Privacy Policy
Last updated: July 4, 2026
Tubeboxd ("we", "us", "the service") lets you keep a diary of the YouTube videos you watch, rate them, review them, and share those reviews with friends. This policy explains what data we collect, why, and what you can do about it.
What we store
Account data. When you sign up with email + password we store your username, email, and a bcrypt hash of your password. When you sign in with Google we store your Google-issued subject id, your email, your name, and your profile picture URL.
YouTube data. If you connect your Google account for YouTube import, we store an encrypted OAuth refresh token so we can call the YouTube Data API on your behalf. We use it only to import the specific playlists you request (e.g. your Liked videos). We do not read your subscriptions, watch history, or comments.
Your content. Diary entries, ratings, reviews, favorites, watchlist entries, lists, and follows that you create. We render your reviews to other users on your public profile, on video pages, and on discovery pages.
API tokens. If you use the Chrome extension, we store the tokens you mint from /settings/extension, along with their name, expiry, and the time they were last used.
Server logs. Request method, path, response code, duration, and the IP address you connected from, retained for up to 30 days for abuse prevention.
What we do not store
- We do not track you across other websites.
- We do not use third-party analytics or advertising cookies.
- The Chrome extension reads the active tab URL only when you invoke it (click the toolbar icon or the "Log on Tubeboxd" button on a YouTube page). It never reads other tabs.
- We do not sell your data.
Cookies
We set one cookie, tbx_session, which holds your signed session JWT. It is HttpOnly, SameSite=Lax, and Secure in production. That's it.
How we share data
Public parts of your profile — username, display name, avatar, bio, public diary entries, public reviews, public lists, favorites, and watchlist — are visible to anyone who visits your profile URL. Private data (email, session token, API tokens, Google refresh token, IP addresses) is never shared with other users.
We use these subprocessors:
- Fly.io — hosting, based in the United States.
- Cloudflare — DNS and edge network, based in the United States.
- Google (YouTube Data API) — only invoked with your explicit OAuth grant, to fetch playlist metadata you asked us to import.
- Resend — transactional email delivery for verification and password reset.
- Sentry — server-side error monitoring.
We do not sell data to advertisers or data brokers.
Your rights
You can export everything we store about you as JSON at /settings/account. You can delete your account at the same URL — this cascades to every table (entries, videos-you-logged, lists, follows, favorites, watchlist, API tokens) and, for Google-linked accounts, revokes the OAuth grant at Google.
Security
Passwords are hashed with bcrypt. Sessions use signed JWTs with a rotating secret. Google refresh tokens are encrypted at rest. Rate limits protect the auth and token-mint endpoints against credential stuffing.
Children
Tubeboxd is not intended for children under 13. If you believe a child under 13 has created an account, email us and we will delete it.
Contact
Questions, deletion requests, or data-portability requests: gondil.tanay@gmail.com.
Changes
If we materially change how we handle data, we'll update this page and, for account holders, send a notice by email at least 14 days before the change takes effect.