Privacy Policy

Last updated: 2026-05-02

What we collect

VOD Manager only collects what it needs to archive your Twitch streams into storage you control. That includes:

  • Account information — the email address you use to sign in and an optional display name. Magic-link sign-in tokens are one-time use and short-lived.
  • Twitch OAuth tokens and the scopes you grant when you link your Twitch account, used to read your channel and VOD history.
  • Storage credentials for whichever provider you connect — S3-compatible access keys (AWS S3, Cloudflare R2, Backblaze B2, Wasabi) or OAuth tokens (Google Drive, Dropbox, Microsoft OneDrive).
  • Stream and VOD metadata returned by Twitch’s Helix API — titles, durations, timestamps, game/category, thumbnails, and the Twitch IDs we use to detect new broadcasts.
  • Chat replay scraped from your own past Twitch broadcasts, archived alongside the VOD on your storage profile.

Where archived data lives

Archive video, chat, thumbnails, and sidecar metadata are written to whatever storage profile you connect. We do not keep a second copy of those bytes in our infrastructure. Our database keeps only the metadata we need to render your library — titles, sizes, paths, statuses, and the storage profile that owns each archive.

If you opt into the free shared tier during onboarding, archives are written to a single VOD Manager-owned Backblaze B2 bucket instead of your own storage. The free tier is opt-in, time-bounded, and capped: roughly 72 hours of retention, ten VODs and ten clips per user, with 8 GB and 1 GB size limits per VOD and clip respectively. Keep-forever is disabled there. Connecting your own storage migrates everything that fits and switches future archives over.

How we secure credentials

Twitch OAuth tokens, S3 access keys and secrets, and OAuth tokens for Google Drive, Dropbox, and OneDrive are all stored using Laravel’s encrypted cast, which means they are encrypted at rest with the application key. Credentials are never written to logs, never returned in API or JSON responses, and never displayed in the UI as plaintext — admin and user views show masked values only.

Twitch EventSub webhooks are HMAC-validated against the per-subscription secret before we do any work. Mismatches are rejected without dispatching jobs.

Share links and presigned URLs

When you generate a share link for an archive, we mint a time-limited URL that goes directly to your storage provider — a presigned S3 URL for S3-compatible storage, or a provider-managed shared link for Drive, Dropbox, and OneDrive. These URLs are regenerable and can be revoked from the VOD card.

Anyone holding a live share link can fetch the archive bytes until the link expires, so treat them as sensitive. We do not publish, index, or share these URLs anywhere outside the UI you used to create them.

Chat replay data

Chat replay is user-generated chat from your own publicly broadcast Twitch streams. It is downloaded as a sidecar to the VOD and stored alongside the video on your own storage profile. Chatter usernames are part of the replay; this matches what Twitch already displayed publicly during the live broadcast. Clips do not have chat replay, so chat archiving is skipped automatically there.

Account deletion vs. archive deletion

Deleting an individual VOD or clip from VOD Manager removes the archive bytes from your storage profile and the metadata row from our database. This is the everyday delete path on each VOD card.

Deleting your VOD Manager account is separate. By default it removes your records from our database — account, connected Twitch accounts, storage profiles, VOD and stream metadata, audit log entries — but it leaves archive bytes in your storage untouched, since that storage belongs to you. The deletion flow includes an optional purge toggle; checking it instructs us to also remove your archive bytes from your connected storage before tearing down the account.

Operational data

Server logs, queue records, and failed-job rows contain operational metadata — timestamps, job IDs, error messages, and the like. They are not PII-sensitive and we do not deliberately retain them long-term. Where useful for debugging or product visibility, we keep an audit log of user-driven actions (deletes, share-link generation, keep-forever toggles).

Third-party services

VOD Manager talks to a handful of third parties to do its job:

  • Twitch — OAuth, the Helix API for stream and VOD lookups, and EventSub webhooks for real-time stream.online and stream.offline notifications.
  • Your configured storage provider — AWS, Cloudflare, Backblaze, Wasabi, Google, Dropbox, or Microsoft, depending on what you connected. Archive bytes flow there from our worker pipeline.
  • Mailgun — transactional email (sign-in links, archive summaries, failure notices, account alerts).
  • Laravel Reverb — real-time browser updates for archive progress, queue position, and quota crossings. Reverb runs on our own infrastructure.
  • Laravel Nightwatch — production error monitoring and request telemetry. Exception stack traces and log entries are forwarded there for debugging.
  • Sentry — production error alerting and issue tracking. Exception reports (with sensitive fields scrubbed) are forwarded there so we can detect and fix problems quickly.

How we use your data

We use the data we collect to operate the archive service, secure your account, troubleshoot issues, and show you the state of your own archives. We do not sell user data, share it with advertisers, or train machine-learning models on it.

Contact

Questions about privacy can be sent to support@vod-manager.com.