventing fraud or abuse
• Complying with legal obligations
• Displaying relevant advertisements (with consent)

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party services that help us operate our Site:
  • Supabase (Authentication)
  • Google Analytics (Analytics - with consent)
  • Google AdSense (Advertising - with consent)
  • Cloudflare (CDN and security)
  • Azure (Hosting)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In case of merger, acquisition, or sale of assets
• With Your Consent: When you explicitly agree to sharing

6. Your Rights (GDPR)

Under GDPR, EU residents have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a portable format
• Restriction: Limit how we process your data
• Object: Object to certain processing activities
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at [email protected]. We will respond within 30 days.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

• Account Data: Retained while your account is active
• Content: Public content remains visible unless you delete it
• Analytics Data: Aggregated data retained for up to 2 years
• Legal Records: As required by applicable laws

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (HTTPS)
• Secure authentication systems
• Regular security audits
• Access controls and monitoring
• Incident response procedures

9. International Data Transfers

Your data may be transferred to and processed in countries outside the EU. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Privacy Shield certification (where applicable)

10. Children's Privacy

Our Site is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies before providing personal information.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.

13. Contact Information

For questions about this Privacy Policy or to exercise your rights, contact us at:

• Email: [email protected]
• Website: hifi.fan
• Data Protection Officer: [email protected]

14. Supervisory Authority

EU residents have the right to lodge a complaint with their local data protection authority if they believe we have violated their privacy rights.