Privacy Policy

1. Data Controller

If you have any questions regarding this privacy policy or the processing of your personal data, you can contact us at the email address indicated above.

2. Personal Data Collected

2.1 Data Collected During Registration

You can create an account using email/password or via Google Sign-In:

Email/Password Registration:

• Name: to personalize your experience and identify you
• Email address: for account creation, authentication and communications
• Password: to secure access to your account (stored encrypted)
• Beatmaker name: your producer pseudonym, used in video creation

Google Sign-In Registration:

• Google ID: unique identifier to link your Google account
• Email address: retrieved from your Google account
• Profile information: name from your Google profile
• YouTube channel: channel ID and name for video publishing

Note: When using Google Sign-In, we also request YouTube permissions to enable automatic video publishing. No password is stored for Google-only accounts.

2.2 Data Collected During Service Use

• Video creation data: beatmaker name, beat name, type beat, purchase links
• Uploaded files: audio files and images used to create your videos
• Publishing preferences: YouTube publishing settings
• Video metadata: titles, descriptions, and hashtags

2.3 Technical Data

• IP address: for security and approximate geolocation
• Browsing data: pages visited, session duration, actions performed
• Device information: browser type, operating system, screen resolution
• Cookies and trackers: see our Cookie Policy

2.4 Payment Data

• Transaction data: amount, date, payment status
• Stripe identifier: for subscription and payment management

Note: Credit card data is processed directly by our payment provider Stripe and is never stored on our servers.

3. Processing Purposes

4. Data Recipients

4.1 Internal Recipients

Your personal data is accessible to members of our team who need it to perform their duties, including technical teams, customer support and administration.

4.2 External Service Providers

• Hosting provider: First Heberg - application and data hosting
• Google: authentication (Google Sign-In) and YouTube video publishing
• Stripe: payment processing and subscription management
• Cloud storage services: secure storage of video and audio files
• Analytics services: audience measurement and service improvement

All our service providers are carefully selected and contractually commit to respecting the confidentiality and security of your personal data.

4.3 Public Authorities

We may be required to communicate your personal data to competent public authorities, only in cases provided for by law or upon judicial request.

5. International Transfers

Some of our service providers may be located outside the European Union. In this case, we ensure that appropriate safeguards are in place to protect your data:

• European Commission adequacy decisions
• Standard contractual clauses approved by the European Commission
• Appropriate certifications and codes of conduct

6. Retention Period

7. Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data:

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: All data is encrypted in transit (HTTPS) and at rest
• Authentication: Secure access by password
• Access control: Access limited to authorized persons only
• Monitoring: Continuous monitoring of access and suspicious activities
• Backups: Regular and secure backups of your data

9. Cookies and Trackers

Our site uses cookies and other trackers to improve your user experience and analyze site usage. For more information, see our Cookie Policy.

10. Google and YouTube API Integration

Our service uses Google OAuth for authentication and YouTube API Services to publish videos on your YouTube channel.

10.1 Google Authentication

When you sign up or sign in with Google, we request the following permissions:

• OpenID: to verify your identity
• Email: to retrieve your email address for account identification
• Profile: to retrieve your name and profile information
• YouTube Upload: to publish videos on your behalf
• YouTube Read-only: to retrieve your channel information

10.2 Data Accessed and Stored

• Basic information from your Google account (name, email address, Google ID)
• Your YouTube channel ID and channel name
• OAuth tokens (access and refresh tokens) to act on your behalf

10.3 How We Use This Access

• We use Google authentication to create and manage your TypeFlick account
• We use YouTube access solely to upload videos that you create via TypeFlick to your YouTube channel
• We do not store your Google password - only OAuth tokens to act on your behalf
• We store your YouTube channel ID and name to identify your channel for uploads
• OAuth tokens are automatically refreshed when they expire
• We do not access your existing videos, analytics, or any other YouTube data
• We do not share your Google or YouTube data with third parties

10.4 Revoking Access

You can revoke TypeFlick's access to your YouTube account at any time by visiting: https://security.google.com/settings/security/permissions

10.5 YouTube Terms and Google Privacy

By using TypeFlick, you agree to be bound by the following:

• YouTube Terms of Service
• Google Privacy Policy

11. Modifications to This Policy

We may modify this privacy policy to reflect changes in our practices or for operational, legal or regulatory reasons.

Any significant modification will be notified to you by email or by a visible notice on our site. We encourage you to regularly consult this page to stay informed of our practices.

12. Complaints

If you believe that the processing of your personal data constitutes a violation of the GDPR, you have the right to lodge a complaint with the competent supervisory authority: