iutu.beiutu.be

Privacy Policy

Last updated: March 30, 2026

What We Collect

When you sign in with Google, we receive your name, email address, and profile picture. If you grant access to your YouTube account, we use the YouTube Data API v3 to read your channel data (videos, analytics, metadata) solely to power the tools you use on iutu.be.

All requests to YouTube are made exclusively through Google's official APIs. We do not scrape, crawl, or access YouTube data through any other means.

We do not collect any data beyond what is described above.

How We Use Your Data

  • Authenticate you via Google OAuth
  • Read your YouTube data to provide analysis and recommendations
  • Maintain your session and preferences

We do not sell, share, or transfer your personal data to third parties for advertising or any other purpose.

Google API Disclosure

iutu.be accesses your YouTube data solely through the YouTube Data API v3, a service provided by Google. All communication betweeniutu.beand YouTube occurs through Google's authenticated API infrastructure using OAuth 2.0 tokens that you explicitly authorize.

iutu.be's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. You can review Google's own privacy policy here.

Cookies

We use only essential cookies required to keep you signed in and maintain your session. We do not use tracking, advertising, or analytics cookies. By using iutu.be, you accept these necessary cookies.

Data Storage & Security

We take the protection of your data seriously and implement the following measures to safeguard your information:

  • Encryption in transit: All communication between your browser and iutu.be is encrypted using TLS/HTTPS. Connections to third-party services (Google APIs, our database) are also encrypted in transit.
  • Encryption at rest: Your personal data and OAuth tokens are stored in an encrypted database. Sensitive credentials such as API keys and secrets are stored as encrypted environment variables and are never exposed to the client.
  • Access controls: Access to production systems and user data is restricted to authorized personnel only and is protected by multi-factor authentication.
  • OAuth token handling: We store only the tokens necessary to operate the service on your behalf. Tokens are scoped to the minimum permissions required and can be revoked by you at any time through your Google Account.
  • Data minimization: We only collect and retain the minimum amount of data necessary to provide our services. We do not cache or permanently store your YouTube content data beyond what is needed to fulfill your request.
  • Data retention: Your data is retained only as long as your account is active. When you delete your account or request data deletion, all associated personal data is permanently removed from our systems within 30 days.

We regularly review our security practices to ensure your data remains protected. In the unlikely event of a data breach, we will notify affected users promptly via email.

Your Rights

You may revoke iutu.be's access to your Google account at any time through your Google Account permissions. You can also request that we delete all your data by emailing us.

Contact

If you have questions about this policy, reach out at contact@iutu.be.

← Back to home