Privacy Policy

Last updated: March 21, 2026

This Privacy Policy explains how Streamloop ("we", "us", "our") collects, uses, and protects your personal information when you use our service at streamloop.app.

1. Data Controller

The data controller responsible for your personal data is Streamloop. For privacy inquiries, contact us at contact@streamloop.app.

2. Information We Collect

Information you provide

Account information: email address, display name, avatar

Authentication credentials: passkeys, OAuth tokens (Google)

Payment information: processed by Stripe (card payments) and third-party cryptocurrency processors — we do not store card numbers or wallet keys

Information collected automatically

Usage data: stream metadata (quality, duration, timestamps), credit balance and transaction history

Device information: IP address, browser type and version, operating system

Platform data: YouTube channel names, video metadata, viewership data when you connect a streaming platform

We do not set any cookies. Authentication is handled via secure session tokens.

3. Legal Basis for Processing (GDPR)

We process your data based on:

Contract performance: to provide the Service, manage your account, process billing

Legitimate interests: to improve the Service, detect fraud, ensure security

Consent: for optional features like marketing communications (you may withdraw at any time)

Legal obligation: to comply with applicable laws and regulations

4. How We Use Your Information

Provide the Service: run your streams, manage your account, process credit purchases

Billing: track credit usage, generate invoices, process top-ups

Communication: send account-related emails (verification, security alerts, billing receipts)

Security: detect fraud, prevent abuse, protect accounts

Improvement: analyze aggregate, anonymized usage patterns to improve the Service

5. Data Sharing

We do not sell your personal information. We share data with:

Stripe: to process card payments (PCI-DSS compliant)

Cryptocurrency processors: to process crypto payments

Hetzner: EU-based cloud infrastructure for hosting and running streams

Legal requirements: law enforcement when required by law, court order, or to protect our rights

6. Data Storage and Transfers

All data is stored on servers located in the European Union (Hetzner, Germany/Finland). We do not transfer personal data outside the EU except where necessary to provide the Service (e.g. payment processing), in which case adequate safeguards are in place in compliance with GDPR.

7. Data Retention

Account data: retained while your account is active

Usage records: retained for 12 months for billing and dispute resolution

Server logs: retained for 30 days for security and debugging

Account deletion: upon request, your data is deleted within 30 days, except where retention is required by law

8. Your Rights

GDPR Rights (EU/EEA residents)

You have the right to:

Access your personal data

Rectify inaccurate data

Erase your data ("right to be forgotten")

Restrict processing of your data

Data portability — receive your data in a structured, machine-readable format

Object to processing based on legitimate interests

Withdraw consent at any time for consent-based processing

Lodge a complaint with your local data protection authority

We respond to GDPR requests within 30 days.

CCPA Rights (California residents)

You have the right to:

Know what personal information we collect and how it is used

Request deletion of your personal information

Opt out of the sale of personal information — we do not sell personal data

Non-discrimination for exercising your rights

To exercise any of these rights, contact us at contact@streamloop.app.

9. YouTube and Google API

When you connect your YouTube account, we access channel and video metadata to provide the streaming service. We comply with the Google API Services User Data Policy, including Limited Use requirements. You may revoke our access at any time through Google Security Settings.

10. Security

We implement industry-standard security measures including:

Encryption in transit (TLS/SSL)

Passkey and OAuth authentication

Secure credential storage

Access controls and monitoring

11. Children

We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact

For privacy-related questions or to exercise your rights, contact us at contact@streamloop.app.

Privacy Policy

Last updated: March 21, 2026

This Privacy Policy explains how Streamloop ("we", "us", "our") collects, uses, and protects your personal information when you use our service at streamloop.app.

1. Data Controller

The data controller responsible for your personal data is Streamloop. For privacy inquiries, contact us at contact@streamloop.app.

2. Information We Collect

Information you provide

Account information: email address, display name, avatar

Authentication credentials: passkeys, OAuth tokens (Google)

Payment information: processed by Stripe (card payments) and third-party cryptocurrency processors — we do not store card numbers or wallet keys

Information collected automatically

Usage data: stream metadata (quality, duration, timestamps), credit balance and transaction history

Device information: IP address, browser type and version, operating system

Platform data: YouTube channel names, video metadata, viewership data when you connect a streaming platform

We do not set any cookies. Authentication is handled via secure session tokens.

3. Legal Basis for Processing (GDPR)

We process your data based on:

Contract performance: to provide the Service, manage your account, process billing

Legitimate interests: to improve the Service, detect fraud, ensure security

Consent: for optional features like marketing communications (you may withdraw at any time)

Legal obligation: to comply with applicable laws and regulations

4. How We Use Your Information

Provide the Service: run your streams, manage your account, process credit purchases

Billing: track credit usage, generate invoices, process top-ups

Communication: send account-related emails (verification, security alerts, billing receipts)

Security: detect fraud, prevent abuse, protect accounts

Improvement: analyze aggregate, anonymized usage patterns to improve the Service

5. Data Sharing

We do not sell your personal information. We share data with:

Stripe: to process card payments (PCI-DSS compliant)

Cryptocurrency processors: to process crypto payments

Hetzner: EU-based cloud infrastructure for hosting and running streams

Legal requirements: law enforcement when required by law, court order, or to protect our rights

6. Data Storage and Transfers

7. Data Retention

Account data: retained while your account is active

Usage records: retained for 12 months for billing and dispute resolution

Server logs: retained for 30 days for security and debugging

Account deletion: upon request, your data is deleted within 30 days, except where retention is required by law

8. Your Rights

GDPR Rights (EU/EEA residents)

You have the right to:

Access your personal data

Rectify inaccurate data

Erase your data ("right to be forgotten")

Restrict processing of your data

Data portability — receive your data in a structured, machine-readable format

Object to processing based on legitimate interests

Withdraw consent at any time for consent-based processing

Lodge a complaint with your local data protection authority

We respond to GDPR requests within 30 days.

CCPA Rights (California residents)

You have the right to:

Know what personal information we collect and how it is used

Request deletion of your personal information

Opt out of the sale of personal information — we do not sell personal data

Non-discrimination for exercising your rights

To exercise any of these rights, contact us at contact@streamloop.app.

9. YouTube and Google API

10. Security

We implement industry-standard security measures including:

Encryption in transit (TLS/SSL)

Passkey and OAuth authentication

Secure credential storage

Access controls and monitoring

11. Children

We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Changes to This Policy

13. Contact

For privacy-related questions or to exercise your rights, contact us at contact@streamloop.app.