Back to home

Privacy Policy

Last updated: March 2026

1. What We Collect

When you connect Spotify, we receive your Spotify user ID, display name, profile photo URL, and your top artists and tracks over various time periods. We store your account details and roast results in our database. We do not collect or store payment card details — those are handled directly by Stripe.

2. How We Use Your Data

We use your Spotify listening data exclusively to generate AI roast content. Specifically:

• Your top artists, tracks, and genres are sent to Anthropic's Claude API to generate your roast
• Your display name may appear on your roast page if you share it
• Your roast results are stored so you can access your history
• We do not use your data for advertising, profiling, or sale to third parties

3. AI Processing — Anthropic Claude

Roast content is generated by Anthropic's Claude AI. When generating a roast, we send your anonymised music listening data (artist names, track names, genres) to Anthropic's API. We do not send your name, email, or Spotify ID to Anthropic. Anthropic's data handling is governed by their own privacy policy. Claude-generated content is satirical and does not reflect factual assessments of any person.

4. Cookies and Session Data

We use a single secure, httpOnly session cookie to keep you logged in. We do not use advertising cookies, cross-site tracking cookies, or third-party marketing pixels. Aggregate analytics are collected via Vercel Analytics and contain no personally identifiable information.

5. Third-Party Services

We use the following third-party services, each governed by their own privacy policies:

Spotify AB — OAuth authentication and listening data
Anthropic — AI content generation (Claude API)
Stripe — Payment processing and subscription management
Supabase — Database hosting (data stored in EU/US region)
Vercel — Application hosting and aggregate analytics

6. Public Roast Pages

When a roast is generated, a public page is created at a unique URL. This page includes your display name, avatar, and roast results. This page is accessible to anyone with the link. You control whether you share this link. You can request deletion of your roast data at any time by contacting us.

7. Data Retention

Your account data and roast history are retained while your account is active. If you wish to delete your account and all associated data, contact us at the email below and we will process your request within 30 days.

8. Your Rights

Depending on your jurisdiction, you may have rights including:

Access — request a copy of the data we hold about you
Correction — request correction of inaccurate data
Deletion — request deletion of your account and data
Portability — request your data in a portable format
Objection — object to certain processing of your data

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

9. Children's Privacy

The Service is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

Privacy questions or data requests: support@invoicebench.com

Your Music Sucks — brutal honesty, good vibes
Not affiliated with Spotify ABPrivacyTerms