Privacy Policy

Last updated: 2026-02-02

1. Who we are

This Privacy Policy explains how personal data is collected, used, and protected when you use the RTMPS.IO service, website, APIs, and related features (the “Service”).

Data controller: METATAG OÜ
Registry code: 16276419
VAT: EE102393738

2. Scope

This Policy applies to all users of the Service, including visitors to our website, registered users, and users who authenticate via third‑party identity providers (such as Apple or Google).

3. Personal data we collect

3.1 Data you provide directly

• Account information (name, email address, login identifiers)
• Authentication data provided via OAuth providers (unique user ID, email, display name)
• Billing and subscription data (plan type, invoices, payment status)
• Support communications and feedback

3.2 Data generated through use of the Service

• Stream metadata (stream titles, destinations, technical parameters)
• Usage data (minutes streamed, outputs used, quotas)
• Logs and diagnostic data (timestamps, IP addresses, user agent, error logs)

3.3 Data we do not collect

• We do not collect passwords for third‑party platforms or OAuth providers.
• We do not access private messages, chats, or viewer data from third‑party platforms unless explicitly required to provide a requested feature.

4. OAuth sign‑in and third‑party accounts

You may sign in to RTMPS.IO using third‑party identity providers such as Apple (“Sign in with Apple”) or Google. Authentication is handled by the provider, and we receive only the data you authorize.

• Sign in with Apple: We may receive a stable, app‑specific user identifier and, depending on your choice, your name and email address (including a private relay address). Apple’s data handling is described here: Apple – Sign in with Apple & Privacy.
• Google OAuth: We receive basic profile information and a unique identifier as permitted by your consent. We comply with Google’s OAuth policies: Google OAuth 2.0 Policies.

You may revoke OAuth access at any time through the relevant provider’s account settings.

5. How we use personal data

• To provide, operate, and maintain the Service
• To authenticate users and secure accounts
• To process subscriptions, payments, and invoices
• To monitor performance, prevent abuse, and ensure service stability
• To communicate with you about service updates, security issues, and support requests
• To comply with legal obligations

6. Legal bases for processing (GDPR)

• Contract: Processing necessary to provide the Service you requested
• Legal obligation: Accounting, tax, and compliance requirements
• Legitimate interests: Security, abuse prevention, and service improvement
• Consent: Where explicitly required (for example, certain communications)

7. Cookies and similar technologies

We use cookies and similar technologies that are necessary for authentication, session management, and security. We do not use third‑party advertising or tracking cookies for profiling.

8. Data sharing and processors

We do not sell your personal data. We may share data only with trusted processors where necessary to operate the Service, such as:

• Cloud and infrastructure providers
• Payment processors and billing providers
• Email and notification services
• OAuth and identity providers (Apple, Google)

All processors are bound by contractual data protection obligations.

9. International data transfers

Your data may be processed in countries outside the EEA. Where this occurs, we rely on appropriate safeguards, such as EU Standard Contractual Clauses or equivalent legal mechanisms.

10. Data retention

• Account data is retained for as long as your account is active.
• Billing records are retained as required by law.
• Logs and technical data are retained for a limited period necessary for security and diagnostics.

11. Your rights

If you are located in the EEA/UK, you have the right to:

• Access your personal data
• Correct inaccurate or incomplete data
• Request deletion of your data
• Restrict or object to certain processing
• Data portability
• Lodge a complaint with a supervisory authority

You can exercise your rights by contacting us at privacy@rtmps.io.

12. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, or alteration. However, no system is completely secure.

13. Children

The Service is not intended for children under 16. We do not knowingly collect personal data from children.

14. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by email. Continued use of the Service after the effective date means you accept the updated Policy.

15. Contact

For privacy‑related questions or requests, contact:
privacy@rtmps.io