Privacy Policy
Last updated: November 11, 2025
Vivipod ("we", "our", "us") is an asynchronous discussion platform that enables users to create, share and discuss video content. This policy explains what information we collect, how we use it, and the choices you have. By using Vivipod you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
| Category | Examples | Source |
|---|---|---|
| Account & User | Username, display name, email addresses, billing details | Provided by you |
| Authentication | Email verification codes, SSO provider identifiers, hashed secrets | Provided by you / SSO provider |
| Google OAuth Profile | Name, primary email, avatar URL (if available), Google account ID (OpenID sub) | Provided by Google during SSO |
| Content | Videos, thumbnails, video metadata (aspect ratio, description etc), Spaces, Topics, Posts, Comments | Created by you or other users |
| Usage & Device | Log files, IP address, browser type, interaction timestamps | Collected automatically |
We collect information from students under the age of digital consent only when their accounts are created and managed by an educator, parent, or legal guardian, in accordance with applicable laws such as COPPA in the United States.
2. How We Use Information
- Provide the service - create accounts, store videos ("Assets"), display Spaces/Topics/Posts/Comments.
- Authenticate users - issue and validate email codes or SSO tokens.
- Operate & improve - monitor usage, debug, develop new features.
- Communicate - send notification emails (e.g. comment replies, verification codes).
- Safety & compliance - detect abuse, enforce our Terms, comply with legal requests.
3. Google User Data (OAuth & SSO)
When you choose Sign in with Google, we comply with the Google API Services User Data Policy.
- Data Accessed - the Google account ID (OpenID Connect
sub), profile name, primary email, and avatar URL (if provided). We do not request access to Google Drive, Calendar, Contacts, Classroom, or any other scopes. - Data Usage - we use those fields solely to create or link your Vivipod account, pre-fill your profile, and keep you signed in. OAuth tokens from Google are kept in memory just long enough to exchange for a Vivipod session and are not stored after the session cookie is issued.
- Data Sharing - Google profile fields are never sold. They are shared only with processors that help us run Vivipod under contracts that prohibit reuse.
- Data Storage & Protection - the Google account ID, name, and email are stored in our database with role-based access. All communication happens over HTTPS, session cookies are HttpOnly/SameSite, and secrets stay in environment variables managed via Cloudflare.
- Data Retention & Deletion - Google-derived data lives only while your Vivipod account is active. Once you delete your account or email
support@vivipod.comto request deletion, we remove Google data from production systems within 30 days and from backups within 90 days, then confirm completion.
4. Sharing & Disclosure
We share information only when necessary:
- Public content - Posts, comments, and Spaces marked public are visible to anyone with the URL.
- Service providers - Cloud hosting, video storage, email delivery and analytics partners that process data on our behalf and under strict confidentiality agreements.
- Legal requirements - If required by law, subpoena, or to protect the rights and safety of Vivipod, our users or the public.
We never sell your personal information.
5. Your Choices & Rights
- Edit or delete content - You can update or remove your Assets, Posts or Comments at any time (subject to moderation queues).
- Delete account - Email
support@vivipod.comfrom your signed-in address (or use any in-product delete controls, when available) to request account deletion. We verify your identity, remove profile data within 30 days, and let you know when it's complete. Public content you created may remain unless you delete it first. - Control notifications - Opt-out links are provided in notification emails.
To exercise any of these rights, please contact us at support@vivipod.com.
6. Data Retention
We retain information for as long as your account is active or as needed to provide the service. Back-ups may persist for up to 90 days. Content deleted by you is queued for removal from our storage and CDN caches.
7. Security
We use industry-standard measures such as HTTPS encryption in transit, access controls, and segregated blob storage to protect your data. No system is 100% secure; please use unique, strong authentication methods.
8. International Transfers
Vivipod is operated from the United States. If you access the service from outside the U.S., you consent to the transfer and processing of your information in the U.S. and other countries where we or our service providers operate.
9. Changes to This Policy
We may update this policy from time to time. We will notify you of any material changes by posting the new policy here and updating the "Last updated" date above.
10. Contact Us
Questions or concerns? Email us at support@vivipod.com.
Thank you for using Vivipod!