Privacy Policy - Post2YouTube

Date of Last Update: April 6, 2025

1. Introduction

Welcome to Post2YouTube, a platform designed to simplify the process of converting blog posts, articles, and other written content into engaging YouTube videos. We are committed to protecting your privacy and ensuring the security of your information. This Privacy Policy explains how we collect, use, store, and share your data, including data accessed through Google OAuth when you connect your Google account to our application.

2. Information We Collect

• Information You Provide Directly: This includes any written content you upload or input into Post2YouTube for conversion into video format.
• Google User Data: When you connect your Google account to Post2YouTube, we request permission to access the following information through Google OAuth scopes:
  1. https://www.googleapis.com/auth/youtube.upload: Allows us to upload videos to your YouTube channel and set custom thumbnails on your behalf, based on the content you provide to Post2YouTube.
  2. https://www.googleapis.com/auth/youtube: Grants us broad permission to manage your YouTube account, specifically to add videos to your playlists. This scope also includes the ability to upload videos and set thumbnails (as mentioned above).
  3. https://www.googleapis.com/auth/userinfo.profile: Provides access to your basic Google profile information, including your name and potentially your profile picture.
  4. https://www.googleapis.com/auth/userinfo.email: Allows us to access your email address associated with your Google account.
• Usage Data: To understand how users are providing content for video creation, we process information about the **mode selected by the user** in the combo box. This includes whether they choose to provide a public URL to an HTML post, a public URL to a GitHub `README.md` file, or a public URL to a general Markdown (`.md`) file. We analyze this selected mode in real-time to correctly process their content for video generation. We do not retain the specific choice of input mode after the video generation process is initiated. We also track errors and issues encountered while using the application through our server's Winston logger, which records errors to a PM2 log file. This error logging helps us identify and resolve technical problems to enhance the application's stability.

3. How We Use Your Information

• Google User Data:
  • https://www.googleapis.com/auth/youtube.upload and https://www.googleapis.com/auth/youtube (Video Upload and Thumbnails): We use this permissions to upload the videos generated from your provided written content to your connected YouTube channel and to set the thumbnail image as instructed or generated by the application.
  • https://www.googleapis.com/auth/youtube (Adding to Playlists): We use this permission to add the uploaded videos to playlists on your YouTube channel if you choose to configure this feature within the application.
  • https://www.googleapis.com/auth/userinfo.profile:We use your name and profile picture to:
    1. Display your authenticated user information within the Post2YouTube application. This allows you to see the Google account you have connected.
    2. Potentially personalize your experience within the application by displaying your name or profile picture in relevant areas (e.g., account settings, user dashboard).
    3. Your profile picture is displayed alongside other user details to confirm your connected Google account.
  • https://www.googleapis.com/auth/userinfo.email:We use your email address for the following purposes:
    1. Displaying your authenticated user information within the Post2YouTube application. This allows you to see the Google account (including the associated email) you have connected.
    2. Uniquely identifying your account within our system. This helps us associate your actions and preferences with your Google account.
    3. Potentially for communicating with you regarding your account, such as important service updates or responses to support inquiries (if you implement such communications).
• Other Data Usage: The primary way we use the content you provide (the URL to your HTML post, GitHub README, or general Markdown file) is to process it and generate a video according to the application's functionality. This involves accessing the content at the provided public URL, parsing it, and transforming it into a video format suitable for YouTube upload. To ensure correct processing, we analyze the method you selected for providing your content (e.g., HTML URL, GitHub MD URL, general MD URL) during this process, but we do not retain this selection information afterwards. We also utilize error logs, as mentioned in the "Data Storage and Security" section, to help us identify and address technical issues and improve the application's reliability.

4. Data Storage and Security

We are committed to protecting your data. Here's an overview of our data storage and security practices:

Data Storage

• Google User Data (Name, Email, Profile Picture): We do not persistently store any of your Google user data (name, email address, profile picture) on our servers. This information might be temporarily stored within your browser during your active session.
• YouTube OAuth Tokens: We do not store your YouTube OAuth access token or refresh token on our servers.
• User-Provided Content (URLs): We do not persistently store the URLs you provide for video conversion on our servers after the video generation process is complete.
• Fetched Content (Text Summary): The text summary of the content fetched from the provided URL is temporarily stored on our servers during the video generation process. This temporary data is deleted immediately after the video is uploaded to YouTube.
• Generated Videos: The generated video file is temporarily stored on our servers, similar to the text summary. It is deleted immediately after the video upload to YouTube is initiated.
• Error Logs: Our server utilizes Winston logger, which by default tracks errors to PM2 log files on the server for debugging and improving the application's reliability. These logs do not typically contain personally identifiable information.

Security Measures

• All communication between your browser and our servers is secured using HTTPS encryption.
• Access to our server and temporary data storage is strictly limited to authorized personnel. The server is protected by SSH public/private key pairs.
• We regularly update our server software and software libraries to address known security vulnerabilities.

Data Retention

• Google User Data: We do not persistently store this data on our servers.
• YouTube OAuth Tokens: We do not store these tokens on our servers.
• User-Provided Content (URLs): We do not persistently store these URLs on our servers.
• Fetched Content (Text Summary): Temporarily stored and deleted immediately after video upload.
• Generated Videos: Temporarily stored and deleted immediately after video upload initiation.
• Error Logs: Error logs are typically retained for a period necessary for debugging and analysis.

5. Data Sharing

At this time, Post2YouTube does not have any paid features, and therefore, we do not share your data with any payment processors.

However, if we introduce paid features in the future, we will need to share necessary billing information with a third-party payment processor to process your payments securely. This information may include your name, billing address, and payment details (which will be handled directly by the payment processor). We will only share the information required to process your payment. We will update this Privacy Policy to clearly identify the payment processor and the data shared at that time. We will ensure that any payment processing is done securely and in compliance with relevant regulations.

Otherwise, we do not share your Google user data (name, email address, profile picture) or your YouTube OAuth tokens with any other third parties, except as required by law or with your explicit consent.

6. Your Rights Regarding Your Data

We respect your rights regarding your personal data. While Post2YouTube does not persistently store your Google user data (name, email, profile picture) on our servers, you still have control over this data through your Google account:

• Right to Access and Rectify: You can access and rectify your Google profile information directly within your Google account.
• Right to Erasure: You can revoke the permissions granted to Post2YouTube at any time through your Google account permissions page, which effectively removes our access to your Google user data.
• Right to Object to Processing: By revoking permissions, you can also object to our further access and use of your Google user data.

Regarding the content you provide for video generation (via URL), we temporarily process this data to create your video, as outlined in this Privacy Policy. We do not retain the URLs you provide or the fetched content persistently after the video generation and upload process (or a short temporary period as described). If you have concerns about the processing of this temporary data, please contact us using the information provided below in the "Contact Us" section.

You also have the right to inquire about the error logs our server generates. Please contact us for more information.

7. Data Deletion

Since Post2YouTube does not persistently store your Google user data (name, email, profile picture) on our servers, there is no specific data deletion process within our application for this information. You have direct control over the permissions you've granted to Post2YouTube to access your Google account.

To revoke Post2YouTube's access to your Google user data at any time, please follow these steps:

1. Go to your Google Account.
2. In the navigation panel on the left, click on Security.
3. In the "Third-party apps & services" panel, click on Manage third-party access.
4. Find Post2YouTube in the list of connected apps.
5. Click on Post2YouTube.
6. Click on Remove Access.
7. Confirm that you want to remove access.

By revoking access, Post2YouTube will no longer be able to access your Google user data. Any temporary access during previous sessions will no longer be available for future use by our application.

Regarding the content you provide for video generation (via URL), this data is temporarily processed and then deleted as described in the "Data Storage and Security" section. We do not retain this content persistently in a way that would require a separate deletion process.

8. Children's Privacy

Post2YouTube is not directed towards children under the age of 13 (or the applicable age of digital consent in their jurisdiction). We do not knowingly collect personal information from children. If a parent or guardian becomes aware that their child has provided us with personal information without their consent, they should contact us using the information provided in the "Contact Us" section. We will take steps to remove such information from our systems.

9. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting a prominent notice on our website. The date of the last update will be indicated at the top of this policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: natankrasney@gmail.com