Security & data

Where your
data actually lives.

Reverb handles real money information. Royalty totals, payout balances, statement history. We think you deserve a clear answer to “where does that data sit, and who can see it?”, not a paragraph of legal hedging.

Short version

→Your distributor passwords never leave your browser. Reverb doesn't see them, doesn't store them, can't use them.
→What we DO store: your earnings totals, stream counts, statement history. Numbers, not credentials.
→Storage: an EU-region managed Postgres database (Neon), encrypted at rest, isolated per user.
→You can export everything as CSV at any time. You can delete your account and all its data in one click.

What Reverb actually stores.

The exhaustive list, no exceptions hidden. If we add a new data type later we update this page before we ship it.

Earnings rows

Per song, per platform, per month: the totals shown in your dashboard charts.

Distributor balances

Current payout balance per connected distributor.

Stream counts

Daily / weekly Spotify stream numbers pulled via the extension.

Buma/Stemra statements

Quarterly statement breakdowns (work, country, platform, share %).

Your profile

Artist name, country, roles, genres: the stuff you fill in during onboarding.

Sync metadata

When each distributor was last synced, success/failure status.

Master splits

Per-song master percentage (scraped or manually entered) with attribution.

Encrypted session context

Minimum auth fragments (like x-profile-id) so background sync works. Encrypted.

What Reverb does not store.

This is the part most people worry about most. So here it is, plain:

Distributor passwords: Never typed into Reverb. They live in your password manager, used by your browser.
Bank / card / payout info: Reverb shows your balance. It doesn't touch your payout method or banking details.
Your full distributor cookies: We capture the bare minimum needed for background sync. The full cookie jar stays in your browser.
Your music files / audio: We're a numbers dashboard, not a storage platform. Audio never reaches our servers.
Your direct messages with collaborators: We see royalty totals on your splits, never the conversations behind them.
Browser history outside Reverb domains: The extension only runs on the listed distributor + Reverb URLs. It can't see Gmail, banking, etc.

Why a browser extension.

Most royalty-tracking tools work by asking you to hand over your distributor passwords. They log in on a server somewhere, scrape your dashboard, and store the results. The credentials travel through their infrastructure. If they get breached, your TuneCore / DistroKid / Spotify accounts are on the line.

Reverb does the opposite. The Chrome extension runs the scrape from your own browser, using your already-active login session. Your password is never typed into anything Reverb-related. It stays in your password manager, exactly where it's safest.

All the extension sends to our servers is the parsed numbers: your monthly earnings totals, stream counts, balance, statement history. That data lands in our database with a row-level filter scoped to your account. Other Reverb users can't see it. Neither can support staff without an explicit, audited reason.

Where the database physically sits.

Database: Postgres, managed by Neon. EU-region instance. Encrypted at rest with industry-standard AES-256. Backups run automatically and are also encrypted.

App: hosted on Vercel (Frankfurt region). HTTPS-only, HSTS enforced. All API calls require an authenticated Clerk session.

Auth: Clerk for user accounts and sessions. They handle the password hashing, MFA, and session-token rotation, the same auth stack used by companies like Linear and Vercel.

Session blobs: for distributors where we need to refresh data on a schedule, we store the bare minimum auth context (e.g. a Buma x-profile-id header) encrypted with a per-environment key (SESSION_ENCRYPTION_KEY). Never plaintext.

What you can do, any time.

Export everything

Settings → Export my datagives you a zip with every distributor earning row, every Buma statement, every stream count we've recorded for you. As CSV, machine- readable. This is GDPR Article 20 in practice: your right to data portability.

Disconnect a distributor

Settings → remove the connection. The scraper stops. The already-pulled data stays unless you also choose to delete it (separate button).

Delete your account

Settings → Delete account. Wipes everything we hold on you across every table. We'll email you a confirmation with the row counts deleted. No 30-day grace period games.

Something still bothering you?

We're a small team during the beta. If you find something on this page that isn't accurate, or a question we didn't answer, mail us directly. We'll either fix it or tell you why we made the call we did.

hello@myreverb.nl