Privacy Policy

Last updated May 11, 2026

■ Privacy Policy ■ Terms of Service

1 What We Collect

When you create an account or interact with CommuTube, we collect the following:

  • Account data — username, email address, display name, and hashed password (for local accounts).
  • OAuth data — if you sign in with Google, Apple, or Discord, we receive your email address, display name, and profile photo from that provider. For Discord accounts we also store your Discord user ID and username.
  • Uploaded content — videos, thumbnails, and channel art you upload to the platform.
  • Activity data — watch history, subscriptions, likes, and comments.
  • Session data — a session cookie used to keep you signed in.
  • IP address — collected during login and CAPTCHA verification for abuse prevention. When you sign in from a new IP address, that address is stored as a trusted login location after you verify it via email. Known IP addresses are retained to skip the verification step on future sign-ins from the same location.

We do not collect payment information, precise location data, or device fingerprints.

2 How We Use Your Data

Your data is used solely to operate the platform:

  • Authenticating your identity and maintaining your session.
  • Detecting sign-ins from unrecognised IP addresses and sending a verification code to your email before granting access.
  • Serving and storing your uploaded videos.
  • Powering subscriptions, watch history, and recommendations.
  • Preventing spam and abuse via Cloudflare Turnstile CAPTCHA.
  • Displaying your public profile and channel to other users.

We do not sell your data, use it for advertising, or share it with third parties except as described in section 3.

3 Third-Party Services

CommuTube uses the following third-party services, each with their own privacy practices:

  • Google Firebase Authentication — handles Google and Apple OAuth sign-in. Firebase Privacy Policy.
  • Cloudflare Turnstile — CAPTCHA on login and registration. Cloudflare may process your IP address and browser signals. Cloudflare Privacy Policy.
  • Discord OAuth — used for sign-in, sign-up, and optional account linking. We receive your Discord user ID, username, display name, email address, and avatar. Your Discord ID and username are stored to identify your account and, where applicable, to assign roles in the CommuTube Discord server. Discord Privacy Policy.

4 Cookies and Sessions

We use a single session cookie to keep you logged in. This cookie is deleted when you log out. We do not use tracking cookies, advertising cookies, or analytics cookies.

5 Data Retention

Your account and associated data are retained for as long as your account is active. If you delete your account, your data is removed within 30 days, except where retention is required by law. Uploaded videos are deleted immediately upon request or account deletion. Trusted login IP addresses are deleted when your account is deleted.

6 Your Rights

You have the right to access, correct, or delete your personal data, and to export your uploaded content at any time. To exercise any of these rights, contact us at privacy@commutube.com.

7 Security

We take the following measures to protect your account and data:

  • Password hashing — passwords are hashed using Argon2id with 128 MB of memory and 4 iterations. They are never stored in plain text. Argon2id is a memory-hard algorithm designed to resist brute-force attacks, including those performed with GPUs or specialised hardware.
  • Legacy hash migration — accounts created before May 2026 used bcrypt hashing. These hashes are automatically upgraded to Argon2id the next time you sign in.
  • Session security — your session ID is regenerated on every login, password change, and two-factor verification to prevent session fixation attacks. Logging out fully destroys your session and expires the session cookie.
  • OAuth account protection — signing in via Google, Apple, or Discord cannot be used to access an existing password-based account without explicit linking. If a Discord sign-in email matches an existing account, the accounts are merged and you are prompted to re-authenticate. This prevents account takeover via email matching.
  • Login location verification — when you sign in from an IP address that has not been used before on your account, we send a 6-digit code to your registered email address. You must enter the code before access is granted. Once verified, that IP address is stored as a trusted location so future sign-ins from the same address skip this step. If you did not initiate the sign-in attempt, your credentials may be compromised and you should change your password immediately.
  • Two-factor authentication — optional TOTP-based 2FA (compatible with any authenticator app) is available for all accounts. If both login location verification and 2FA are required, both checks must be passed before access is granted.
  • CAPTCHA — Cloudflare Turnstile is required on login and registration to prevent automated attacks.
  • Transport security — all traffic is served over HTTPS.

No system is perfectly secure. In the event of a breach affecting your data, we will notify you promptly.

8 Changes to This Policy

We may update this policy from time to time. The effective date at the top of this page will reflect the latest revision. Continued use of the platform after changes constitutes acceptance.