Privacy Policy
Last updated: March 2, 2026
1. Who We Are
Chord Library (www.chord-library.com) is a free guitar chord reference service operated from Poland. For any questions about this policy or your personal data, contact us at contact page.
2. What Data We Collect
Account data (when you sign in with Google)
- Name
- Email address
- Profile picture URL
We receive this information from Google when you choose to sign in. We do not access your Google password or any other Google account data.
Usage data
- Saved chords and chord progressions you choose to store
Analytics data
- Anonymized page view data collected by Ahrefs Web Analytics (cookieless — no personal data collected)
Technical data
- IP address, browser type, and operating system (standard server logs)
3. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR), we process your data based on:
- Contract performance (Art. 6(1)(b)) — to provide account features such as saving chords and progressions when you sign in.
- Legitimate interest (Art. 6(1)(f)) — for security, preventing abuse, maintaining the service, and cookieless site analytics (Ahrefs Web Analytics, which does not collect personal data).
4. How We Use Your Data
- To provide and maintain your account and saved chords
- To display your profile information when you are signed in
- To improve the site through anonymized, cookieless analytics
- To communicate with you if you contact us
5. Third Parties
We share data with the following service providers, strictly for the purposes described:
| Provider | Purpose | Data shared |
|---|---|---|
| Authentication (OAuth) | Name, email, profile picture (received from Google) | |
| Supabase | Database & authentication hosting | Account data, saved chords, saved progressions |
| Ahrefs | Site analytics (cookieless) | Anonymized page view data (no personal data) |
We do not sell your personal data to any third party.
6. Data Storage and Security
Your data is stored in a PostgreSQL database hosted by Supabase. All data is encrypted in transit (TLS/SSL). Access to your data is restricted through row-level security policies — only you can read, modify, or delete your own saved data.
7. Data Retention
- Account data and saved chords are kept for as long as your account exists. You may request deletion at any time.
- Analytics data is retained according to Ahrefs' own data retention policies.
- Server logs are retained for up to 30 days for security purposes.
8. Your Rights Under GDPR
As an EU resident, you have the following rights regarding your personal data:
- Right of access (Art. 15) — request a copy of the data we hold about you
- Right to rectification (Art. 16) — correct inaccurate data
- Right to erasure (Art. 17) — request deletion of your data ("right to be forgotten")
- Right to restrict processing (Art. 18) — limit how we use your data
- Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
- Right to object (Art. 21) — object to processing based on legitimate interest
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
To exercise any of these rights, email us at contact page. We will respond within 30 days.
9. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Polish supervisory authority:
Urząd Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa
uodo.gov.pl
10. Cookies
We use cookies and local storage for essential site functionality only. Our analytics provider (Ahrefs Web Analytics) is cookieless and does not require consent. For full details, see our Cookie Policy.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent revision. Continued use of the service after changes constitutes acceptance of the updated policy.
12. Contact
For questions, concerns, or data requests:
contact page