Privacy policy

Condense helps you follow YouTube channels you care about, fetch caption transcripts for videos, and generate structured summaries and timestamped "moments" grounded in those captions. It uses read-only access to your YouTube subscriptions when you sign in with Google.

The data controller for a given Condense deployment is whoever operates that deployment (for example, the person or company that hosts the app and database). If you use someone else's instance, they are responsible for how it is run; this policy describes what the software is designed to collect and process.

This deployment does not publish a dedicated privacy contact email in configuration. If Condense was provided to you by an organization, contact them for requests about your data.

We process the following when you create or use an account:

• Email and password sign-in: email address, name, and a salted password hash stored in our database (we do not store your password in plain text).
• Google sign-in: profile identifiers, email, and name as provided by Google; OAuth tokens needed to call Google APIs on your behalf.
• Sessions: session tokens in cookies, plus session records that may include IP address and user agent string as stored by our authentication layer.

If you connect Google, we request the scopes configured in the product: OpenID, basic profile/email, and read-only YouTube access (youtube.readonly). We use this to list your subscriptions and sync channel and video metadata via the YouTube Data API. We do not post comments, upload videos, or modify your YouTube account.

Google's use of information from Google APIs adheres to the Google API Services User Data Policy, including Limited Use requirements.

To build summaries, we obtain caption text for videos. Depending on configuration, transcript text may be retrieved by:

• Requesting timed text from YouTube's public caption endpoints (server-side), or
• When a Supadata API key is configured, sending the video identifier to Supadata so their service can return transcript data.

Transcript segments and metadata are stored in our database so we do not refetch them for every view and so summaries remain consistent.

When you generate a "condense", we send the video title and transcript text (and optional focus instructions you provide) to an AI model through Vercel AI Gateway using an API key configured on the server. The default model identifier in code is openai/gpt-4o-mini; the operator may configure a different gateway-supported model. The model provider (for example OpenAI or Anthropic, depending on configuration) receives the prompt content needed to produce the summary.

Generated thesis, bullets, insights, and related metadata are stored in our database. We also record usage rows tied to your account for quota and billing logic.

If you use share links, anyone who has the URL can load the shared summary and related video presentation data served by Condense. Do not share links for content you are not allowed to redistribute.

Paid plans are processed with Stripe. We store Stripe customer and subscription identifiers and status in our database as required to provide access. Payment card details are handled by Stripe, not stored by Condense.

Typical infrastructure used by this software includes:

• PostgreSQL (commonly Neon) for application data.
• Vercel AI Gateway for routing AI requests.
• Google / YouTube for sign-in and read-only YouTube Data API calls.
• Supadata (optional) for transcript retrieval when configured.
• Stripe for subscriptions when enabled.

The application code does not embed third-party marketing or analytics SDKs (such as advertising or product-analytics trackers). Server logs from your hosting provider may still collect technical data (for example request metadata) according to that provider's practices.

We use cookies and similar storage required for authentication (session cookies managed by Better Auth / Next.js). There are no advertising cookies in the application code.

We retain account and application data while your account exists and as needed to operate the service (for example cached transcripts and summaries, subscription sync state). Operators may implement additional backup or deletion policies on top of this software.

Depending on where you live, you may have rights to access, correct, delete, or export personal data, or to object to or restrict certain processing. The operator of your deployment is responsible for honoring applicable requests.

This codebase does not ship a self-service "delete my account" button; deletion workflows depend on the operator. Disconnecting Google in your Google account settings will not remove data already stored in Condense.

Condense is not directed at children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children.

We may update this policy when the product changes. The effective date at the top will be revised when we do.