Privacy Policy

This page explains how RIFF LIFE collects, uses, stores, and shares personal data when you visit riff-life.com, create an account, or interact with the community features. For any privacy question, or to exercise your rights, contact dpo@riff-life.com.

Who we are

RIFF LIFE is an online community dedicated to music lovers. The service is operated directly by the RIFF LIFE team and is not run by an external advertising or data broker. Personal data is only shared with the providers explicitly listed in this policy when it is necessary to operate the site.

Data we collect

Information collected automatically

Our servers log every request in order to maintain the service, diagnose issues, and protect the platform against abuse. Each log entry contains the IP address, user agent, referrer, and requested URL. When you are signed in the log also stores your internal riffer identifier. These entries are generated by the RIFF LIFE application itself through the logging helpers (Logs and VideoEvents) and are never sold or published.

Account registration and profile

When you create or update a RIFF LIFE account we store the information you provide in the RIFFERS database table. The application stores your email address (which is also your login), chosen display name, first name, last name, country, instrument preferences, short biography, and newsletter subscription choice. You can optionally upload a profile picture (stored as an image blob) or provide your own description text. The site keeps the date your account was created and whether you have administrator privileges.

Interactions with community features

We store the content that you contribute in order to operate the community:

  • Video or audio riffs you upload, including the associated files and YouTube links.
  • Comments, answers, likes, and bookmarks you post on riffs.
  • Contest submissions, votes, rankings, and quiz results.
  • Notification preferences, such as how often you receive email alerts about riffs, comments, or news.

Emails triggered by these interactions (for example when a new comment is posted) only include the minimum details needed to alert members and are delivered by RIFF LIFE directly.

Facebook authentication

You can register or sign in with Facebook using our dedicated Facebook application (App ID 844109046838112). We rely on the official Facebook Graph API via DotNetOpenAuth to request the email and public_profile scopes. When you approve the connection we receive your Facebook numeric identifier, email, first name, last name, and profile picture URL. These details are stored alongside your RIFF LIFE account so that you can sign in again, update your avatar, and confirm your identity. We do not post to Facebook on your behalf and we never request additional permissions.

Google authentication

You can also link your Google account to sign in with a single click. RIFF LIFE uses Google's OAuth 2.0 endpoints through DotNetOpenAuth and requests the openid, email, and profile scopes. Once authorized, we receive your Google subject identifier, email address, display name, given and family names, and profile picture URL. These values are saved with your RIFF LIFE profile exclusively to authenticate you and keep your avatar in sync. We never gain access to your Google password, we do not request calendar, Drive, or other permissions, and we will never post content to your Google account.

Passwords

If you choose email and password authentication, your credentials are handled by the built-in ASP.NET WebSecurity provider used by RIFF LIFE. The application does not write your password to logs or emails.

How we use your data

  • Provide the website features, including profile pages, riffs, contests, and messaging.
  • Send the optional newsletters and notifications you subscribe to.
  • Moderate user-generated content and investigate abuse.
  • Keep our infrastructure secure by monitoring logs and service events.
  • Comply with legal obligations and respond to lawful requests from authorities.

Advertising with Google AdSense

RIFF LIFE displays advertising slots supplied by Google AdSense (publisher ID ca-pub-8662378441766059) on most public pages. The AdSense script is loaded directly from Google and may use cookies or local storage to deliver, personalize, and measure ads. Google acts as an independent controller for the data it collects through these slots. You can manage your advertising choices on Google Ad Settings. We do not share any account or profile information with Google beyond the context of the page where the ad is displayed.

Legal basis

For users in the European Union we rely on the following legal bases:

  • Contractual necessity for providing community features, processing your uploads, and authenticating your account.
  • Legitimate interest for ensuring platform security, preventing abuse, and running community contests.
  • Consent for sending newsletters, linking your Facebook account, and showing personalized Google ads as managed through Google's consent tools.

Data retention

Account information and community contributions remain stored while your account is active so that previously shared riffs and discussions remain accessible. Log entries and other diagnostic records are retained for the time necessary to investigate incidents and maintain service reliability. You can request deletion of your account at any time; doing so removes your profile information and disassociates your contributions where feasible.

Your rights

You can access and update most of your personal data from the Account Settings page. To request a copy of your data, ask for corrections we cannot provide in self-service, withdraw consent, or request deletion of your account, contact dpo@riff-life.com. We will respond within 30 days. If you are located in the European Union and believe your rights were violated you may lodge a complaint with your local supervisory authority.

Data security

We secure account access using HTTPS and store data in protected databases. Access to administrative tools is limited to the RIFF LIFE staff. We regularly review access rights and audit logs for suspicious activity.

Children's privacy

RIFF LIFE is intended for users aged 16 and older. We do not knowingly collect personal data from children. If you believe we have collected information about a child under 16, please contact us so we can remove it.

Changes to this policy

We may update this policy to reflect changes in our practices or legal requirements. When we make significant changes we will notify registered users via email or through a prominent notice on the website.