← Back to home

Privacy Policy

Last updated: February 10, 2026 · This policy may be updated as the service evolves.

1. What is Larico Music

Larico Music (music.larico.net) is a web application that allows users to stream their own audio files stored in their personal cloud storage accounts. We currently support Google Drive, with additional providers (such as Dropbox, OneDrive, and others) planned for future releases. We do not host, store, or redistribute any audio content. The service acts solely as a bridge between your browser and your connected cloud storage providers.

2. Information we collect

When you sign in and connect a cloud storage provider, we receive and store:

  • Profile information: your name, email address, and profile picture, as provided by your authentication provider (e.g., Google).
  • OAuth tokens: an access token and refresh token for each connected cloud storage provider, used to access your files on your behalf.
  • Favorites: the identifiers and names of audio files you mark as favorites within the app, associated with the corresponding provider.

We do not collect analytics, tracking data, cookies for advertising, or any information beyond what is listed above.

3. How we use your information

  • To authenticate you and maintain your session.
  • To list and stream audio files from your connected cloud storage providers (using read-only access).
  • To store your favorites so they persist across sessions.

4. Cloud storage access

For each cloud storage provider you connect, we request the minimum permissions necessary to list and read your files. For example, for Google Drive we request the drive.readonly scope. This means we can only list and read files — we cannot modify, delete, or create any files in your storage. The same read-only principle applies to all current and future supported providers (Dropbox, OneDrive, etc.).

Audio files are streamed directly from your cloud storage through our server as a proxy; they are never downloaded, cached, or stored on our servers.

5. Data storage and security

Your data is stored in a secure PostgreSQL database hosted on Neon (cloud infrastructure). OAuth tokens are stored server-side and are never exposed to the browser. Sessions are managed via encrypted, HTTP-only cookies.

6. Data sharing

We do not sell, share, or transfer your personal data to any third parties. Your data is used exclusively to provide the service described above.

7. Data retention and deletion

Your data is retained as long as your account is active. You can revoke access at any time from your cloud provider's settings (e.g., Google Account permissions, Dropbox connected apps, OneDrive app permissions, etc.). Upon revocation, your stored tokens for that provider become invalid. To request full deletion of your account data, contact us at the email below.

8. Changes to this policy

This service is under active development. We may update this Privacy Policy as features are added or modified. Changes will be reflected on this page with an updated date. Continued use of the service after changes constitutes acceptance of the revised policy.

9. Contact

If you have questions about this Privacy Policy or your data, contact us at larico.music@gmail.com.