Privacy Policy
Last updated April 24, 2026
Nostaliga is built by Dinakar Tumu (contact: dinakar@pageloop.ai). This policy describes what Nostaliga does and does not do with your data. It applies to the Nostaliga iOS, iPadOS, macOS, and visionOS apps and to this website.
The short version
- Nostaliga has no user accounts and no database. We do not store your music, photos, workouts, check-ins, or any other personal data on any server.
- All matching, correlation, and display happens on your device.
- The only data that leaves your device is (a) the data you explicitly ask Nostaliga to fetch from a third-party service you have connected, which travels directly from your device to that service, and (b) when connecting Spotify or Strava, a short-lived OAuth code is relayed through a stateless Nostaliga token-swap endpoint (see below) so that the iOS app never has to hold Spotify's or Strava's client secret.
- We do not use analytics, trackers, advertising identifiers, or crash-reporting SDKs.
Token-swap endpoint
Spotify and Strava require apps to hold a client secret to
exchange OAuth codes for access tokens. Shipping that secret inside the
iOS binary would expose it to anyone. Instead, Nostaliga runs a thin,
stateless HTTPS endpoint at nostaliga.app/api/spotify/* and
nostaliga.app/api/strava/* that does exactly one thing: it
takes a one-time code (or a refresh_token) from
your device, attaches the client secret server-side, forwards the request
to Spotify or Strava, and returns the response to your device.
What that endpoint does not do:
- It does not have a database.
- It does not persist your code, access token, or refresh token. Each request is processed in memory and the values are discarded as soon as the response is returned.
- It does not read your listening history, activities, profile, or any other data — it only performs the token exchange.
- It does not associate requests with an identity or user record.
The endpoint runs on Vercel. Vercel keeps request logs (IP address, request path, status code) as part of standard infrastructure operation; those logs are governed by Vercel's privacy policy. The full source of the endpoint is public at github.com/dinakartumu/nostaliga-web.
What Nostaliga accesses on your device
- Photo library (with your permission) — to surface photos near the timestamps of songs, workouts, and places. Photo matching happens on-device. Photos are not uploaded, copied off-device, or transmitted.
- Apple Music activity (with your permission) — to show songs you have played. Nostaliga reads from the Apple Music system; nothing is written back without an explicit action.
- HealthKit data (with your permission) — workouts, walking sessions, and sleep analysis, shown inline with your music history. HealthKit data never leaves your device and is not shared with third parties.
- Local storage — Nostaliga keeps a SwiftData database on-device with your imported history, plus small caches of album art and map snapshots.
- Keychain — OAuth tokens for each third-party service you connect are stored in the iOS Keychain, device-only, not backed up to iCloud.
Third-party services you can connect
Nostaliga can read history from the following services if you choose to connect them. Each connection uses that service's official OAuth flow. The token is stored only on your device. Requests are made directly from your device to that service; Nostaliga has no intermediary server.
| Service | What we read | Their privacy policy |
|---|---|---|
| Spotify | Playback history, saved tracks | spotify.com |
| Last.fm | Scrobbles | last.fm |
| Trakt | Watch history | trakt.tv |
| Swarm / Foursquare | Check-ins, venue metadata | foursquare.com |
| Strava | Activities, routes | strava.com |
| Adobe Lightroom | Catalog, asset metadata | adobe.com |
Nostaliga never shares data it has read from one service with any other service. Data from each integration is used only to build your personal timeline inside the app.
What we do not do
- No analytics SDK, no crash-reporting SDK, no advertising SDK.
- No collection of your IP address on a Nostaliga-controlled server.
- No advertising identifier (IDFA) is read or requested.
- No "tracking" in the sense defined by Apple's App Tracking Transparency framework.
- No selling of personal data to any party, ever.
Your control
- Disconnect a service at any time from Settings → Integrations. The OAuth token is removed from Keychain. You may also optionally keep or delete history stored locally for that service.
- Delete everything from Settings → Privacy → Delete All Data. This wipes the on-device database, every OAuth token in Keychain, every cached file, and every preference. The action cannot be undone.
- Revoke server-side access at each connected service's website (e.g., Spotify → Apps, Strava → My Apps). Disconnecting in Nostaliga removes the local token; revoking on the service's site invalidates it globally.
Children
Nostaliga is not directed to children under 13 and does not knowingly collect any information from children.
Changes to this policy
We will post the updated policy on this page and revise the "Last updated" date above. Material changes will be surfaced inside the app on your next launch.
Contact
Questions about this policy or about your data: dinakar@pageloop.ai.