Legal
Last updated: May 2026
We collect information you provide directly, such as your email address when you create an account, and information generated when you use Gideon, including YouTube channel data, uploaded documents, generated ideas and scripts, and usage analytics. We do not collect payment card details directly — all payments are processed by Stripe.
Gideon accesses your YouTube channel data through the YouTube Data API v3 and YouTube Analytics API under the permissions you grant at sign-in. We use this data exclusively to provide the Gideon service — to generate ideas, analyse performance, and surface trend signals relevant to your channel. We do not sell or share your YouTube data with third parties.
Gideon's use and transfer of information received from Google APIs to any other application will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We retain your account data for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us. YouTube data is re-fetched on demand and is not cached beyond 24 hours for analytics data or 1 hour for live stream data.
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Authentication is handled by Supabase. API keys and OAuth tokens are stored in an encrypted vault and never exposed in application logs.
Gideon uses the following sub-processors: Anthropic (AI generation), Supabase (database and auth), Stripe (payments), and Redis (job queuing). Each is bound by their respective data processing agreements.
You have the right to access, correct, or delete your personal data. EU/UK users may also object to processing or request data portability. California residents may opt out of the sale of personal information (we do not sell personal information). To exercise these rights, contact us at the address below.
For privacy-related inquiries, contact us at [email protected].