Privacy Policy

This Privacy Policy (the “Policy”) applies to the YTFlare website at ytflare.com, its sub-domains, and all related tools, features, content, and services (collectively, the “Service”). It does not apply to third-party websites, applications, or services that we do not own or control, even when linked to or interacted with through the Service.

By using the Service, you acknowledge that you have read, understood, and agreed to this Policy. If you do not agree, please do not access or use the Service.

We collect personal data in three ways: information you provide, information collected automatically, and information from third parties.

a) Information you provide directly

• Account information — when you sign in via a third-party authentication provider (e.g., Google), we receive your name, email address, profile picture, and a unique user identifier.
• User Content — any input you submit to the Service, including YouTube links, video or channel IDs, keywords, prompts, and the outputs generated from your input (transcripts, summaries, analyses, scripts, etc.).
• Communications — if you contact us by email or any other channel, we keep a record of the correspondence and any information you choose to share.
• Payment information — if you purchase a paid plan, payment is processed by a third-party payment processor. We receive limited information such as a payment status, plan identifier, and the last four digits of your card; we do not store full payment-card numbers.

b) Information collected automatically

• Usage and device data — IP address, approximate geographical location derived from IP, browser type and version, device type, operating system, referrer URL, pages viewed, timestamps, and similar log data.
• Cookies and similar technologies — see Section 6 below.

c) Information from third parties

• From third-party authentication providers (e.g., Google), in accordance with the permissions you grant them.
• From infrastructure, security, and analytics providers we engage to operate the Service.

We do not intentionally collect special-category data (such as racial or ethnic origin, political opinions, religious beliefs, trade-union membership, health data, sexual orientation, or genetic or biometric data) and ask you not to submit such data via the Service.

We process your personal data for the following purposes:

• To provide, operate, and maintain the Service, including authenticating you, processing your inputs, and delivering tool outputs.
• To save your history (for example, per-video summaries, chats, notes, and other outputs) so you can revisit results across sessions.
• To secure, debug, monitor, and improve the Service, including detecting and preventing fraud, abuse, and security incidents.
• To communicate with you about your account, the Service, important changes, and (where permitted) product updates.
• To comply with our legal obligations and to establish, exercise, or defend legal claims.
• For analytics and aggregated insights about how the Service is used.
• With your consent, for any other purpose disclosed to you at the time we ask for it.

Where the General Data Protection Regulation (“GDPR”) or similar laws apply to your personal data, we rely on the following legal bases:

• Performance of a contract — to provide the Service you requested.
• Legitimate interests — to operate, secure, and improve the Service, prevent abuse, and pursue our business interests in a manner that does not override your fundamental rights and freedoms.
• Consent — where required by law (for example, for non-essential cookies in jurisdictions that require opt-in).
• Legal obligation — to comply with applicable law and enforce our rights.

Under the PDPA, we collect, use, and disclose personal data with your consent (deemed or express) where required, or under the exemptions provided by the PDPA.

We do not sell your personal data. We share personal data only in the limited circumstances described below.

a) Service providers and processors acting on our behalf, including (without limitation):

• Authentication — third-party identity providers (such as Google) that you use to sign in.
• Hosting and infrastructure — cloud, edge, and CDN platforms used to deliver the Service.
• Storage and database — managed database, object-storage, and backup providers.
• AI processing — large-language-model and AI providers that we use to generate AI Output. Your prompts, the related inputs, and the resulting outputs may be transmitted to these providers for processing.
• Analytics and product telemetry — providers that help us understand usage and improve the Service.
• Email and notifications — transactional email providers used to deliver account-related messages.
• Payment processing — third-party payment processors handling paid plans, where offered.
• Customer support and abuse handling — providers that help us answer your questions or address misuse.

We require our processors to handle personal data securely and only for the purposes we instruct.

b) Legal, regulatory, and protective disclosures — when we believe in good faith that disclosure is reasonably necessary to (i) comply with a law, regulation, court order, subpoena, or other legal process; (ii) enforce our Terms of Service or any other agreement; (iii) detect, prevent, or address fraud, security, or technical issues; or (iv) protect the rights, property, or safety of YTFlare, our users, or the public.

c) Business transfers — in connection with a merger, acquisition, financing, restructuring, bankruptcy, or sale of all or part of our assets, personal data may be transferred to the relevant counterparty, in each case subject to protections substantially similar to this Policy.

d) With your consent — for any other disclosure you specifically authorise.

A “cookie” is a small text file stored on your device when you visit a website. Similar technologies include local storage, session storage, and tracking pixels. We use cookies and similar technologies for the following purposes:

• Strictly necessary — required for the Service to function, including authentication, session management, security, and load balancing. These cannot be switched off without breaking core features.
• Functional — to remember preferences such as language selection, last-used locale, and UI state.
• Analytics (where used) — to help us understand how the Service is used so we can improve it. We aim to use providers that respect user privacy and avoid cross-site behavioural advertising.

We do not use cookies for third-party advertising or for cross-site behavioural tracking.

Most browsers allow you to manage cookies through their settings, including blocking or deleting them. Note that blocking strictly necessary cookies may prevent parts of the Service from working. For more information, see your browser’s help pages.

YTFlare is operated from Singapore. To deliver the Service, we and our processors may store and process personal data in jurisdictions outside your country of residence, including jurisdictions whose data-protection laws may differ from those in your country.

Where required by applicable law (including the PDPA and the GDPR), we put in place appropriate safeguards — such as standard contractual clauses or equivalent contractual protections — to provide a comparable level of protection for personal data transferred internationally.

By using the Service, you understand that your personal data may be transferred to, and processed in, jurisdictions outside your country of residence.

We retain personal data only for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Typical retention practices are:

• Account data — retained while your account is active and for a reasonable period after account closure for legal, audit, and security reasons.
• User Content / history — retained while your account is active; you may delete entries from your history through the Service. Deleted items are removed from active storage and may persist in encrypted backups for a limited retention window before being purged.
• Log and analytics data — retained for a limited period sufficient to operate, debug, and secure the Service.
• Transactional and tax records (where paid plans are offered) — retained for the period required by applicable accounting, tax, and anti-money-laundering laws.

You may request deletion of your account or personal data as described in Section 10.

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect personal data from unauthorised access, disclosure, alteration, or destruction. These measures include (without limitation) encryption in transit, access controls, principle of least privilege, secure development practices, and ongoing monitoring.

However, no method of transmission over the internet or storage of electronic data is fully secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for using the Service in a secure manner. If you believe your account has been compromised, please contact us immediately.

Subject to applicable law and certain exceptions, you may have some or all of the following rights regarding your personal data:

• Access — request confirmation that we process personal data about you and a copy of that data.
• Correction — ask us to correct inaccurate or incomplete personal data.
• Deletion / erasure — ask us to delete your personal data, subject to retention obligations and legitimate grounds to retain.
• Restriction — ask us to limit how we process your personal data while a request is being considered or where required.
• Portability — receive certain personal data you provided in a structured, commonly used, machine-readable format.
• Objection — object to processing carried out on the basis of our legitimate interests.
• Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.
• Lodge a complaint — with the Personal Data Protection Commission (PDPC) of Singapore, or with your local supervisory authority where applicable.

California residents: we do not “sell” personal information as that term is defined under the California Consumer Privacy Act (CCPA). Subject to the CCPA, you have the right to know, request deletion of, and limit certain uses of your personal information, and the right not to be discriminated against for exercising those rights.

To exercise any of these rights, please contact us using the details in Section 14. We may need to verify your identity before we can respond.

The Service is not intended for children under 13, and we do not knowingly collect personal data from children under 13. If you believe that we have inadvertently collected such data, please contact us so that we can delete it.

Users between 13 and 18 (or the age of legal majority in their jurisdiction) may use the Service only with the involvement and consent of a parent or legal guardian.

The Service may contain links to, or interact with, third-party websites, services, and platforms (including YouTube and Google) that we do not own or control. We are not responsible for the privacy practices, security, or content of those third parties; please review their privacy policies before providing them with personal data or relying on their services.

We may update this Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. The most current version will always be posted at ytflare.com/privacy, with the “Last updated” date at the top reflecting the latest revision.

Material changes will take effect upon posting, except where applicable law requires advance notice or your renewed consent. By continuing to use the Service after a revised Policy takes effect, you agree to be bound by it.

If you have questions about this Policy, want to exercise any of your rights, or wish to file a complaint, please contact us at [email protected].

This Policy is governed by the laws of Singapore, consistent with our Terms of Service. This Policy is originally drafted in English. Any translation is provided for convenience only; in case of any conflict or inconsistency between the English version and a translated version, the English version prevails.