Privacy Notice

Last updated: 2026-04-28

This notice explains what data Zingit collects, where it goes, and what you can ask us to do with it. It is written for everyone, with a dedicated section at the end for users in the European Union, the European Economic Area, and the United Kingdom.

What we collect

Scrobbles — the artist, title, source URL, timestamp, and percentage played for each track you finish. The Hive Scrobbler extension records these locally and broadcasts them to Hive.
Comments and reactions — anything you post through the website or extension.
Hive account— if you connect one, we store its name in a cookie and in your browser's local storage so the site can show your data. Private keys never leave Keychain.
Reddit account — if you sign in via Reddit, we store your Reddit username server-side so a central Hive account we operate can sign scrobbles on your behalf.
Anonymous reaction ID— a random per-browser UUID used only to enforce the "3 reactions per song" cap. Not linked to any other identity unless you explicitly sign in.
Standard server logs — IP address, user agent, URL path, retained for ~14 days for abuse detection and debugging.

Where it goes

Two destinations, with very different deletion properties:

The Hive blockchain. Scrobbles and comments are written here as custom_json operations. Hive data is public and permanent: thousands of independent nodes maintain identical copies, and there is no entity (us included) that can delete or rewrite a record once it's confirmed. Treat anything you scrobble or comment as published forever.
Our server. Reactions, server logs, the indexed scrobble database, the Reddit↔Hive link table. We control these and can modify or delete them on request.

Cookies

zingit_hive_username — your connected Hive account name. Set after Keychain login. 30 days.
zingit_reactor_id — anonymous UUID for the reaction rate-limit. HttpOnly. 1 year.
No third-party trackers, no advertising, no analytics beacons. The site is plain Next.js with first-party cookies only.

Proxy-mode custody (Reddit users)

When you sign in via Reddit and scrobble before linking a Hive account, we operate a Hive account that signs each scrobble on your behalf and includes your Reddit username inside the published payload. This is a custodial arrangement: until you link your own Hive account, the on-chain ops are technically signed by us, with you identified by the Reddit handle inside.

When you later link a Hive account, we publish a one-time on-chain link record so anyone reading the chain can see that your Reddit handle and Hive account are the same person going forward. From that point your Hive account signs everything directly. The historical proxy-signed ops remain on chain unchanged and are coalesced under your Hive account on the website.

What you can ask us to do

Hide your account on the website. We will stop displaying your scrobbles, comments, and reactions. Other Hive front-ends may still display your on-chain activity — we only control scrobble.life.
Delete server-side data. Reactions, the link between your Reddit and Hive accounts (if any), server logs older than the active session.
Export what we hold. A copy of all server-side data we have associated with your account, in a machine-readable format.
What we can't do. Delete or alter any record on the Hive blockchain. This is a property of the public chain, not a policy choice. The same record is held by thousands of independent nodes worldwide and we have no authority over them.

Send requests to the email listed in the extension's store listing or via a Hive comment to @hscr. We aim to respond within 30 days.

For users in the EU, EEA, and UK

The General Data Protection Regulation (GDPR) and the UK Data Protection Act grant you rights including access, rectification, erasure, restriction of processing, data portability, and objection. The procedures above describe how we exercise these rights as far as the data we control. Two GDPR-specific notes you should read before scrobbling:

The right to erasure does not extend to the Hive blockchain.When you scrobble, the resulting record is replicated to thousands of independent nodes globally that are not operated by us. Erasure of those records is technically impossible. You can ask us to remove your account from scrobble.life's display, and we will. You should not scrobble information you would not want to be public forever. By using Zingit you accept this trade-off.
Lawful basis. We process your data on the basis of your consent (signing in) and our legitimate interest in operating the service. You can withdraw consent at any time by signing out and asking us to hide your account.

Our service is small and personal — there is no dedicated Data Protection Officer. Reach us through the channels above for any GDPR-related request and we will respond personally.

Children

Zingit is not directed at children under 13 (or 16 in the EU/EEA). If you believe we've received data from a child, contact us and we will remove it server-side immediately. The on-chain immutability constraint applies here too — we cannot retroactively delete chain data, which is one more reason not to scrobble underage.

Changes

We may update this notice. The "last updated" date at the top will reflect any change. We won't silently expand what we collect — material changes will be highlighted on the homepage for at least 30 days.