Privacy policy

Last updated: 2026-05-26

Short version: we store your email, a salted hash of your password, and the list of YouTube videos you've saved. Nothing else. No ads, no trackers, no third parties. You can delete everything at any time.

Who we are

YouTube Todo is an independent project that helps you save YouTube videos to a personal watch-later queue you can open from any device. It is not affiliated with, sponsored by, or endorsed by YouTube or Google.

What we collect

Account data

Your email address — used as your login and to send password-reset emails.
Your display name — shown in the header of your queue page.
A salted hash of your password — we never store the password itself.
Account creation date, last login date, and login count — operational metrics only; not shared.

Queue data

YouTube video id, title, URL, and (when available) upload date — for each video you save.
Watch progress — how far into a video you've played, so you can resume on another device. Updated only while you're playing inside the YouTube Todo player.
Read/unread state — set automatically when you finish a video, or manually via the queue page.

Session data

A single HTTP cookie named session that identifies your logged-in session. It expires after 30 days. It is HttpOnly, sent only over HTTPS in production, and contains no personal data — just a session id and a random scramble that we match against our database.

What we do not collect

No browsing or watch history outside the videos you explicitly save.
No analytics pixels, fingerprinting, or third-party advertising trackers.
No data from YouTube pages beyond what's needed to identify the video you saved (video id, title, upload date).
No payment information — there's nothing to pay for.

How the browser extension fits in

The YouTube Todo browser extension reads the current YouTube tab so it can identify which video you're saving, and it sends that video's id, title, and URL to the YouTube Todo server you've configured (by default https://www.youtube-todo.com; you can change this in the extension popup to point at a self-hosted server). The extension does not send anything to any other destination, does not log your YouTube browsing, and stores no personal data locally other than your server preference.

Third parties

YouTube — when you load a video for playback on the queue page, your browser fetches the video player directly from YouTube. YouTube's own privacy policy applies to that connection. We do not share your account information with YouTube.
YouTube Data API — the server occasionally calls the public YouTube Data API to look up a video's upload date when the extension couldn't scrape one (for example, when you save from a thumbnail right-click). The request includes only the YouTube video id, never your email or any identifier tied to you.
Mailgun — if password-reset email is configured, we use Mailgun to deliver it. Mailgun sees your email address and the reset link.

How we secure your data

Passwords are stored only as salted SHA-256 hashes.
The session cookie is HttpOnly (so page JavaScript can't read it) and is marked Secure + SameSite=None when served over HTTPS, so it travels only on encrypted connections.
Every API endpoint and the /me page require a valid session — your queue is never reachable from a URL alone.

Deleting your data

You can delete your account and everything tied to it from the queue page ("Delete my data"). Deletion is immediate and permanent: we don't keep an archive, a shadow record, or a backup copy beyond standard 30-day database backup rotation. We do not retain any data after deletion for analytics or any other purpose.

If you can't reach the queue page for any reason and want your data removed, email privacy@youtube-todo.com.

Changes to this policy

If we change anything material, we'll bump the "Last updated" date at the top of this page and, where reasonable, notify logged-in users on their next visit.

Contact

Questions? Email privacy@youtube-todo.com.