Privacy Policy

1. Introduction

Welcome to Yti's Privacy Policy. This policy describes how Dagorsey ("we", "us", or "our") collects, uses, stores, and protects your personal information when you use the Yti service ("Service").

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR), the French Data Protection Act (Loi Informatique et Libertés), and other applicable data protection laws.

By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

Account Information: When you create an account through our authentication provider (Clerk), we collect:

• Name or username
• Email address
• Authentication credentials (managed by Clerk)
• Profile information (if provided)

Content You Submit: When you use the Service, we collect:

• YouTube video URLs you submit for processing
• Chat messages you send within the Service
• Preferences and settings you configure

Payment Information: If you subscribe to a paid tier, payment information is processed by our third-party payment processor. We do not store full credit card numbers.

2.2 Information Automatically Collected

Usage Data: We automatically collect information about your interactions with the Service:

• Video processing requests and analysis history
• Features used and actions taken
• Dates and times of access
• Service performance and error logs

Technical Data: We collect technical information:

• IP address
• Browser type and version
• Device type and operating system
• Referring website
• Pages visited and time spent on pages

2.3 Processed Content

When you submit a YouTube video for analysis, we store:

• Video transcripts generated by OpenAI Whisper
• AI-generated summaries, analyses, and insights produced by Anthropic Claude
• Extracted quotes, best practices, tutorials, and other analysis outputs
• Metadata about videos (title, duration, URL)
• Your chat history with video transcripts

3. How We Use Your Information

3.1 Service Provision

We use your information to:

• Create and manage your account
• Process video transcription and analysis requests
• Store your analyzed videos in your personal library
• Enable chat functionality with video transcripts
• Provide customer support
• Send service-related communications (processing status, errors, etc.)

3.2 Service Improvement

We use aggregated and anonymized data to:

• Monitor and improve Service performance
• Identify and fix technical issues
• Understand usage patterns and optimize features
• Develop new features and services

3.3 Communication

With your consent, we may send you:

• Service announcements and updates
• Account-related notifications
• Marketing communications about new features (you can opt out at any time)
• Responses to your inquiries

3.4 Legal Compliance

We may use your information to:

• Comply with legal obligations
• Enforce our Terms of Service
• Protect our rights, property, or safety and those of our users
• Respond to legal requests from authorities

3.5 Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide the Service you requested
• Consent: You have given explicit consent for specific processing activities
• Legitimate Interests: Processing necessary for our legitimate interests (service improvement, security) that don't override your rights
• Legal Obligation: Processing required by law

4. Third-Party Services and Data Sharing

4.1 Third-Party Processors

We share your data with the following third-party service providers who process data on our behalf:

4.2 Data Processing Agreements

We have data processing agreements (DPAs) in place with our third-party processors to ensure they handle your data in compliance with GDPR and applicable data protection laws.

4.3 International Data Transfers

Some of our service providers are located in the United States. Data transfers to the US are protected by:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Service providers' commitments to GDPR compliance
• Additional security measures to protect your data

4.4 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4.5 Other Disclosures

We may share your information:

• With your consent or at your direction
• To comply with legal obligations (court orders, subpoenas, law enforcement requests)
• In connection with a merger, acquisition, or sale of assets (with notice to you)
• To protect our rights, property, or safety and those of others

5. Data Retention

5.1 Account Data

We retain your account information and processed content for as long as your account is active or as needed to provide the Service.

5.2 Processed Videos

Videos you analyze are stored in your library indefinitely until you delete them. You can delete individual videos or your entire library at any time through the Service interface.

5.3 After Account Deletion

When you delete your account:

• Your personal information and processed content are deleted within 30 days
• Some information may be retained for legal, security, or operational purposes (e.g., transaction records for accounting)
• Aggregated, anonymized data may be retained for analytics

5.4 Backup Retention

Deleted data may persist in backups for up to 90 days before being permanently removed.

6. Data Security

6.1 Security Measures

We implement industry-standard security measures to protect your data:

• Encryption in transit (TLS/SSL) for all data transmission
• Encryption at rest for stored data
• Secure authentication through Clerk (OAuth, MFA support)
• Regular security audits and vulnerability assessments
• Access controls and role-based permissions
• Secure database configurations and firewalls
• Monitoring and logging of security events

6.2 User Responsibilities

You are responsible for:

• Keeping your account credentials confidential
• Using strong, unique passwords
• Enabling multi-factor authentication if available
• Notifying us immediately of any unauthorized access

6.3 Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify affected users within 72 hours of discovery
• Report the breach to relevant authorities as required by GDPR
• Provide information about the nature of the breach and steps being taken
• Offer guidance on protecting your information

7. Your Rights Under GDPR

If you are located in the European Union or European Economic Area, you have the following rights regarding your personal data:

7.1 Right of Access

You have the right to request a copy of the personal data we hold about you.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to certain legal exceptions.

7.4 Right to Restriction of Processing

You can request that we limit how we use your personal data in certain circumstances.

7.5 Right to Data Portability

You can request your personal data in a structured, machine-readable format for transfer to another service.

7.6 Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

7.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw your consent at any time.

7.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority (in France: CNIL - Commission Nationale de l'Informatique et des Libertés).

7.9 Exercising Your Rights

To exercise any of these rights, contact us at:

We will respond to your request within 30 days. In complex cases, this may be extended by an additional 60 days with notification.

8. Cookies and Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device when you visit our Service. We use cookies and similar technologies to enhance your experience and analyze usage.

8.2 Types of Cookies We Use

• Essential Cookies: Required for the Service to function (authentication, security)
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Help us understand how you use the Service
• Authentication Cookies: Managed by Clerk to keep you logged in

8.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

9. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

If you are a parent or guardian and believe your child has provided personal information to us, please contact us at contact@dagorsey.fr, and we will delete the information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email or through a prominent notice on the Service
• For significant changes, request your consent where required by law

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

11. Contact Information

11.1 General Inquiries

For questions about this Privacy Policy or our data practices:

11.2 Data Protection Authority

If you are not satisfied with our response to your privacy concerns, you may contact the French data protection authority:

12. Specific Information for EU Users

12.1 Legal Basis for Processing

Summary of legal bases for processing your personal data:

12.2 Data Protection Officer

For data protection inquiries, you may contact our data protection contact at contact@dagorsey.fr with the subject line "Data Protection Officer".