Log in

Privacy Policy

Last updated June 2026

This policy explains what Stream Repeater collects, why, and your choices. By using the service you agree to it.

Information we collect

  • Account data — your name, email, and password (stored hashed).
  • Stream configuration — workspaces, streams, and destinations you create. Destination credentials are encrypted at rest.
  • Operational data — relay status, throughput and viewer metrics, and security/audit logs.
  • Recordings — if you turn on recording for a stream, we store the recorded media on our infrastructure for a limited, plan-based retention period (then auto-delete it). Recording is off by default and you control it per stream.
  • Branding assets — any logo you upload for a public watch page, and (if you enable it) the custom domain name you point at your watch page.
  • Viewer lead data — if a workspace owner turns on lead capture for a public watch page, the name and email a viewer enters to unlock that stream. The workspace owner who enabled the feature is the data controller for those details; we only process them on the owner's behalf so the owner can grant access and export their leads.
  • Connected-platform tokens — if you connect a destination account (e.g. YouTube or Twitch) for unified viewer analytics, the authorisation token for that account, stored encrypted, used only to read aggregate viewer counts.
  • Safety reports — report category, details, reporter contact details if provided, content snapshots, moderation decisions, and a hashed IP address for abuse prevention.
  • Technical data — IP address and request metadata, used for security and rate limiting.

How we use it

To operate the service — authenticate you, run and supervise your relays, show you metrics, take payment, and keep the platform secure. We do not sell your personal data.

Support access. Our administrators may securely access or sign in to your account to provide support, investigate issues, or enforce these terms. Such access is restricted to staff, recorded in our audit trail, and used only for those purposes.

Legal bases (GDPR)

  • Contract — to provide the service you sign up for (account, streams, relays, billing).
  • Legitimate interests — security, abuse prevention, and service improvement, balanced against your rights.
  • Legal obligation — retaining invoices and financial records as required by law.
  • Consent — optional marketing emails (opt in/out anytime in Settings, or via any email's unsubscribe link).

Who we share data with

We use a small set of processors to run the service, each under their own data-protection terms:

  • Hetzner — hosting (EU data centres).
  • Amazon Web Services (S3) — encrypted off-site backups, stored in the UK (London, eu-west-2).
  • Amazon SES — transactional & account emails.
  • Stripe — payment processing (we never store full card details).
  • Cloudflare — bot/abuse protection (Turnstile) and, where enabled, CDN/edge delivery and web-application firewalling for the control plane.
  • Google — only if you choose “Sign in with Google”.

Cookies

We use strictly-necessary cookies (such as your login session and a CSRF security token) to operate the platform. With your consent, we also load analytics tools (Google Analytics and our self-hosted tracking system) to help us measure site traffic and improve performance. You can choose to accept or decline these optional cookies via our cookie consent banner. We do not use advertising cookies.

Our custom analytics tracking is hosted at https://tracking.zurg.co.uk/ and handles data in a privacy-respecting, GDPR-compliant manner.

International transfers

Your data is hosted in the EU (Germany), with encrypted backups stored in the UK. Where a processor handles data outside the EU/UK, it is covered by appropriate safeguards (e.g. Standard Contractual Clauses).

Media content

Stream Repeater relays your live streams to the destinations you configure. By default we do not retain stream media — it passes through and is delivered onward. Two optional features change this, and only when you turn them on:

  • Recording — if enabled for a stream, we store the recorded media on our infrastructure for a limited, plan-based retention window, after which it is automatically deleted. You can delete recordings yourself at any time.
  • Public watch page — if enabled, that stream becomes viewable by anyone who has the link (and via any site where you embed it). Disable it and the link stops working.

We may also generate a short-lived still preview thumbnail of a live stream to show in your dashboard; it is cached briefly and automatically replaced or expired.

Third-party destinations (e.g. YouTube, Twitch) handle delivered content under their own policies. If you configure outbound webhooks or an alert URL, we send stream event metadata (not media) to the endpoint you specify.

Watch-page protection, leads & connected platforms

These optional features are off by default, available only on the plans that include them, and controlled by you per stream:

  • Watch-page password. If you password-protect a watch page, we store only a one-way hash of the password (never the password itself) and a short-lived access cookie on each viewer's browser so they don't have to re-enter it on every request.
  • Lead capture. If a workspace owner requires viewers to enter a name and email before watching, that workspace owner is the data controller for those details and we act as their processor: we collect them solely to grant access and to make the leads available to the owner for export. We do not market to those viewers or use their details for our own purposes. At the point of collection the viewer is told their details go to the stream owner, not to us. A viewer can ask us to forward a deletion request to the owner, the owner can delete a lead at any time, and the records are removed when the watch page is deleted.
  • VOD clips. A clip you create from a recording is stored and retained on the same plan-based basis as the underlying recording, and is deleted when you delete it or its parent recording.
  • Custom domain. If you point your own domain at a watch page, we store that hostname and perform DNS lookups and issue a TLS certificate for it (via a certificate authority such as Let's Encrypt) so the page loads securely. Remove the domain and we stop using it.
  • Unified viewer analytics. If you connect a destination account, we use its API only to read aggregate concurrent-viewer counts to show you a combined audience figure. We store the access token encrypted, never post on your behalf, and you can disconnect the account at any time to revoke our access.

Retention

Account and configuration data are kept while your account is active. Recordings are kept only for your plan's retention window and then auto-deleted (sooner if you delete them or your storage fills). Operational logs are pruned on a rolling basis. Invoices are retained as long as the law requires, even after account closure (pseudonymised). Safety reports are retained while needed for moderation, legal, and audit purposes.

Your rights

Under GDPR you can access, correct, export, restrict, object to, or delete your personal data. Logged-in users can download a copy of their data and delete their account directly from Settings → Privacy & your data. For anything else, or if you don't have an active login, make a data request (we respond within one month). You also have the right to complain to your local data-protection authority (in the UK, the ICO).

Contact

Questions about this policy or to exercise your rights? Get in touch.