BrokenTube Privacy Policy

Last Updated: May 17, 2026

BrokenTube ("we," "us," or "our") operates https://brokentube.com and related products (web app, Chrome extension, and APIs where enabled). This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and your choices. It should be read together with our Terms of Service.

1. Information We Collect

A. Account & profile data

  • Email/password signup: name (first name), email address, and password (stored as a secure hash; we never store plain-text passwords).
  • Google Sign-In: email address, and optionally profile picture URL. We may derive a display name from your email local-part when Google does not provide a separate name field.
  • Account settings: plan type, subscription status, preferences, notification settings, and optional profile photo uploads.
  • Two-factor authentication (2FA): if enabled, an encrypted TOTP secret and related security settings (we do not store your raw authenticator codes long-term).

B. YouTube & channel data (via Google OAuth)

  • When you connect a YouTube channel, we access data authorized through Google/YouTube APIs, which may include channel ID, channel name, subscriber/video counts, and public video metadata (titles, descriptions, tags, thumbnails, published dates, and URLs found in descriptions).
  • We use this data to run link scans, dashboards, reports, rank tracking, metadata tools, and—when you use write features—apply updates you request (e.g., bulk description or comment changes).
  • OAuth refresh tokens and sensitive credentials are encrypted at rest (Fernet) before storage.

C. Usage, scans & tool data

  • Scan jobs, results (link status, redirects, errors), audit outputs, AI tool inputs/outputs tied to your account, rank-tracker keywords, and export history.
  • Tool usage counters per billing month (e.g., scans, AI optimizer uses) to enforce plan limits.
  • Support tickets, feedback submissions, and in-app messages you send us.

D. Payment & billing data

  • Plan selected, amount, currency, transaction ID, payment status, coupon/partner license redemption, and billing email.
  • We do not store cryptocurrency private keys, full card numbers, or bank account credentials. Payments are processed by third parties (e.g., Cryptomus).

E. Technical & analytics data

  • IP address, browser type, device information, referring URLs, and log data for security and debugging.
  • Cookies and similar technologies (see Section 5).
  • Google Tag Manager and analytics events on our marketing pages and app flows.
  • Meta (Facebook) Pixel and Conversions API on permitted pages—for example PageView, and conversion events such as signup (Lead), pricing views, and checkout steps. Where enabled, we may send hashed or pseudonymous identifiers (e.g., email hash, external user ID) and attribution parameters (e.g., _fbc, _fbp) to improve ad measurement. You can control ad tracking via browser settings and platform opt-outs offered by Meta.

F. Chrome extension

If you use our official Chrome extension, it communicates with your logged-in BrokenTube session and supports video description Bulk Replace and single-video link fixes inside YouTube Studio. Comment scanning and replacement use the official YouTube API with your OAuth connection, not the extension. Do not use unofficial builds.

G. Public Free Tools

Tools at /free-tools may process URLs or text you submit without an account. We may log IP addresses and usage for abuse prevention and rate limiting.

H. Agency API & team data

Agency accounts may store API keys, team member invitations, and white-label report metadata. Team members' emails and roles are stored to manage shared access.

2. How We Use Your Information

  • Provide, maintain, and improve the Service (scans, reports, AI tools, billing, support).
  • Authenticate users, prevent fraud, enforce plan limits, and secure accounts (including 2FA).
  • Process payments and fulfill subscriptions or lifetime licenses.
  • Send transactional emails (verification, receipts, security alerts) and, where permitted, product updates.
  • Measure marketing performance and understand how visitors use our site (analytics and advertising pixels).
  • Comply with legal obligations and respond to lawful requests.

3. Google API Services — Limited Use (IMPORTANT)

BrokenTube's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

  • Use Google/YouTube data only to provide user-facing features you request (scanning, reporting, channel tools, and authorized updates).
  • Do not use Google/YouTube user data to develop, improve, or train generalized AI or machine learning models.
  • Do not sell Google/YouTube user data or transfer it to data brokers, advertisers, or unrelated third parties.
  • Limit human access to Google user data to support, security, or legal needs, with appropriate controls.

4. AI & Other Service Providers

To power AI and automation features, we may send content you submit or authorize (e.g., video titles, descriptions, tags, channel statistics, competitor public metadata) to subprocessors under contractual terms. These may include:

  • OpenRouter — AI Optimizer, Channel Audit, Video Audit tips, free generators, and Competitor Spy (models configured on our servers).

We do not send your Google account password, raw OAuth secrets, or 2FA seeds to these providers. We configure services to use your data for your requested output only, not for training public foundation models, where the provider offers such controls.

Distinction: YouTube/Google user data handled under Section 3 is separate from optional AI processing of video metadata you choose to analyze. We do not use YouTube data to train generalized models.

5. Cookies & Similar Technologies

We use cookies and local storage for:

  • Essential operation — login sessions, CSRF protection, security, and preference storage.
  • Analytics — Google Tag Manager / analytics tags to understand traffic and feature usage.
  • Advertising measurement — Meta Pixel cookies (e.g., _fbp) and click identifiers (e.g., _fbc from fbclid URL parameters) stored when you arrive from Meta ads.

You can block cookies in your browser; essential features may not work correctly if you disable required cookies.

6. How We Share Information

  • We do not sell your personal information.
  • Service providers — hosting, email delivery, payment processors (Cryptomus), AI providers (Section 4), analytics (Google, Meta), and customer-support tools—only as needed to operate the Service.
  • Legal & safety — if required by law, court order, or to protect rights, safety, and security.
  • Business transfers — in connection with a merger, acquisition, or asset sale, subject to confidentiality obligations.
  • With your direction — e.g., white-label PDFs you export to clients, or API calls you make with your keys.

7. Data Retention & Deletion

  • We retain personal data while your account is active and as needed for billing, security, and legal compliance.
  • You may delete your account in Settings → Account. After a confirmed deletion request, we delete or anonymize associated personal data, channel connections, scan history, and reports within 30 days, except where we must retain records for law, fraud prevention, or backup cycles.
  • Revoke YouTube/Google access anytime at Google Account permissions.
  • Marketing/analytics data in third-party platforms (Meta, Google) is subject to those providers' retention settings and your opt-out choices.

8. Security

We use industry-standard measures including HTTPS, password hashing (bcrypt), encryption of sensitive tokens (Fernet), access controls, and rate limiting. No method of transmission or storage is 100% secure; you use the Service at your own risk and should enable 2FA where available.

9. International Users

BrokenTube is operated from Bangladesh. If you access the Service from other regions, your data may be processed in Bangladesh and in countries where our subprocessors operate (e.g., United States for AI or cloud providers). By using the Service, you consent to such transfers where permitted by law.

10. Your Rights & Choices

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data, or to object to certain processing. To exercise these rights, contact us at the email below. We will respond within a reasonable time as required by applicable law.

11. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date will change when we do. Material changes may be communicated by email or in-app notice. Continued use after the effective date constitutes acceptance where permitted by law.

13. Contact Us

Privacy questions or data requests:

Email: [email protected]

Contact form: https://brokentube.com/contact