The two main additions to the policy, listed below, state what information Spotify is after. If you have already agreed to these new terms, the service is collecting your data:
3.3 Information Stored on Your Mobile Device
3.4 Location and sensor information
Depending on the type of device that you use to interact with the Service and your settings, we may also collect information about your location based on, for example, your phone’s GPS location or other forms of locating mobile devices (e.g., Bluetooth). We may also collect sensor data (e.g., data about the speed of your movements, such as whether you are running, walking, or in transit).
Spotify will also be going to their partners for your information, which is due in part to gain information on how ad space is viewed:
3.8 Spotify service providers and partners
We may also receive information about you from our service providers and partners, which we use to personalise your Spotify experience, to measure ad quality and responses to ads, and to display ads that are more likely to be relevant to you. We also use this information as explained in the section How we use the information we collect below.
Of course they will be sharing your information with other organizations who wish to know more about you, the consumer. It's clear that this whole information grabbing system revolves around money and ad space. Spotify wants to be able to show how the ad space, which is found on the streaming service, reaches it's target demographic. Very similar to how those ads on the side of your Facebook page are directly tailored toward you.
5.2.1 Marketing and advertising
We may share information with advertising partners in order to send you promotional communications about Spotify or to show you more tailored content, including relevant advertising for products and services that may be of interest to you, and to understand how users interact with advertisements. The information we share is in a de-identified format (for example, through the use of hashing) that does not personally identify you.
It has become apparent that no information on the internet is safe, but it's equally disturbing to think that even the private information on your mobile device is being collected. Private information is not so private anymore and that's just the reality of the technological age we live in. The question still remains though, is our information really safe? Some will remember in 2014 when Spotify made a statement about how there was unauthorized access to it's systems and internal data. Do we want to allow such a company to collect our information if we don't know that it's being kept safe? That's for you to decide.