Back to Home

Privacy Policy

Last Updated: March 17, 2026

1. Introduction

StreamBuddy ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our multi-platform live stream assistant service ("Service").

By using StreamBuddy, you consent to the data practices described in this policy. If you do not agree with this policy, please discontinue use of the Service.

2. Information We Collect

2.1 Information You Provide

When you authenticate with StreamBuddy, we collect:

  • OAuth Authentication Data: Platform user IDs, usernames, display names, email addresses (if provided by the platform)
  • Platform Tokens: OAuth access tokens and refresh tokens to access platform APIs on your behalf
  • Configuration Settings: Your TTS preferences, overlay configurations, safety filter settings, and other customization options

2.2 Automatically Collected Information

When you use StreamBuddy, we automatically collect the following:

  • Stream Event Data: Chat messages, gifts, follows, subscriptions, likes, channel point redemptions, and other platform events from your connected streams
  • Usage Analytics: Features used, session duration, connection status, latency metrics, and error logs
  • Device Information: Browser type, operating system, IP address, and approximate geographic location
  • Performance Data: WebSocket connection metrics, TTS processing times, and overlay rendering performance

2.3 Third-Party Platform Data

StreamBuddy integrates with TikTok and Twitch. We access only the data you explicitly authorize via OAuth, which may include:

  • TikTok: User profile, live stream events, viewer interactions, gift data
  • Twitch: User profile, chat messages, subscriptions, bits, channel points, follower data, viewer counts

We do not collect data from platforms you have not explicitly connected.

3. How We Use Your Information

We use collected information for the following purposes:

  • Service Provision: To authenticate you, connect to your streaming platforms, process events, generate TTS audio, display overlays, and provide core functionality
  • Personalization: To save your settings, preferences, and configurations across sessions
  • Analytics & Improvement: To analyze usage patterns, identify bugs, optimize performance, and develop new features
  • Safety & Moderation: To apply profanity filters, detect abuse, and maintain service integrity
  • Communications: To send service notifications, feature updates, and respond to support requests
  • Legal Compliance: To comply with legal obligations, enforce our Terms of Service, and protect our rights

4. Data Storage & Security

4.1 Storage Infrastructure

Your data is stored in:

  • SurrealDB: User accounts, platform connections, configuration settings, and stream statistics
  • Session Storage: Authentication tokens and temporary session data (encrypted at rest)
  • In-Memory Processing: Stream events and TTS audio are processed in-memory and not permanently stored unless configured

4.2 Security Measures

We implement industry-standard security practices:

  • Encryption: All data in transit is encrypted using TLS/SSL. Sensitive data at rest is encrypted using industry-standard algorithms
  • Access Control: Database access is restricted to authorized personnel and secured with strong authentication
  • Token Management: OAuth tokens are securely stored and automatically refreshed. Tokens are never exposed to client-side code
  • Regular Audits: We conduct security reviews and update dependencies to address vulnerabilities

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

4.3 Data Retention

We retain your data as follows:

  • Account Data: Retained while your account is active and for up to 90 days after account deletion
  • Stream Events: Live events are processed in-memory and not stored unless explicitly saved by configuration (e.g., leaderboards)
  • Logs & Analytics: Aggregated and anonymized for up to 12 months for debugging and improvement purposes
  • Legal Requirements: We may retain certain data longer if required by law or to resolve disputes

5. Data Sharing & Disclosure

We do not sell your personal information. We may share your data in the following limited circumstances:

  • Platform Providers: We transmit necessary data to TikTok and Twitch APIs to enable platform integrations (e.g., authenticating, fetching stream events)
  • Service Providers: Third-party infrastructure providers (hosting, databases, analytics) who are contractually obligated to protect your data
  • Legal Obligations: If required by law, subpoena, or to protect our legal rights
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred (you will be notified)
  • With Your Consent: We may share data with other parties when you explicitly authorize us to do so

6. Your Privacy Rights

Depending on your location, you may have the following rights:

6.1 Access & Portability

You have the right to access your personal data and receive a copy in a structured, machine-readable format. Contact us to request your data.

6.2 Correction & Update

You can update most of your data directly through the StreamBuddy dashboard. For corrections not available in the UI, contact us.

6.3 Deletion

You may request deletion of your account and associated data at any time. Some data may be retained for legal or operational purposes as described in Section 4.3.

6.4 Opt-Out & Consent Withdrawal

You may disconnect platform integrations or delete your account at any time to withdraw consent for data processing. This will terminate Service access.

6.5 Do Not Track

Our Service does not respond to browser Do Not Track signals. You may disable analytics by disconnecting your account.

6.6 Exercising Your Rights

To exercise any of these rights, contact us at privacy@streambuddy.xyz. We will respond within 30 days.

7. Cookies & Tracking Technologies

StreamBuddy uses the following technologies:

  • Session Cookies: Essential cookies for authentication (better-auth session tokens). These cannot be disabled without losing functionality.
  • Local Storage: Browser local storage for UI preferences and temporary state
  • WebSockets: Real-time connections for stream event processing (no persistent tracking)

We do not use third-party advertising cookies or cross-site tracking.

8. Third-Party Services & Links

StreamBuddy integrates with third-party platforms (TikTok, Twitch) whose privacy practices are governed by their own policies:

We are not responsible for the privacy practices of these third-party services. Please review their policies independently.

9. Children's Privacy

StreamBuddy is not intended for users under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately, and we will delete it.

10. International Data Transfers

StreamBuddy may process data in jurisdictions outside your country of residence. By using the Service, you consent to the transfer of your data to these locations. We take steps to ensure adequate data protection in compliance with applicable laws (e.g., GDPR, CCPA).

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you within 72 hours via email or in-app notification, as required by applicable law. We will also notify relevant authorities as necessary.

12. Beta Program Notice

StreamBuddy is currently in Closed Beta. During this phase:

  • Data practices may evolve as we develop new features
  • User data may be reset or deleted without notice as part of testing
  • We may collect additional diagnostic data to improve the Service
  • This Privacy Policy may be updated more frequently than in production

Material changes will be communicated via email or in-app notification.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top will reflect the most recent revision. Material changes will be communicated via:

  • Email notification to your registered address
  • In-app banner or notification
  • Announcement on our website or social media

Continued use of the Service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

General Inquiries

support@streambuddy.xyz

Privacy & Data Protection

privacy@streambuddy.xyz

Data Deletion Requests

delete@streambuddy.xyz

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or shared
  • Right to opt-out of the sale of personal information
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

We do not sell your personal information to third parties.

16. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation:

  • Right to access, rectify, or erase your data
  • Right to restrict or object to data processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your supervisory authority

Our legal basis for processing your data is your consent via OAuth authentication and our legitimate interest in providing the Service.

By using StreamBuddy, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. For more information about our terms of service, please see our Terms of Service.