Privacy Policy

This privacy policy applies to Paradify (paradify.com), a YouTube-to-Spotify playlist transfer service. Paradify uses the YouTube API to access your YouTube playlists. When you initiate a transfer, we retrieve and temporarily store the following data:

  • Playlist IDs and titles
  • Video IDs, titles, and channel names from your selected playlists
  • Your YouTube channel ID and display name (used to identify your account during the transfer)

Purpose of Data Use

This data is used solely to:

  • Display your playlist names in the user interface
  • Search for matching tracks on Spotify using video titles
  • Help with debugging if you report an issue

Data Protection Mechanisms

We take the following technical and organizational measures to protect your data:

  • Encryption in transit: All communication between your browser, our servers, and third-party APIs (YouTube, Spotify) is encrypted using HTTPS/TLS.
  • Encryption at rest: Data stored in our database (Azure Cosmos DB) is encrypted at rest using AES-256 encryption provided by Microsoft Azure.
  • OAuth 2.0 authentication: We use OAuth 2.0 to access your YouTube and Spotify accounts. We never see or store your passwords. Access tokens are stored securely and used only to perform the requested transfer on your behalf.
  • Minimal scope: We request only the minimum OAuth scopes necessary — access to your YouTube and Spotify libraries for the purpose of reading and creating playlists.
  • Access controls: Access to stored data is restricted to authorized application services only. No human operator has routine access to individual user data.
  • Token revocation: You can revoke our access to your YouTube account at any time via Google Account Permissions and to your Spotify account via Spotify Account Apps.

Data Retention

YouTube data: Per-video and per-playlist details retrieved from the YouTube API (video IDs, titles, channel names, playlist IDs, and your YouTube channel information) are automatically deleted within 30 days of the transfer, in accordance with the YouTube API Services Terms of Service. After 30 days, only an aggregate summary of the transfer (number of playlists and songs, status, timestamp) is retained to power your transfer-history feature.

Spotify data and account data: Spotify track and playlist references and your account data are retained for as long as you have an active account. Authentication tokens stored in cookies expire after 30 days. All data is permanently deleted upon account deletion request.

We do not collect or store any personally identifiable information beyond what is described above. Google user data is not shared with third parties, sold, or used for advertising, AI training, or any purpose other than providing the transfer service.

YouTube API Services

Paradify uses YouTube API Services. By using Paradify you also agree to be bound by the YouTube Terms of Service and acknowledge the Google Privacy Policy. You can revoke Paradify’s access to your YouTube account at any time via Google Account Permissions.

Analytics

We use Google Analytics to collect anonymised usage data (pages visited, session duration, general location by country). This helps us understand how the service is used and improve it. Google Analytics does not receive any of your YouTube or Spotify account data. You can opt out via the Google Analytics Opt-out Browser Add-on.

Payments

Purchases are processed by one of two third-party payment processors: Paddle (paddle.com) for current one-time purchases, and Lemon Squeezy (lemonsqueezy.com) for legacy subscriptions. When you make a purchase, your payment information (credit card details, billing address) is collected and processed directly by the payment processor. Paradify never sees or stores your payment card details.

These processors may collect and process personal data such as your name, email address, and billing information to fulfil the transaction and comply with legal obligations. Their use of your data is governed by their respective privacy policies: Paddle Privacy Policy and Lemon Squeezy Privacy Policy.

Paradify receives confirmation of your purchase status from the payment processor via webhook in order to unlock premium features. We store only your purchase status and associated email address — no payment card data.

Communications

If you provide your email address, we may send you transactional emails (e.g. transfer confirmations or account notices) and occasional product updates or offers. You can opt out of marketing emails at any time using the unsubscribe link in the email or by contacting us.

Your Rights

You may request deletion of any data we hold about you at any time. Revoking OAuth access (see token revocation above) will also prevent any further data collection.

You can request complete deletion of your account and all associated profile data by contacting our support team. We will process your request and permanently remove all your data from our systems.

By using this app, you agree to this privacy policy. If you have questions or concerns, feel free to contact us.