Privacy Policy – PlaylistPilot GPT & API

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

SPCast / STREAMPANEL
Contact: www.spcast.eu/kontakt

2. Scope of This Privacy Policy

This privacy policy applies exclusively to:

• The use of the PlaylistPilot Custom GPT via the OpenAI ChatGPT platform
• The use of the PlaylistPilot Public API at https://www.playlistpilot.eu/api/v1/

For the use of the website playlistpilot.eu itself, the general privacy policy applies.

3. No Collection of Personal Data

We do not collect, store, or process any personal data in connection with the use of the PlaylistPilot GPT or the API. Specifically:

• No registration required: No user account, login, or registration of any kind is necessary.
• No storage of queries: Search queries submitted through the GPT or API are not linked to identifiable user data or stored in a personally identifiable manner.
• No cookies: The GPT and API do not set any cookies.
• No tracking: No tracking technologies, analytics tools, or fingerprinting methods are used.
• No IP storage: IP addresses are only processed temporarily in memory for rate-limiting purposes (max. 30 requests per minute) and are not permanently stored or logged.

4. Anonymized, Aggregated Data

Search queries may be statistically evaluated in anonymized and aggregated form (without any link to individual persons) for the "Trending" feature. This data expressly does not constitute personal data within the meaning of the GDPR (Art. 4 No. 1 GDPR), as no identification of individuals is possible.

5. Data Processing by Third Parties

When using the PlaylistPilot GPT via ChatGPT, the privacy policy of OpenAI additionally applies. The processing of inputs within ChatGPT is the responsibility of OpenAI:

• OpenAI Privacy Policy

PlaylistPilot has no access to your ChatGPT conversations, your OpenAI account, or any other data stored by OpenAI.

6. API Usage

The PlaylistPilot API is publicly accessible and requires no authentication. The following technical conditions apply:

• Rate limiting: Maximum 30 requests per minute per IP address. The IP is only processed temporarily for this purpose.
• CORS: The API allows cross-origin requests.
• Encryption: All requests are exclusively transmitted over HTTPS (TLS encrypted).

7. Your Rights Under GDPR

Since we do not collect or store any personal data, the data subject rights under Art. 15–21 GDPR do not apply to GPT and API usage due to the absence of data processing. Should you have any questions, please contact us via our contact page.

8. Changes to This Privacy Policy

We reserve the right to amend this privacy policy as necessary to adapt it to changed legal requirements or feature updates. The current version is always available at this URL.

Last updated: March 2026