1. Overview
PowerCogs ("we", "us", "our") is a web application that enhances the Discogs experience for vinyl collectors. This Privacy Policy explains how we collect, use, and protect your information when you use PowerCogs at powercogs.com.
2. Information We Collect
- Discogs account data — your Discogs username, user ID, want list, and collection data, obtained via OAuth and the Discogs API.
- Email address — optionally provided by you to receive alert notifications about want list matches.
- Phone number — optionally provided by you to receive SMS alert notifications. Stored in E.164 format.
- Usage data — pages visited, features used, and interactions within the app, collected via Google Analytics.
- Payment information — processed by Stripe. We do not store card numbers or payment details.
3. SMS Communications
PowerCogs offers optional SMS alert notifications for want list matches. SMS alerts are available to Backstage (Ultimate) tier subscribers only.
- Opt-in: You explicitly opt in to SMS alerts by entering your phone number in Settings → Notifications → SMS Alerts and clicking Save. No SMS will be sent without this explicit action.
- Message content: Messages contain information about vinyl records matching your want list (artist, title, price, condition, and a Discogs listing link). Example: PowerCogs: Miles Davis – Kind of Blue · USD 29.99 · VG+
- Frequency: Alert messages are sent only when a want list match is detected. We enforce a maximum of 100 SMS per user per calendar month.
- Opt-out: You can remove your phone number at any time in Settings → Notifications → SMS Alerts → Remove. This immediately stops all future SMS from PowerCogs.
- Message and data rates may apply based on your mobile carrier plan.
- SMS services are powered by Twilio. Your phone number is shared with Twilio solely for message delivery purposes.
4. How We Use Your Information
- To provide want list monitoring and alert delivery (email, SMS, push, in-app)
- To sync your Discogs want list and collection data
- To manage your subscription and billing via Stripe
- To improve the service through aggregated usage analytics
We do not sell your personal information to third parties.
5. Data Storage and Security
Your data is stored in a PostgreSQL database hosted on Railway. We use industry-standard security practices including encrypted connections (TLS), hashed tokens, and access controls. Discogs OAuth tokens are stored encrypted.
6. Third-Party Services
- Discogs — want list and collection data via OAuth
- Twilio — SMS delivery
- Resend / Mailgun — email delivery
- Stripe — payment processing
- Google Analytics — anonymised usage analytics
- Railway — cloud infrastructure and database hosting
7. Your Rights
You may request deletion of your account and associated data at any time by contacting us. You can remove your email address and phone number from Settings at any time, which immediately stops all corresponding notifications.