1. Who we are
CycleStack ("we", "the platform", "the application") is an automated YouTube content production pipeline owned and operated by a single individual ("Steward") at email shyu0732@gmail.com. The platform serves no end users beyond the Steward.
2. What data we access
The application accesses Google APIs solely for own-channel automation. The OAuth scopes used are:
https://www.googleapis.com/auth/youtube.upload— Upload videos to the CycleStack YouTube channelhttps://www.googleapis.com/auth/youtube.force-ssl— Manage own-channel video metadata, captions, commentshttps://www.googleapis.com/auth/youtube.readonly— Read own-channel video and metadata for monitoringhttps://www.googleapis.com/auth/yt-analytics.readonly— Read own-channel analytics for performance measurement
3. What data we DO NOT access
- No subscriber identity — We do not access subscriber names, emails, or any personally identifying information.
- No third-party data — We do not access data from any channel other than the operator's own (UCbcAzkyImmTqz6JU2Mr7Eag).
- No viewer comments — We do not harvest, analyze, or store viewer comments. We post funnel comments authored by the platform itself; we do not read replies.
- No user data harvesting — The platform does not collect, store, or process any end-user data of any kind.
4. How data is stored
OAuth refresh tokens are stored encrypted in the platform's Render-hosted environment variables. Access tokens are short-lived (typically 1 hour) and are refreshed in-memory.
Video metadata (titles, descriptions, tags, captions) generated by the platform is stored in a Neon-hosted Postgres database for production tracking purposes. This metadata is for own-channel videos only.
5. Data retention and deletion
Upon OAuth revocation by the Steward (via the Google Account permissions panel at myaccount.google.com/permissions):
- All OAuth tokens are deleted from the platform's environment within 24 hours.
- All cached metadata derived from API responses is purged within 30 days.
- Published YouTube content remains on the channel under the Steward's direct control via YouTube Studio.
6. Data sharing
We do not sell, share, or disclose any data to third parties. The platform operates entirely within the Steward's own infrastructure (Render, Neon, Cloudflare) and Google's own APIs.
7. Third-party services
The platform uses the following third-party services in the course of own-channel automation:
- Google APIs — YouTube Data API v3, YouTube Analytics API. Subject to Google's Privacy Policy.
- OpenAI API — Text-to-speech for video narration. Subject to OpenAI's Privacy Policy.
- Anthropic API — Content drafting assistance. Subject to Anthropic's Privacy Policy.
- Cloudflare — DNS and Pages hosting for cyclestack.org. Subject to Cloudflare's Privacy Policy.
- Render — Application hosting. Subject to Render's Privacy Policy.
- Neon — Postgres database hosting. Subject to Neon's Privacy Policy.
The platform does not transmit any end-user data to these services (because no end-user data is collected).
8. Limited Use disclosure
CycleStack's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
9. Contact
For questions about this Privacy Policy, contact the Steward at shyu0732@gmail.com.
10. Changes
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date at the top. Continued operation of the application by the Steward constitutes acceptance of the updated policy.