Privacy Policy

Last updated: 2026-05-25 — Draft. Legal review pending before public launch.

What we collect

• Your Google account identifier (sub), email address, and YouTube channel ID/title
• YouTube Analytics data: per-video metrics, retention curves, audience activity windows, demographics (aggregated)
• Video source files you upload (deleted within 72 hours of processing)
• Your interactions with clip candidates (upvote/downvote/skip/trim) to improve personalisation

How we use it

All data is used exclusively to provide the AutoClip service — generating personalised clip candidates and content recommendations for your channel. We do not sell your data, share it with advertisers, or use it to train models for other users.

YouTube API data

AutoClip accesses YouTube data via the YouTube API Services under your authorisation. Your YouTube data is handled per the Google Privacy Policy. You can revoke access at any time via Google Security Settings. Analytics data is refreshed periodically and not retained indefinitely.

Limited Use disclosure

AutoClip's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, AutoClip:

• limits its use of YouTube API data to providing and improving the user-facing features described in this policy;
• does not transfer YouTube API data to third parties except as necessary to provide or improve those features, for security purposes, or to comply with applicable law;
• does not use YouTube API data for serving advertisements; and
• does not allow humans to read your YouTube API data unless you have given consent, it is necessary for security or to comply with applicable law, or the data has been aggregated and anonymised.

Data retention

• Source video files: deleted within 72 hours of processing
• Rendered clip files: retained until you delete them or your account
• Analytics data: refreshed periodically; deleted on account deletion
• OAuth tokens: stored encrypted; deleted on account deletion or token revocation

Your rights

You may request deletion of all your data at any time via the account deletion option in your profile settings. This revokes our OAuth access, deletes all stored data, and purges all media files.

Security

OAuth tokens are encrypted at rest using industry-standard symmetric encryption. All data is transmitted over TLS. We minimise stored PII to what is strictly necessary for the service.

For questions or data requests: [email protected]