I am using both NoScript and Privacy Badger. The first one needs just two things to run (pcloud.link and pcloud.com) - which is kind of understandable (for the password and for the whole site to work - the others can be blocked and everything works fine), and PBadger reports the page wants some fonts of Google. All of that is nothing too suspicious. Of course, every tracker and every (Java)Script is potentially bad, but it's also a myth to stop being tracked in a large scale, almost as ridiculous as people don't want their photos taken in public as a bystander or something. Sorry, then burry yourself under a stone if you don't want to to exist practially
You can still set up a sandbox if you are that horribly afraid (no harsh tones intended, even though over text I sound like that).
I'd rather enjoy the music and the courtesy of him changing his previous hoster (anonfiles) that is known to be virus and malware riddled to PCloud, albeit PCloud is often horribly slow (150 KByte/s is the norm here for me). Or that he proves his disks for free in WAV and FLAC; if the tracking is hindering you from listening to disks that he bought from his own, real money and found a means to provide them for free in prisinte quality - I think you might opt out of it entirely and buy those disks yourself --- by giving strangers your home address, the postal service then knows, the bank knows too, the platform (ebay, etsy, discogs) knows what you bought, and from who... You are being tracked everywhere, and most of the stuff is harmless, even in the hands of strangers realistically. The rabbit hole is too deep, and I say that who is not a professional, but highly interested in cyber security. Even companies that claim they are high on data protection does not make them immune from break-ins or leaks. It is like fighting windmills really.
The other favourite, Pixdeldrain for example, wants to connect to the Google Store and dubious things like signaler-pa.clients6.google.com. Many websites having their Reddit, Facebook, Twitch et cetera links there, all potential trackers, and both the browsers, the OS all claim to protect the data, or to mask it (basically randomizing the data before it being sent to the trackers) - all of it is pretty vague and relative in the long run. The alternative is to opt out of civilization after all - who knows your health insurance data goes to or that your mobile phone knows where you work and sleep, traffic cameras filming your licence plate, the ATM takes pictures of you while withdrawing money with timestamps, your company knows your life and education through the CV after an application et cetera...
The hosting service - of whatever kind - is a man in the middle between his files and you/me. Of course they want something from the cake. This is rather normal, it's a business.
Okay, I am done ranting
Sorry mods and admins, but I just wanted to make things a bit more clear.
