About credentials for music services connected
Soundiiz is using as much as possible and when it's available, the OAuth Authorize process to do the connection between Soundiiz and the music service.
That means you will be redirected on a web page hosted by the music service itself and doing all the connection process on the music service side. In exchange, we are getting an access token with the one we are able to retrieve datas you have accepted to share with Soundiiz.
What about music service which are not providing the OAuth Authorize Interface ? This time, the login page will be hosted on Soundiiz directly. Your credentials will be sent to us under SSL protocol and immediately exchange to an access token with the music service. Only this access token will be saved after that on Soundiiz side (also with a cryptographic method).
At any time, just by changing your password on the music service or by revoking the access to Soundiiz, this access token will be invalidated and couldn't be usable anymore.
You are able to delete access tokens we have of the music service you have connected just by disconnecting the platform on Soundiiz interface.
About access to your music accounts
In addition of a secure login process, Soundiiz is only able to access to some information of your music accounts. These access are limited and secured by APIs we are using. Even if Soundiiz need a large panel of permissions to be able to provide so much features, any actions made on your music accounts are only hope to you when using Soundiiz. So, be careful when using Soundiiz features like the "delete" feature ;)
About credit card information for subscribers
All the Soundiiz payment process is done under a secure canal SSL and done by our provider STRIPE, which is also hosting card informations.
We've chosen to use Stripe as our payment processor, they are trusted by big companies and also more smaller business and start-ups.