privacy policy

last updated: january 2025

the short version

tuneport does not collect, store, or transmit any personal data. everything runs locally in your browser. we have no servers, no analytics, no tracking. your data stays on your device.

data we don't collect

no personal information (name, email, etc.)
no browsing history or activity logs
no usage analytics or telemetry
no cookies for tracking purposes
no data shared with third parties

spotify authentication

tuneport uses spotify's official oauth 2.0 with pkce (proof key for code exchange) for authentication. this is the most secure method available:

your spotify password is never seen or stored by tuneport
authentication happens directly with spotify's servers
access tokens are stored locally in your browser's extension storage
tokens can be revoked anytime from your spotify account settings

permissions explained

the extension requests these permissions:

tabs / activeTabread youtube video title from current tab to search spotify

storagesave your preferences and spotify tokens locally

downloadssave audio files to your downloads folder when you request it

notificationsshow success/error messages after actions

contextMenusadd 'add to spotify' option when you right-click

identityhandle spotify oauth login flow

external services

tuneport communicates with these services only when you trigger an action:

spotify api - to search tracks and add to playlists (requires your auth)
youtube - to read video metadata from pages you visit
download services (optional) - cobalt.tools or self-hosted yt-dlp when you request downloads

no data is sent to any service without your explicit action.

data deletion

since we don't collect data, there's nothing to delete on our end. to remove all local data:

uninstall the extension from your browser
revoke tuneport access from your spotify connected apps

open source

tuneport is open source. you can audit the code yourself at github.com/Microck/tuneport

questions? open an issue on github