Privacy Policy

Last Updated: November 24, 2025

1. Introduction

YouTube Popup Player ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Chrome extension.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address and Google OAuth profile when you sign up for premium features
• Payment Information: Processed securely through Stripe (we never store payment card details)
• License Keys: Generated and stored locally to manage premium features

2.2 Automatically Collected Information

• Usage Statistics: Number of popups opened, feature usage (stored locally only)
• Extension Settings: Your preferences and configuration (stored locally)
• Device Information: Browser version, extension version for support purposes

2.3 Ad Tracking Data (Free Users Only)

For free users, we display non-intrusive ads through Coinis to support the extension. The following ad-related data is collected:

• Ad Impressions: Number of times ads are displayed to you (tracked locally and synced with Coinis)
• Ad Clicks: Number of times you click on ads (tracked for revenue calculation)
• Ad Performance Metrics: Click-through rate (CTR) and estimated revenue (stored locally only)
• Ad Blocker Detection: Whether an ad blocker is detected (tracked for analytics)

Important Notes:

• Ad metrics are stored locally on your device using Chrome's storage API
• No personally identifiable information (PII) is collected or shared with ad networks
• Ad tracking applies only to free users - Premium users do not see ads and have no ad tracking
• You can view your ad statistics in the extension's Statistics tab
• Coinis may collect technical data (browser type, device type) for ad targeting - see Coinis Privacy Policy for details

2.4 Information We Do NOT Collect

• YouTube viewing history or video content
• Personal browsing data outside YouTube
• Search queries or recommendations
• Cookies or tracking identifiers (except authentication)

3. How We Use Your Information

We use collected information for:

• Service Delivery: Providing popup video functionality
• Premium Features: License validation and premium tier access
• Payment Processing: Subscription and billing management via Stripe
• Customer Support: Responding to inquiries and technical issues
• Service Improvement: Anonymous usage analytics (opt-in only)
• Legal Compliance: Fraud prevention and legal obligations

4. Data Storage and Security

4.1 Local Storage

Most data is stored locally in your browser using Chrome's storage API:

• Extension settings and preferences
• Usage statistics (if enabled)
• License keys (hashed)

4.2 Server Storage

Limited information stored on our secure servers:

• Account email and OAuth tokens (encrypted)
• Active subscription status
• License validation data

4.3 Security Measures

• HTTPS encryption for all data transmission
• Bcrypt password hashing (12 rounds)
• JWT token authentication with secure expiry
• License key encryption with AES-256
• Rate limiting on API endpoints
• Regular security audits

5. Data Sharing and Third Parties

5.1 Payment Processing

Stripe: We use Stripe for payment processing. Stripe handles all payment card information and is PCI-DSS compliant. We never see or store your payment card details.

Stripe Privacy Policy: https://stripe.com/privacy

5.2 Authentication

Google OAuth: We use Google OAuth for authentication. Google provides your email address and profile information. We do not access your Google Drive, Gmail, or other Google services.

Google Privacy Policy: https://policies.google.com/privacy

5.3 Ad Delivery (Free Users Only)

Coinis: We use Coinis for ad delivery to free users. Coinis serves non-intrusive ads and may collect technical data (browser type, device type) for ad targeting. Coinis does not receive personally identifiable information from us.

Coinis Privacy Policy: https://coinis.com/privacy

5.4 We Do NOT

• Sell your personal information
• Share data with advertisers
• Use third-party analytics trackers
• Provide data to data brokers

6. Your Rights and Choices

6.1 Data Access and Control

• Access: Request a copy of your data
• Correction: Update incorrect information
• Deletion: Request account and data deletion
• Export: Download your data in portable format
• Opt-Out: Disable analytics and statistics collection

6.2 Exercise Your Rights

Contact us at: privacy@ytpopupplayer.app

We will respond within 30 days of verified requests.

7. Data Retention

• Active Accounts: Data retained while subscription active
• Cancelled Accounts: Data deleted 30 days after cancellation
• Inactive Free Accounts: Data deleted after 12 months inactivity
• Legal Retention: Some data retained for legal compliance (7 years for financial records)

8. Children's Privacy

YouTube Popup Player is not intended for users under 13 years of age. We do not knowingly collect information from children under 13. If you believe we have collected information from a child under 13, contact us immediately.

9. International Data Transfers

Our servers are located in the United States. If you access our service from outside the US, your information will be transferred to and stored in the US. We ensure appropriate safeguards are in place for international data transfers.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via:

• Extension notification
• Email to registered users
• Updated date at top of this page

Continued use after changes constitutes acceptance of updated policy.

11. California Privacy Rights (CCPA)

California residents have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising CCPA rights

Note: We do NOT sell personal information.

12. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have rights under GDPR:

• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object
• Right to withdraw consent

13. Contact Us

Questions about this Privacy Policy or our privacy practices:

• Email: privacy@ytpopupplayer.app
• Support: support@ytpopupplayer.app
• Website: ytpopupplayer.app/support

Document Version: 1.1
Effective Date: January 19, 2025
Last Reviewed: November 24, 2025
Update Reason: Added ad tracking disclosure for Feature 007 (Coinis integration)