Privacy Policy
How account and channel data is handled.
Last Updated: May 2, 2026
RODbot processes only the data needed to authenticate authorized channels and execute configured bot features.
What we store: signed session cookies, OAuth token bundles for connected channels, channel configuration (commands/targets/catches/profile), and operational telemetry/caches.
How we use it: to discover streams, monitor chat, execute commands, enforce quotas, and provide dashboard/admin visibility.
What we do not do: sell personal data, share tokens with third parties, or expose OAuth tokens in API responses.
RODbot's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Retention and deletion: sessions expire automatically; OAuth tokens are revoked/deleted on disconnect; operational caches are short-lived; channel data persists while channel is onboarded unless reset/offboarded.
User controls: users can disconnect and revoke Google access at any time. Brand/proxy identities are handled per Google account behavior.
Retention Summary
| Data Class | Purpose | Retention | Deletion Trigger |
|---|---|---|---|
| Session Cookie | Keep authenticated dashboard session | Up to 30 days | Logout, expiry, session invalidation |
| OAuth Token Bundle | YouTube API access for connected channel | While channel is onboarded | Disconnect/revoke flow or token invalidation |
| Channel Config | Command/chat/profile behavior | While channel is onboarded | Channel reset/offboarding request |
| Operational Logs/Telemetry | Reliability, quota, and diagnostics | Short-lived rolling retention | Automatic TTL expiry |
User Controls and Deletion
You can disconnect and revoke access at any time using the in-app Disconnect Channel action or from your Google account permissions page.
If you need channel offboarding or data deletion assistance, contact support at wannaseemyrod@gmail.com. Target response time is within 7 calendar days.
Third-Party Policies
OAuth Scope to Feature Mapping (Least Privilege)
| Scope | Feature Use | Why Required |
|---|---|---|
https://www.googleapis.com/auth/youtube.force-ssl |
Read live broadcast/chat resources and post authorized bot replies. | Required for authenticated live chat read + insert operations from channel owner identity. |
https://www.googleapis.com/auth/userinfo.email |
Bind Google identity email for beta-access approvals, admin controls, and session ownership. | Required for operator identity association and access governance. |
openid |
Bind stable Google subject (`sub`) for session and channel ownership linkage. | Required for consistent identity mapping across reauth and session refresh. |
RODbot uses incremental authorization: initial account sign-in requests identity scopes first, then requests YouTube runtime scope in a second OAuth step.
For full retention definitions, see the operator retention policy and contact support if you need offboarding help.