Privacy Policy
This Privacy Policy explains how Charana Studios (“we”, “us”, “our”) collects, uses, and shares information when you use the BollyTube applications and related websites, including bollytube-music.web.app (collectively, the “Services”).
By using the Services, you agree to this Policy. If you do not agree, please do not use the Services.
1. Who we are
BollyTube is developed and operated by Charana Studios. Contact for privacy requests:
- Email: charanastudios [@] gmail [dot] com
- Website: https://bollytube-music.web.app/
2. Apps and platforms covered
This Policy covers BollyTube experiences shipped under package family me.bollytube.bollytube, including:
- Phone / tablet (Google Play)
- Android TV
- Wear OS (local playback and phone companion control)
- Android Auto and Android Automotive media experiences
- This marketing website and hosted static assets (for example artist cover images)
3. Information we collect
3.1 Information you provide
- Account / sign-in data. If you sign in with Google, we receive identity information provided by Google Sign-In / Credential Manager and Firebase Authentication (for example display name, email address, and a unique user ID). Registration is optional, but some library sync features require sign-in.
- Library content you create or save. Favorites, followed playlists/artists, recently played items, user playlists, and similar library state may be stored and associated with your account when signed in. On some surfaces, recent history can also be stored locally on device.
- Support messages. If you email us, we process the contact details and content of your message.
- Settings preferences. App preferences such as player choice, language, audio-only modes, and theme may be stored on device (and related remote config keys when applicable).
3.2 Information collected automatically
- Device and app diagnostics. Device type, OS version, app version, crash logs, performance data, and similar diagnostics (including via Firebase Crashlytics and Analytics).
- Usage events. Feature usage analytics that help us understand engagement and improve the product (Firebase Analytics / related Google products).
- Push notification tokens. When notifications are enabled, Firebase Cloud Messaging may process device tokens to deliver messages.
- Network metadata. Standard server logs and security signals may include IP address and request metadata when you use our backends or hosting.
3.3 Information we do not intentionally collect
- We do not request precise GPS location for core music features.
- We do not ask for contacts, SMS, or call logs.
- We do not process payment card numbers inside BollyTube. Any purchases (if offered through Google Play) are handled by Google’s billing systems under Google’s policies.
4. How we use information
- Provide playback, browsing, search, recommendations, library sync, and multi-device features
- Authenticate users and secure accounts
- Maintain and improve reliability (crash reporting, diagnostics, quality)
- Send operational or product messages (for example Firebase In-App Messaging / notifications where enabled)
- Host static assets such as artist cover images used by the apps
- Comply with legal obligations and enforce Terms of Service
5. Music content and third-party platforms
BollyTube helps you discover and play music videos and audio streams that originate from YouTube and related public sources. Playback and content availability are subject to YouTube’s terms, policies, and technical limitations. YouTube and Google may process data under their own privacy policies when content is requested or played.
Catalog metadata (playlists, charts, artist lists, etc.) may be stored in our Firebase Realtime Database and related services so the apps can load curated content quickly.
BollyTube is an independent music discovery app. Names of charts or playlists that reference other services describe curated discovery content only and do not imply any affiliation with Spotify, Apple Music, YouTube Music, Billboard, or other third parties.
6. Service providers and third parties
We use trusted processors to run the Services. Key providers include:
- Google Play Services
- Google Firebase (Authentication, Realtime Database, Analytics, Crashlytics, Cloud Messaging, In-App Messaging, Hosting)
- Google Sign-In / Identity
- YouTube / Google for media content and related playback infrastructure
These providers process data according to their terms and privacy policies. We do not sell your personal information.
7. When we share information
We may share information:
- With service providers acting on our instructions (section 6)
- If required by law, legal process, or governmental request
- To protect rights, safety, fraud prevention, or security
- In connection with a merger, acquisition, or asset transfer, with notice where required
8. Data retention
- Account and library data is retained while your account is active and for a reasonable period afterward as needed for backups, disputes, or legal compliance.
- Local caches (for example recently played or recommendation caches) remain on device until cleared by you or uninstalled with the app.
- Analytics and crash data are retained according to the retention settings of the relevant Google/Firebase products and our operational needs (typically up to 14–26 months for analytics-style data, subject to product defaults).
To request deletion of account-associated data, email charanastudios [@] gmail [dot] com from the address linked to your account. We will respond within a reasonable time. Some residual records may remain in encrypted backups for a limited period.
9. Your choices and rights
- Sign out / don’t sign in. Many browse and play features work without an account; cloud library sync requires sign-in.
- Device permissions. Overlay / draw-over-other-apps permission may be required for the floating player. Notification permission may be required for media notifications on newer Android versions. You can revoke permissions in system settings.
- Uninstall. Uninstalling stops future on-device collection by the app.
- Access / correction / deletion. Contact us to request access, correction, or deletion of personal data we hold about you, subject to applicable law.
- EEA/UK users. Where GDPR or UK GDPR applies, our processing is typically based on contract necessity (to provide the app), legitimate interests (security, improvement), and consent where required. You may have rights to access, rectify, erase, restrict, object, and data portability, and to lodge a complaint with a supervisory authority.
10. Children
The Services are not directed to children under 13 (or the minimum age required in your country). We do not knowingly collect personal information from children. If you believe a child has provided personal data, contact us and we will take appropriate steps to delete it.
11. Security
We use reasonable technical and organizational measures appropriate to the nature of the data (for example transport encryption via HTTPS, access-controlled cloud projects, and app transport security settings). No method of transmission or storage is 100% secure.
12. International transfers
We may process and store information on servers located outside your country (including infrastructure operated by Google/Firebase). Where required, transfers rely on appropriate safeguards provided by those processors.
13. Website analytics and cookies
This marketing site is primarily static. If we enable analytics or similar tools in the future, we will update this Policy. Third-party CDNs (for fonts or CSS/JS libraries) may process technical request data under their own policies.
14. Changes to this Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top will change when we do. Continued use of the Services after an update means you accept the revised Policy. For material changes, we may provide additional notice in-app or on the website.
15. Contact
Questions about privacy or data requests: