Privacy Policy

1. Who We Are

Plusev operates StreamSync. In this Privacy Policy, "StreamSync," "we," "us," and "our" refer to Plusev, StreamSync, and our related companies and affiliates that provide or support the service.

For privacy questions, deletion requests, or other data rights requests, contact us using the email address listed at the end of this policy.

2. Scope of This Policy

This policy applies to personal information we collect through StreamSync websites, applications, dashboards, APIs, authentication flows, support channels, and media services that link to this policy.

This policy does not apply to third-party services that we do not own or control, including streaming platforms, social networks, identity providers, payment processors, analytics providers, hosting providers, or custom destinations that you configure. Those services process information under their own terms and privacy policies.

If you use StreamSync on behalf of an organization, workspace, team, client, or other entity, that organization may control certain data associated with your account or workspace. You are responsible for ensuring that you have authority to provide personal information, streaming content, credentials, and configuration to StreamSync.

3. Definitions

• Personal information means information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be linked to an individual or household.
• User Content means live streams, media feeds, files, text, metadata, names, labels, destination configuration, chat or message content, and other materials you submit, transmit, route, display, or process through StreamSync.
• Usage Data means information generated by your access to or use of StreamSync, including logs, diagnostics, metrics, request metadata, timestamps, device data, and similar operational data.
• Connected Services means third-party accounts, platforms, APIs, or destinations you connect to StreamSync, such as Google, Twitch, YouTube, X, custom RTMP destinations, or other streaming platforms.

4. Information You Provide to Us

We collect information you provide directly when you create an account, authenticate, configure streams, connect services, contact support, provide feedback, or otherwise use StreamSync.

• Account information, such as name, email address, profile image, login provider, verified email status, tenant or workspace membership, roles, and account preferences.
• Authentication information, such as login method, session data, one-time password challenge metadata, OAuth account link records, and security events. We do not intentionally store plaintext account passwords for StreamSync authentication.
• Workspace and organization information, such as tenant names, slugs, members, roles, client or organization names, and settings.
• Streaming configuration, such as program names, source names, ingest usernames, hashed ingest secrets, media server paths, destination labels, encrypted stream keys, encrypted output URLs, public watch URLs, and routing settings.
• Connected account information, such as provider identifiers, provider email addresses, usernames, display names, profile images, granted OAuth scopes, token status, token expiration, revocation status, and similar account metadata.
• Communications, such as support requests, feedback, messages, issue reports, survey responses, and any other information you send to us.
• Billing and commercial information if paid plans are offered, such as plan selections, billing contact details, invoices, payment status, transaction identifiers, tax information, usage quantities, and subscription status. Payment card details are generally processed by payment processors and not stored by StreamSync unless expressly stated.

5. Information Collected Automatically

When you access or use StreamSync, we and our service providers may automatically collect technical and usage information needed to operate, secure, debug, and improve the service.

• Device and browser data, such as IP address, device type, operating system, browser type, browser language, screen size, referring pages, and approximate location derived from IP address.
• Usage Data, such as pages viewed, buttons clicked, features used, access times, request URLs, response status codes, latency, errors, crash information, and diagnostic events.
• Media and stream operations data, such as ingest protocol, media server ID, source ID, connection ID, authentication decision, remote address, connect and disconnect times, bitrate or stream health metrics where available, and routing or destination status.
• Cookie and local storage data used for sessions, preferences, theme settings, security, anti-abuse, analytics, and service functionality.

6. Information From Connected Services

If you connect a third-party account or destination, we receive information authorized by that service and by the permissions you grant. The exact information depends on the service, your settings, and the scopes or permissions requested.

• Google or other identity provider data may include account identifiers, email address, email verification status, profile information, and authentication metadata.
• Twitch data may include Twitch user ID, login, display name, email metadata, profile image, granted scopes, access tokens, refresh tokens, token expiration, validation status, and revocation status.
• YouTube, Twitch, X, custom RTMP, or other destination data may include destination names, public URLs, stream keys, ingest URLs, account metadata, channel identifiers, and status information needed to route or monitor streams.
• If a connected platform provides chat, metrics, moderation, channel, or event data in a future feature, we may process that data to provide the feature you enable.

7. Google API Services and Limited Use

If StreamSync uses Google API Services, our use and transfer of information received from Google APIs will comply with the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide and improve user-facing features you request, maintain security, comply with law, or as otherwise permitted by the Google API Services User Data Policy.

You may revoke StreamSync access to Google account data through your Google account settings. Revocation may disable features that depend on that connection.

8. Twitch and Other Platform Connections

If you connect Twitch or another streaming platform, you authorize StreamSync to use the connection to provide the features you enable, such as account linking, token validation, token refresh, destination configuration, stream forwarding, chat or metrics integrations, and disconnection or revocation when requested or required.

You may revoke access through the connected platform settings where available. Revocation may disable related StreamSync features and may not remove data already processed under this policy.

9. Live Media and User Content

StreamSync is a streaming control plane. We may receive, relay, route, authorize, preview, transform, or forward live media and related metadata as necessary to provide the service. Unless a feature expressly states otherwise, StreamSync does not intend to store recordings of your live stream content by default.

We may store configuration, stream session records, logs, diagnostics, short-lived buffers, thumbnails, previews, or other operational data where necessary to provide, secure, debug, or improve the service. If future features add recording, replay, chat persistence, clips, or long-term storage, those features may have additional disclosures or settings.

10. How We Use Information

We use personal information for the purposes described below and as otherwise described when information is collected.

• Provide, operate, maintain, and improve StreamSync, including account creation, authentication, media ingest, preview, playback, routing, destination forwarding, connected account linking, media server authorization, and dashboard features.
• Authenticate users, issue and validate sessions, process one-time login codes, detect suspicious activity, prevent unauthorized use, and protect accounts, credentials, stream keys, and infrastructure.
• Store, display, process, encrypt, decrypt, rotate, validate, refresh, revoke, and otherwise manage configuration and credentials you choose to use with StreamSync.
• Monitor service health, debug errors, analyze latency, measure performance, maintain reliability, support capacity planning, and improve user experience.
• Provide support, respond to requests, send service notices, send security messages, send login codes, provide administrative messages, and communicate about policy or product changes.
• Create aggregated, anonymized, or de-identified data that does not reasonably identify you and use it for analytics, research, product improvement, security, and business operations.
• Enforce our Terms of Service, prevent fraud and abuse, comply with legal obligations, respond to legal process, resolve disputes, and protect rights, safety, property, users, and the public.
• Send marketing communications where permitted by law and consistent with your preferences. You may opt out of marketing emails, but we may still send transactional or service-related messages.

11. Legal Bases for Processing

If laws such as the GDPR or UK GDPR apply, our legal bases for processing personal information may include performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of vital interests where applicable.

• Contract, when processing is necessary to provide StreamSync, authenticate you, operate workspaces, process support requests, or provide paid features.
• Legitimate interests, such as securing the service, preventing fraud, improving products, maintaining reliability, communicating with users, and protecting rights and property.
• Consent, where you authorize optional connected services, marketing communications, cookies where required, or other optional processing.
• Legal obligation, where processing is necessary to comply with law, legal process, tax obligations, accounting rules, sanctions, or regulatory requirements.

12. How We Share Information

We do not share personal information except as described in this policy, with your direction or consent, or as required or permitted by law.

• Related companies and affiliates. We may share information with Plusev related companies, affiliates, or common-control entities for purposes consistent with this policy.
• Service providers and subprocessors. We may share information with vendors that provide hosting, databases, infrastructure, media transport, email delivery, authentication, observability, security, support, analytics, payments, customer communications, and similar services.
• Connected Services. We share information with third-party platforms and destinations you connect or configure, such as Google, Twitch, YouTube, X, custom RTMP endpoints, or other streaming services, as necessary to provide the feature you request.
• Other users or workspace members. Information may be visible to users in the same workspace or to people with access to public watch pages, preview links, embed links, overlays, shared destinations, or other sharing features you enable.
• Professional advisors. We may share information with attorneys, accountants, auditors, insurers, banks, and other professional advisors in connection with the services they provide to us.
• Legal, safety, and enforcement. We may disclose information if we believe it is necessary to comply with law, respond to legal process, enforce our terms, prevent abuse, investigate security incidents, protect rights or safety, or respond to lawful requests from authorities.
• Business transfers. We may disclose or transfer information in connection with an actual or proposed merger, acquisition, financing, restructuring, bankruptcy, sale of assets, or similar corporate transaction.
• Consent or instructions. We may share information with others when you direct us to do so, consent to the sharing, or configure the service to make information available.

13. Service Providers and Subprocessors

StreamSync may use third-party service providers to operate and support the service. Depending on deployment and configuration, providers may include hosting and deployment platforms, email providers, authentication and OAuth providers, media infrastructure, observability providers, payment processors, and support tools.

We require service providers to process personal information only for authorized purposes and to use reasonable confidentiality and security measures. Provider names and exact deployment details may change as the service evolves.

14. Cookies and Similar Technologies

We use cookies, local storage, pixels, logs, and similar technologies to operate StreamSync, keep you signed in, remember preferences, protect sessions, prevent fraud, measure usage, and improve the service.

• Essential cookies are required for authentication, session management, security, and core functionality.
• Preference cookies or local storage may remember settings such as theme, interface state, and other user choices.
• Analytics or performance technologies may help us understand usage, diagnose errors, and improve reliability where enabled.
• You can configure your browser to block or delete cookies, but some StreamSync features may not function correctly without them.

15. No Sale of Personal Information

We do not sell personal information. We do not share personal information for cross-context behavioral advertising unless we provide any legally required notice and opt-out rights. We do not use your stream content, connected account credentials, OAuth tokens, or stream keys for third-party advertising.

16. AI Model Training

StreamSync is not currently designed as an AI training product. We do not intentionally use your live stream content, stream keys, credentials, OAuth tokens, or connected account content to train third-party AI models. If we introduce AI features that process your content, we will provide appropriate disclosures and controls where required.

17. Retention

We retain personal information for as long as reasonably necessary for the purposes described in this policy, including providing StreamSync, maintaining security, complying with law, resolving disputes, enforcing agreements, and maintaining business records.

• Account and workspace information is generally retained while your account or workspace remains active and for a reasonable period afterward.
• Credentials, stream keys, OAuth tokens, and destination secrets are retained while needed for the features you enable and may be deleted, rotated, revoked, or disabled when you remove the related feature or account.
• Operational logs, diagnostics, stream session records, metrics, and security records may be retained for limited periods based on security, debugging, reliability, legal, and business needs.
• Backups may retain information for a limited period after deletion from active systems. We may not be able to isolate and delete specific information from backups immediately, but backups are protected and expire according to retention practices.
• We may retain information longer where required by law, needed to prevent fraud or abuse, necessary to resolve disputes, or required to enforce agreements.

18. Deletion and Account Closure

You may request deletion of your account or personal information by contacting us. We may need to verify your identity and authority before fulfilling a request. Deleting an account may disable access to programs, sources, destinations, watch pages, overlays, connected accounts, and related configuration.

Some information may be retained where necessary for legal compliance, security, fraud prevention, backups, dispute resolution, or legitimate business records. Deletion from connected third-party platforms must be requested from those platforms directly unless StreamSync provides a specific deletion control for that integration.

19. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. For example, StreamSync stores ingest secrets as hashes and stores supported OAuth tokens and stream credentials in encrypted form. We also use access controls, environment-based secrets, transport security where appropriate, and operational monitoring.

No method of transmission or storage is completely secure. You are responsible for protecting your account credentials, devices, stream keys, ingest credentials, destination credentials, and any public or shared links you create.

20. International Processing

StreamSync may process information in the United States and other countries where we, our related companies, affiliates, service providers, or connected platforms operate. These countries may have privacy laws that differ from those in your jurisdiction.

Where required, we use appropriate safeguards for international transfers, such as standard contractual clauses, adequacy decisions, consent, contract necessity, or other lawful transfer mechanisms.

21. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or port certain personal information. You may also have the right to withdraw consent, opt out of marketing, opt out of certain sharing, or appeal a denied request.

To exercise rights, contact us at the email below. We may ask for information needed to verify your identity, authority, and jurisdiction. We will not discriminate against you for exercising legally protected privacy rights.

22. EEA, UK, and Swiss Privacy Rights

If you are located in the European Economic Area, United Kingdom, or Switzerland, you may have rights under applicable data protection laws, including access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. You may also have the right to lodge a complaint with your local supervisory authority.

Where StreamSync processes personal information on behalf of an organization customer, that organization may be the controller and StreamSync may be a processor. In that case, you may need to direct certain requests to the organization that controls the workspace.

23. California and Other U.S. State Privacy Rights

Residents of California and other U.S. states may have rights to know, access, correct, delete, obtain a copy of, and opt out of certain processing of personal information. California residents may also have the right to limit use of sensitive personal information where applicable and to opt out of sale or sharing as defined by California law.

We do not sell personal information. If we ever engage in activity considered a sale or sharing under applicable privacy law, we will provide required notices and opt-out mechanisms. Authorized agents may submit requests where permitted by law, subject to verification requirements.

24. Marketing Communications

You may opt out of marketing emails by using the unsubscribe link in those emails or by contacting us. Even if you opt out of marketing, we may still send transactional, service, security, legal, and administrative messages.

25. Children

StreamSync is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information to StreamSync, contact us so we can take appropriate action.

If a higher age threshold applies in your jurisdiction, you may use StreamSync only if you meet that threshold or have appropriate parent or guardian consent.

26. Do Not Track

Some browsers offer Do Not Track signals. There is no common industry standard for responding to these signals, and StreamSync does not currently respond to Do Not Track signals. We will honor legally required opt-out preference signals where applicable and technically feasible.

27. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the date above and post the revised policy on this page. If changes are material, we may provide additional notice through the service, by email, or by other appropriate means.

Your continued use of StreamSync after the updated policy becomes effective means that you acknowledge the updated policy to the extent permitted by law.

28. Contact

Questions, privacy requests, and deletion requests can be sent to support@streamsync.studio.