Privacy Policy

Last Updated: February 1, 2026

1. Introduction and Scope

This Privacy Policy ("Policy") describes our practices regarding the collection, processing, storage, and protection of personal data when you use Mrgrm.com ("we", "us", or "our"), our website, platform, and associated services (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read and understood this Policy.

2. Categories of Personal Data We Process

2.1 Information You Provide Directly

When you register, subscribe, or interact with our Services, you may provide:

• Account Information: Name, email address.
• Authentication Data: Passwords (hashed) or SSO tokens (e.g., via Google).
• Payment Information: Billing details (processed securely by our payment provider, Paddle).
• Communication Data: Support tickets or feedback submissions.

2.2 Information We Collect Automatically

When you use our Services, we automatically collect:

• Technical Data: IP address, browser type and version, device identifiers, operating system.
• Usage Data: Pages visited, features accessed, click patterns, session duration, error logs.
• Integration Data: Information from connected third-party services (e.g., YouTube) as authorized by you.

2.3 Information from Third Parties

To provide our comment management Service, you must connect third-party social media accounts (e.g., YouTube via Google OAuth). We collect:

• Profile Data: Channel name, avatar, and description.
• Authentication Tokens: OAuth tokens required to fetch and manage comments securely.
• Comment Data: Text, author IDs, post IDs, and publication dates of comments retrieved from your connected social profiles.

2.4 Special Categories of Data

We do not intentionally collect special categories of personal data (e.g., racial or ethnic origin, political opinions, religious beliefs). Because our Service analyzes comments posted publicly on third-party platforms, we may process such data if it is included in comments made by end-users. We do not use this data for profiling or marketing.

3. Purposes of Processing

We process personal data for the following purposes:

• Service Delivery: To fetch comments, analyze them using AI (including but not limited to OpenAI, Anthropic, Google Gemini), and execute your automated actions.
• Account Management: To manage subscriptions, track token usage, and provide customer support.
• Platform Operations: To ensure the security, availability, and performance of our infrastructure.
• Communication: To send technical notices, updates, security alerts, and administrative messages.

4. Data Sharing and Disclosure

4.1 We Do Not Sell Personal Data

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

4.2 Service Providers and Sub-processors

We share personal data with carefully selected service providers who assist us in operating our Services. These include:

• AI Providers: Comment text is sent to third-party AI infrastructure for analysis. These providers' API usage policies generally restrict using API data for training their public models.
• Payment Processors: We use Paddle for secure payment processing.
• Notification Services: Email and Telegram providers to send you alerts configured in your account.
• Hosting Providers: We host primarily in the US and maintain strong security controls.

4.3 Legal Disclosures

We may disclose personal data when required by law or when we believe in good faith that disclosure is necessary to comply with legal obligations, protect our rights, or prevent fraud.

5. Google API Services Usage Disclosure

Because Mrgrm.com interacts with YouTube, our application accesses, uses, stores, and shares Google user data in accordance with the following practices. Mrgrm.com's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5.1 Accessing Google User Data

When you connect your YouTube account to Mrgrm.com, we request access to your YouTube account via Google OAuth. We specifically request access to view your YouTube channel information and manage your YouTube comments on your behalf.

5.2 Using Google User Data

We use your Google data to provide the core functionality of Mrgrm.com. This includes analyzing the text of incoming comments using AI to determine sentiment, identify questions, match keywords, and trigger automated responses (such as auto-replying, liking, or notifying you) based on the rules you configure.

5.3 Storing Google User Data

We securely store your YouTube channel details (Channel ID, Name, Avatar) and retrieved YouTube comments (Comment ID, text, author ID, timestamp) in our database to provide the Service. We also securely store the OAuth authentication tokens necessary to perform actions on your behalf. All data is protected with industry-standard security measures.

5.4 Sharing Google User Data

We do not sell your Google user data. To provide our analysis features, the text of YouTube comments is transmitted securely to third-party AI providers (such as OpenAI, Anthropic, or Google Gemini) strictly for the purpose of analysis. These providers are bound by agreements that restrict them from using this data to train their public models. We do not share your Google data with any other third parties unless required by law.

5.5 Revoking Access and Platform Policies

• By using our Service to manage YouTube data, you acknowledge and agree to the Google Privacy Policy.
• You can revoke Mrgrm.com's access to your YouTube data at any time via the Google Security Settings page. Upon account deletion or access revocation, your data will be securely deleted in accordance with our data retention policy.

6. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information and third-party authentication tokens. However, no electronic transmission over the internet can be guaranteed to be 100% secure.

7. Data Retention

We retain your personal information and processed comment data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your data in accordance with our retention policies.

8. Your Rights

Depending on your location, you may have the right to access, correct, or delete your personal data, or object to certain processing activities. You can exercise many of these rights directly through your account dashboard or by contacting us.

9. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children.

10. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

11. Contact Information

If you have any questions or concerns about this Privacy Policy, please contact us at support@mrgrm.com.