Privacy Policy

Last Updated: May 8, 2025

1. Introduction

Welcome to YouTube Video Summarizer ("we," "us," or "our"), operated by Osinity Pte Ltd. This Privacy Policy explains how we handle your information when you use our Chrome Extension, website for authentication and dashboard access (hosted on Netlify), and associated backend services (hosted on self-managed infrastructure, using n8n and NocoDB) (collectively, the "Service"). Our goal is to provide you with a useful tool while respecting your privacy.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2. Information We Handle

To provide the Service, we handle information in distinct ways:

2.1 Information Stored Locally by the Chrome Extension

• API Key: After you successfully sign up/log in via our website and receive your unique API key, the Chrome Extension stores this key using standard browser extension storage (chrome.storage.local) only on your computer. This key is necessary to authenticate your requests to our backend service. It is not sent anywhere until you click the "Summarize Current Video" button.

2.2 Information Collected During Website Sign-Up/Log-In (via Google)

When you visit our website [Link to your Netlify Sign-In Page, e.g., https://your-site.netlify.app/index.html] and choose to sign up or log in using your Google account, our backend service (n8n) receives the following from Google to create and manage your account:

• Your unique Google Account ID (Subject ID / sub)
• Your Email Address
• Your Name
• Confirmation if your email is verified by Google

This information is stored in our secure NocoDB database hosted on our self-managed infrastructure, linked to your internal User ID.

2.3 Information Sent from the Chrome Extension to Our Backend

When you click the "Summarize Current Video" button in the Chrome Extension, the following information is sent securely (via HTTPS) to our backend n8n webhook:

• Your API Key: Sent in an X-API-KEY HTTP header for authentication.
• YouTube Video URL: The URL of the video page currently open in your active browser tab, sent in the request body.

2.4 Information Processed by Our Backend Service (n8n/NocoDB)

Our backend service uses the information received from the extension and stored in our database to:

• Validate your API key against our NocoDB ApiKeys table to confirm your identity and active status.
• Retrieve your User ID associated with the validated API key.
• Look up your user details (email, plan type, usage limits) in our NocoDB Users table using your User ID.
• Check and update your daily summary usage count against your limit in the NocoDB Users table.
• Process the received YouTube Video URL to attempt transcript retrieval (potentially using third-party services like Apify).
• Send the retrieved transcript to our LLM provider (Google Gemini) to generate a summary.
• Send the generated summary via email to the email address stored for your User ID in our NocoDB Users table.
• Log operational events or errors for debugging and service improvement (potentially including User ID, timestamp, success/failure status).

2.5 Information Collected Via Feedback Form

If you use the feedback form (hosted directly via n8n), we collect the feedback type, message, and optionally your email address, as provided by you. This is stored in our NocoDB database.

3. How We Use Your Information (Summary)

In summary, we use your information strictly to:

• Authenticate you and provide the core summarization service.
• Manage your account and enforce usage limits based on your plan.
• Send you the requested summaries via email.
• Communicate with you regarding feedback or support.
• Operate, maintain, secure, and improve the Service.

4. Data Storage and Security

• Locally stored data (API key) is managed by your browser's extension storage.
• Backend data (Account info, API Keys, Usage, Feedback) is stored in our NocoDB database on self-managed infrastructure. Frontend pages are hosted on Netlify.
• We use HTTPS for data transmission and implement reasonable security measures for our backend systems.
• No method is 100% secure, but we take data protection seriously.

5. Data Sharing and Disclosure

We do not sell or rent your personal information.

We share data only as necessary with these service providers:

• Service Providers: We use third-party services to operate. This involves sharing necessary data:
  • LLM Provider (Google Gemini): Video transcripts (which do not contain your personal info) are sent to generate summaries. Governed by Google's AI/Cloud Privacy Policies.
  • Transcript/Data Extraction (Apify): YouTube URLs may be processed by Apify to attempt transcript retrieval. Governed by Apify's Privacy Policy.
  • Web Hosting Provider (Netlify): Hosts our web frontend (sign-in, dashboard pages). Governed by Netlify's Privacy Policy.
  • Email Service Provider ([Specify if using SendGrid, Mailgun, etc., or just basic SMTP]): Your email address and the summary content are processed to send you the email. Governed by their Privacy Policy (if applicable).
  These providers only access data needed for their function and are obligated to protect it.
• For Legal Reasons: If required by law, subpoena, or valid legal process.
• To Protect Rights: To investigate potential violations, fraud, security issues, or protect our rights or the safety of others.

6. Data Retention

We retain your account information and active API key as long as you use the Service or until you request deletion. Usage counters are reset periodically. Feedback is retained for service improvement. You can request deletion via jj@osinity.info, subject to legal obligations. We may retain some anonymized or aggregated data indefinitely.

7. Your Data Rights

You can view some information on the User Dashboard. Depending on your location, you may have rights to access, correct, update, or request deletion of your personal information. Contact jj@osinity.info for requests.

8. Use of Cookies and Local Storage

The Chrome Extension uses chrome.storage.local for the API key. Our website currently does not use significant tracking cookies.

9. Third-Party Services

Our service relies on:

• Google (Authentication via Google Sign-In, LLM via Gemini)
• Apify (Transcript/Data Extraction)
• Netlify (Web Hosting)
• Self-Managed NocoDB Infrastructure

Please review their respective privacy policies.

10. Children's Privacy

The Service is not for children under 13 (or relevant age). We do not knowingly collect their data.

11. Changes to This Privacy Policy

We may update this policy. Changes will be posted on [Link to where policy is hosted on your Netlify site, e.g., https://your-site.netlify.app/privacy-policy.html] with an updated "Last Updated" date. Continued use means acceptance.

12. Contact Us

Questions? Please contact us at:
jj@osinity.info