Privacy Policy

Podfriend is a podcast player. We store the data you create with the app — your account, what you've subscribed to, listened to, queued up, and shared — so it can sync across your devices. We don't sell your data, we don't run third-party ad or analytics trackers, and you can delete your account at any time and your data goes with it.

• Account details — email address and a hashed password (or the identifier from your Google / Apple sign-in if you use those). A display name and a generated username.
• Listening data — which podcasts you've subscribed to, episodes you've played, your playback positions, your queue, your history.
• Activity you create — posts, comments, likes, follows, shared lists, reviews. By design these are public to other users.
• Preferences — theme, playback speed, notification settings, and similar app configuration.
• Operational logs — temporary server-side records of requests (IP address, timestamps, errors) used to keep the service running and debug problems. Routinely rotated.

We do not use third-party analytics, advertising trackers, marketing pixels, fingerprinting, or session replay. There is no Google Analytics, Mixpanel, PostHog, Segment, or similar embedded in Podfriend.

Application data (subscriptions, queue, history, social activity, etc.) lives in a PostgreSQL database we run on a server in Europe (Hostinger, Lithuania). Authentication is handled by Supabase — they hold your email and password hash so we can sign you in. Podcast cover art is fetched through our own image proxy (covers.podfriend.com) so we don't leak your IP to every podcast host.

We use Cloudflare as a CDN in front of podfriend.com, which means Cloudflare temporarily sees requests to the site for caching and DDoS protection.

We don't sell your data. We don't trade it. We don't share it with advertisers. The only places your data goes outside our own servers are:

• Supabase for authentication, as above.
• Podcast feed hosts — when the app downloads a podcast feed or audio file, your IP address is visible to whoever hosts that feed, just like any podcast app or browser. This is unavoidable.
• The Fediverse — if you choose to interact with users on other ActivityPub servers (Mastodon etc.), the posts and follows you make there are federated to those servers by design.
• Legal requirements — if we receive a valid legal request from authorities, we comply with the minimum required by law.

We use cookies and browser local storage strictly to keep you signed in and to remember UI state (theme, dismissed banners, last-played position). No advertising cookies, no cross-site tracking cookies.

• Export your data — export your subscriptions as an OPML file from the app's settings.
• Delete your account — from settings; this removes your account and the data associated with it from our database. Public posts you made may persist in caches and federated copies on other servers outside our control.
• Email us — write to [email protected] with any privacy question, request, or concern, and we will respond.

Podfriend is not directed at children under 13 (under 16 in the EU). We don't knowingly collect data from them. If you believe a child has created an account, email us and we'll remove it.

If we materially change how we handle your data, we'll update this page and change the "last updated" date at the top. Significant changes will also be announced inside the app.

Podfriend is built and operated by Martin Mouritzen. For privacy questions, data requests, or to exercise any rights you have under GDPR or similar laws, write to [email protected].