Last updated: June 1, 2026
This Privacy Policy explains how Tiny Trash Labs LLC ("Gloam," "we," "us") collects, uses, and shares information when you use Gloam.fm. Our guiding principle: collect as little as possible, and keep music streaming on your own provider so we never touch your listening history there.
When guests use a party's QR code they may submit song requests, an optional first name, and photos. Hosts with an admin link can send announcements. This content is associated with the party so the DJ can use it and the host can manage it. Hosts are responsible for giving guests appropriate notice and obtaining any consent required where the event takes place.
We collect basic, privacy-respecting diagnostics and technical data — such as device and app version, approximate region, and error logs — to keep the Service reliable. We aim to avoid unnecessary tracking and do not build advertising profiles.
We do not sell your personal information.
Photos guests upload are stored as files in object storage (Cloudflare R2), with lightweight metadata (id, timestamp, uploader name, dimensions) kept with the party. They appear on the live wall, the guest gallery, and the host's download view, and auto-publish to the party with no pre-approval. The host can delete any photo, which removes it from the gallery and storage. Photos are retained only as long as needed for the event and are then cleared per our retention practices.
Gloam connects to services you authorize; each handles your data under its own privacy policy:
We share only what's necessary for these services to function. We encourage you to review their policies.
We use essential cookies and on-device storage (such as localStorage) to keep you signed in and to preserve in-progress sets, party configuration, and pending requests across reloads. We don't use third-party advertising cookies.
We share information only: with the connected services above to operate the Service; with vendors who process data on our behalf under contract; when required by law or to protect rights and safety; and in connection with a business transfer (e.g. merger), with notice where required. We don't sell or rent personal information.
We keep account and billing records for as long as your account is active and as required by law. Session data — like an in-progress set or a party's pending requests and photos — is kept only as long as needed and then cleared. You can delete your account to remove associated personal data, subject to limited legal retention.
We use reasonable technical and organizational measures to protect your information, including encryption of stored API keys and access controls. No system is perfectly secure, so we can't guarantee absolute security.
Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can disconnect any connected service at any time, and contact us to exercise your rights. We won't discriminate against you for doing so.
Your information may be processed in countries other than your own; where required, we use appropriate safeguards for those transfers. Gloam is not directed to children under the age required by the app stores and connected services, and we don't knowingly collect their data.
We'll post updates here with a new date and, for material changes, provide reasonable notice. Privacy questions or requests? See our contact page or email privacy@gloam.fm.