This is how Spotify actually intends to use your personal data

'Let me try to clear things up'

Spotify

Spotify's new privacy policy has come under fire from users for being too invasive, crescendoing in a public Twitter spat between company CEO Daniel Ek and Minecraft creator Markus Persson (aka Notch), with Persson announcing he had cancelled his Spotify subscription.

Under the new update - with your permission - Spotify asks for access to a user's pictures, contacts and social media activity - the problem is, it didn't really explain why it needs to do so when the new policy went live. "With your permission, we may collect information stored on your mobile device, such as contacts, photos, or media files," reads the killer clause, hinting at future additions to the service but crucially failing to be explicit about what those features might be.

It also says "If you don't agree with the terms of this privacy policy, then please don't use the service", leading to a lot of angry users taking to social media to complain.

In response to the backlash, Ek has published a new blog post titled "Sorry" which hopes to clarify some of the confusion by explaining how Spotify intends to use your information.

"Let me be crystal clear here," he writes, "If you don't want to share this kind of information, you don't have to. We will ask for your express permission before accessing any of this data – and we will only use it for specific purposes that will allow you to customize your Spotify experience."

He then goes on to break down each area and explains how Spotify intends to use your data.

Private eye

"Photos: We will never access your photos without explicit permission and we will never scan or import your photo library or camera roll. If you give us permission to access photos, we will only use or access images that you specifically choose to share. Those photos would only be used in ways you choose and control – to create personalized cover art for a playlist or to change your profile image, for example."

"Location: We will never gather or use the location of your mobile device without your explicit permission. We would use it to help personalize recommendations or to keep you up to date about music trending in your area. And if you choose to share location information but later change your mind, you will always have the ability to stop sharing."

"Voice: We will never access your microphone without your permission. Many people like to use Spotify in a hands-free way, and we may build voice controls into future versions of the product that will allow you to skip tracks, or pause, or otherwise navigate the app. You will always have the ability to disable voice controls."

"Contacts: We will never scan or import your contacts without your permission. Spotify is a social platform and many people like to share playlists and music they discover with their friends. In the future, we may want to give you the ability to find your friends on Spotify by searching for Spotify users in your contacts if you choose to do that."

"Sharing: The Privacy Policy also mentions advertisers, rights holders and mobile networks. This is not new. With regard to mobile networks, some Spotify subscribers sign up through their mobile provider, which means some information is shared with them by necessity. We also share some data with our partners who help us with marketing and advertising efforts, but this information is de-identified – your personal information is not shared with them."

Yes, the whole thing has been a bit of a PR nightmare, but Ek's clarification makes the new policy seem a lot less creepy - if only he had published this sooner.

He also says that Spotify will update its privacy policy "in the coming weeks" to better reflect what's said in the blog post.

"We're listening to you and we take your concerns very seriously."

Article continues below