Privacy Policy

Last updated: May 19, 2026

Introduction

Youfiliate (“we,” “us,” or “our”) operates the website youfiliate.com, the smart link redirect service at youfil.to, and the Youfiliate application (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our Service.

Youfiliate is operated from Portugal, within the European Union. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

By using our Service, you acknowledge that you have read and understood this Privacy Policy.

YouTube API Services

Youfiliate uses YouTube API Services to provide the YouTube account connection, channel data retrieval, and Auto-Migration features. By using any feature of the Service that interacts with YouTube, you acknowledge and agree to be bound by the YouTube Terms of Service and the Google Privacy Policy.

You can revoke Youfiliate’s access to your Google/YouTube account at any time by visiting https://myaccount.google.com/connections?filters=3,4&hl=en and removing Youfiliate from the list of connected apps, or by clicking Disconnect in your Youfiliate Settings. Details on how we store, use, and delete data obtained from YouTube API Services are described in the sections below — see “YouTube Channel Data,” “Data Retention,” and “Revoking Access and Deleting Your YouTube Data.”

Data Controller

Youfiliate Lisbon, Portugal Contact: andrew@youfiliate.com

What Data We Collect

Account Data

When you create an account, we collect:

Email address
Password (stored in hashed form; we never store or have access to your plaintext password)
Name (if provided)

If you sign in via Google OAuth, we receive your email address and name from Google. We do not receive or store your Google password.

Payment Data

When you subscribe to a paid plan, payment is processed by Stripe, Inc. We do not store your credit card number, CVC, or full payment details on our servers. Stripe handles all payment processing in compliance with PCI-DSS standards. We receive and store:

Stripe customer ID
Subscription status and plan type
Billing email
Last four digits of your payment method (for display purposes)

For more information, see Stripe’s Privacy Policy.

Smart Link Click Data

When someone clicks a smart link (youfil.to), we collect the following data about the click:

Country — determined from the Cloudflare CF-IPCountry HTTP header or MaxMind GeoLite2 database lookup. Used for geo-routing and analytics.
Device type, operating system, and browser — parsed from the User-Agent header. Used for deep linking and analytics.
Referrer domain — the domain the click originated from (e.g., youtube.com). Used for analytics.
IP address hash — we hash IP addresses with a daily rotating salt. We never store raw IP addresses. The hash is used for approximate unique visitor counting and cannot be reversed to identify individuals.
Timestamp — when the click occurred.

Click data is associated with the smart link, not with any identifiable end user. We do not use cookies, fingerprinting, or cross-site tracking on the youfil.to redirect service.

YouTube Channel Data

If you use the YouTube Auto-Migration feature, you authorize us to access your YouTube account via OAuth (the YouTube Data API v3). This grants us access to:

Your channel name and ID
Video titles and descriptions (to identify affiliate links)
The ability to update video descriptions (to replace affiliate links with smart links)

We access YouTube data only when you explicitly initiate a migration. We store:

Your YouTube OAuth access token and refresh token, encrypted at rest, used solely to perform the actions you have authorized
Video titles and descriptions (to enable preview and rollback)
Original descriptions, backed up so you can restore them at any time

We do not use YouTube data for advertising, train any machine-learning models on it, sell it, or share it with third parties beyond the service providers listed in “Who We Share Data With” below.

You can disconnect your YouTube account at any time from the Settings page or from your Google Account — see “Revoking Access and Deleting Your YouTube Data” below.

Affiliate Tag Data

If you save Amazon affiliate tags in your settings, we store your per-country affiliate tags so they can be automatically applied when creating smart links.

Usage Data

We automatically collect certain information when you use our Service:

Browser type and version
Pages visited and features used
Date and time of access
Referring URL

We use Plausible Analytics on our landing page, which is privacy-focused and does not use cookies or collect personal data.

Cookies

We use essential cookies required for the Service to function (e.g., session authentication via JWT tokens stored in localStorage). We do not use third-party tracking cookies in the application.

How We Use Your Data

We use your personal data for the following purposes:

To provide the Service — creating and managing your account, processing subscriptions, creating and managing smart links, performing geo-routing, recording click analytics, and executing YouTube migrations.
To process payments — managing billing and subscriptions through Stripe.
To communicate with you — sending transactional emails (account confirmations, password resets, billing notifications) via SendGrid.
To send marketing communications — with your explicit consent, sending product updates, tips, and newsletters. You can unsubscribe at any time.
To improve the Service — analyzing usage patterns to improve features and user experience.
To ensure security — detecting and preventing fraud, abuse, and unauthorized access.
To monitor link health — periodically checking destination URLs for availability and reporting broken links.

We process your personal data based on the following legal grounds:

Contract performance — processing necessary to provide you the Service you signed up for (account data, payment data, smart link creation, click routing, YouTube migration).
Consent — for marketing emails, YouTube OAuth access, and non-essential cookies. You may withdraw consent at any time.
Legitimate interest — for usage analytics, security, click analytics on smart links, and Service improvement, where our interests do not override your rights.

We share personal data only with the following categories of service providers, who act as data processors on our behalf:

Provider	Purpose	Data Shared
Stripe	Payment processing	Email, payment method details
SendGrid	Transactional and marketing email	Email address, name
Render	Application hosting	Data stored in our database
Cloudflare	CDN, DNS, and geo-IP resolution	IP address (for geo-routing), request data
MaxMind	GeoIP database (fallback)	IP address (processed locally, not sent to MaxMind)
Google/YouTube (Privacy Policy)	YouTube Data API services (account connection, channel data, description updates)	YouTube OAuth tokens, video titles and descriptions, channel name and ID
Vercel	Landing page hosting	IP address, usage data

We do not sell your personal data to third parties. We may disclose data if required by law or to protect our legal rights.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

Account data — retained until you delete your account.
Payment data — retained as required for tax and legal obligations (typically 7 years for financial records).
Smart link click data — retained for up to 12 months, then automatically deleted. IP hashes use daily rotating salts and cannot be correlated across days.
YouTube OAuth tokens — retained only while your YouTube connection is active and used solely for purposes consistent with the consent you granted. Tokens are deleted immediately when you click Disconnect in Youfiliate or remove Youfiliate’s access from your Google Account at https://myaccount.google.com/connections?filters=3,4&hl=en, and are deleted automatically after 90 days of inactivity. On disconnect, we also call Google’s token revocation endpoint to invalidate the token at the source.
YouTube description backups — retained as long as the associated migration exists, to support rollback. Deleted within 30 days of account deletion or on request.
Usage data — retained for up to 24 months, then anonymized or deleted.
Marketing consent records — retained as long as consent is active, plus a reasonable period after withdrawal for record-keeping.

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

Under the GDPR, you have the following rights:

Access — request a copy of the personal data we hold about you.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your data (“right to be forgotten”).
Restriction — request that we limit processing of your data.
Portability — request your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interest.
Withdraw consent — withdraw consent for marketing emails, YouTube OAuth access, or cookies at any time.

To exercise any of these rights, contact us at andrew@youfiliate.com. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority. In Portugal, this is the Comissao Nacional de Protecao de Dados (CNPD) at www.cnpd.pt.

Revoking Access and Deleting Your YouTube Data

You can revoke Youfiliate’s access to your YouTube account and request deletion of any YouTube data we have stored at any time, using either of the following methods:

Inside Youfiliate. Go to Settings → YouTube Connection and click Disconnect. This immediately:
- Calls Google’s OAuth token revocation endpoint (https://oauth2.googleapis.com/revoke) to invalidate the token at Google.
- Deletes the encrypted OAuth access and refresh tokens from our database.
- Stops all future YouTube API calls on your behalf.
From your Google Account. Visit https://myaccount.google.com/connections?filters=3,4&hl=en, select Youfiliate, and click Remove access. This revokes our token at Google. Youfiliate will detect the revoked token on its next use and delete the local record.

In addition, OAuth tokens belonging to inactive accounts are automatically revoked at Google and deleted from our database after 90 days of inactivity.

To request immediate deletion of any associated stored YouTube data (channel metadata, description backups, migration history), email andrew@youfiliate.com with the subject “YouTube Data Deletion Request.” We will action the deletion within 30 days.

International Data Transfers

Some of our service providers (Stripe, SendGrid, Render, Vercel, Google, Cloudflare) are based in the United States. Where personal data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or the service provider’s participation in recognized data protection frameworks.

Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encrypted data transmission (TLS/HTTPS)
Hashed password storage
Hashed IP addresses with daily rotating salts (no raw IPs stored)
Access controls and authentication
Regular security reviews

No method of transmission or storage is 100% secure. If you become aware of a security vulnerability, please contact us at andrew@youfiliate.com.

Children’s Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

andrew@youfiliate.com