Privacy Policy

Effective date: 2026-05-05 · Last updated: 2026-05-05

Status: DRAFT. Subject to attorney review before public launch.

Who we are

Flame Pro DJ is a desktop application sold and supported by an independent developer ("we", "us") at moflamepro.com. Contact: privacy@moflamepro.com.

What this document covers

This policy describes what data Flame Pro DJ collects, where it goes, and what we do with it. It applies to:

• The desktop application;
• The marketing pages on this website;
• The license-server endpoints we operate at license.moflamepro.com for activation and deactivation.

It does not apply to Paddle's checkout — Paddle is the merchant of record for purchases and has its own privacy policy at paddle.com/legal/privacy.

TL;DR

• The app is offline-first. Your music library, playlists, sessions, and analysis results live on your machine in ~/.music_manager/.
• Some features call third-party APIs that you opt into (AI providers, streaming services, AcoustID). When you use those features, the app sends only the minimum data needed for that feature to work.
• We do not run analytics. There is no telemetry pipeline collecting feature usage.
• Crash reports are opt-in. You can disable them in Settings.
• The license server only sees what's needed for activation: license key, an opaque hash of your computer's hardware ID, and a label you set ("John's MacBook Pro").

Data stored locally

The app writes the following to ~/.music_manager/ on your machine:

• library.db — SQLite database with track metadata, BPM/key analysis, and play counts.
• library_cache.json — debug-only mirror of the database for inspection.
• settings.json — your preferences, including any API keys you entered.
• license.json — the signed activation token bound to your machine. Stored with owner-only file permissions (0o600).
• playlists.json, cuepoints.json, session_history.json — DJ data.
• *_user_tokens.json — OAuth tokens for streaming services you connected. Stored with owner-only file permissions.
• recycle/ — files the app moved to its recycle bin instead of deleting permanently.
• activity.log — application log, capped at ~5 MB then rotated.

None of this data leaves your machine unless you trigger a feature that calls an external service. The list of external calls follows.

Data sent to our license server

To activate, deactivate, or refresh your license, the app sends the following to license.moflamepro.com:

• Your Paddle license key;
• An opaque SHA-256 hash of your computer's hardware identifier (IOPlatformUUID on macOS) — not the raw value;
• A user-readable machine label (e.g. "John's MacBook Pro") so you can recognise it in support emails.

We use this only to enforce the one-license-per-computer rule, to issue and refresh the signed activation token, and to revoke licenses when Paddle reports a chargeback or refund. We do not associate it with any other browsing or app activity.

External services (optional, user-triggered)

AI providers

The Gig Wizard, smart-fix, translate, and Smart Setlist features call the AI provider you configured in Settings → AI:

• Anthropic — Claude API. Sends prompt text only. Subject to Anthropic's privacy policy.
• OpenAI — GPT API. Sends prompt text only. Subject to OpenAI's privacy policy.
• Google — Gemini API. Subject to Google's privacy policy.
• Ollama — local model. No data leaves your machine.

What we send: track titles, artists, BPMs, keys, and the genre / mood / energy fields you generated locally. We do not send audio files or full lyrics text to these providers.

Streaming services (optional, OAuth)

If you connect a streaming service in Settings → Streaming, the app stores an OAuth token locally and queries that service's API on your behalf:

• Spotify — playlist read access per the scopes you approve.
• YouTube Music — read-only access to your playlists.
• SoundCloud, Tidal, Deezer, Beatport / Beatsource — same model.

Tokens are stored locally only. We do not see them. The app does not stream, cache, proxy, or download audio from any streaming service.

AcoustID fingerprinting (optional)

When you run Library → Identify, the app generates an audio fingerprint locally (using chromaprint/fpcalc) and submits it to AcoustID to look up the recording. The fingerprint is a numeric hash, not the audio. This is governed by the AcoustID privacy policy.

Spotify audio-features cache

When you run the Spotify Sync tool, the app stores Spotify's canonical danceability / energy / valence / tempo / key for each matched track in your local library.db. Per Spotify Developer Policy IV, these rows expire after 30 days and are swept on the next app launch; the next sync re-fetches them on demand.

Third-party lyrics (lyrics.ovh — disabled by default)

The Track Details tool can optionally query lyrics.ovh for full lyric text. This integration is disabled by default because lyrics.ovh's relationship with rights holders is unclear. To enable it, go to Settings → External APIs, find the lyrics.ovh card, and toggle "Enable lyrics.ovh". When enabled, the app sends the artist + title pair to lyrics.ovh on demand. Nothing is cached on disk.

DJ profanity blur (in-memory only)

When you enable the profanity blur on a deck in the DJ panel, the app runs Whisper (or falls back to LRCLIB synced lyrics) to identify the timestamp windows where flagged words appear. That list of timestamps may be cached on the track record so we don't have to re-transcribe next time; the transcript text itself is held in memory only and is never written to disk. The blur is applied at playback time as an audio-routing decision (the vocals-stem gain ramps to zero in those windows). No modified audio file is created.

The Auto-Clean panel in Tools is a library-cleanup tool — it scans for missing files, duplicates, and tag corrections. It does not transcribe or modify audio.

Update check (optional)

If "Check for updates" is enabled in Settings → General, the app makes a single HTTPS request to the update server on launch to check for a new version. The request includes the current version string and platform (macOS Apple Silicon / macOS Intel). It does not include identifying information.

Crash reports (opt-in, off by default)

If you opt into crash reports, anonymized stack traces and the app version are sent to our crash-report endpoint when the app crashes. We do not include filenames, user input, or library content in these reports.

What we do not collect

• We do not run analytics.
• We do not have user accounts, logins, or any server that identifies you (other than the license-key/machine-ID record needed for activation).
• We do not sell or share data with third parties.
• We do not collect audio content.

Marketing website (this site)

This website serves static HTML and CSS only. We do not run analytics on these pages and do not set any cookies. We do not log IP addresses beyond standard transient web-server logs (which we don't retain).

Your data, your control

• Delete everything: quit the app and remove ~/.music_manager/.
• Disconnect a streaming service: Settings → Streaming → Disconnect.
• Revoke an AI key: Settings → AI → clear the field.
• Deactivate your license: Settings → Account → Move license to another computer. This frees the activation slot on the server side.
• Request data deletion: privacy@moflamepro.com. We will remove your activation records within 30 days.

Children

The app is not directed at children under 13.

International users

Our license server is hosted in the United States. If you are accessing the app from the European Economic Area, the United Kingdom, or any other jurisdiction with cross-border data-transfer rules, by activating your license you consent to the limited transfer of your license key and machine-ID hash to our US-based infrastructure.

Changes

We may update this policy. Material changes will be announced in release notes and on this website. The "Last updated" date at the top reflects the most recent change.

Contact

Privacy questions: privacy@moflamepro.com