This Privacy Policy explains how BACKRND, LLC ("BACKRND," "we," "us," or "our") collects, uses, shares, and protects personal information when you use our website, applications, bots, overlays, APIs, and related services (collectively, the "Service").
This policy applies to everyone who uses the Service, regardless of where they live. We extend the rights described in Section 8 — including access, deletion, correction, and portability — to all users globally, not just those in jurisdictions where these rights are required by law.
We collect the following categories of personal information:
| Category | Examples | Source |
|---|---|---|
| Account & identity | Username, display name, platform user ID, email address, profile image, account creation date | You, via OAuth from Twitch, YouTube, Kick, or similar platforms |
| OAuth tokens | Access and refresh tokens scoped to the permissions you grant | The streaming platform you connect |
| Stream & chat content | Chat messages, commands, alerts, moderation events, follower/subscriber events, viewer counts, stream metadata | The streaming platform, processed in real time |
| Service configuration | Bot commands, overlay settings, alert rules, scripts, custom assets you upload | You |
| Analytics & usage | Viewer behavior on your streams (watch time, engagement events), feature usage on the Service, device type, browser, IP address, timestamps | Automatically, through use of the Service |
| Payment information | Billing email, subscription tier, transaction history, last four digits of payment card, billing country | You and Stripe (our payment processor) |
| Support communications | Messages you send to support, feedback, bug reports | You |
We do not collect full payment card numbers. Payment details are collected and processed directly by Stripe under their own privacy policy.
We use personal information to:
We do not sell personal information. We do not use personal information for cross-context behavioral advertising. We do not share personal information with advertisers.
Where applicable law (such as the EU/UK GDPR) requires a legal basis for processing personal data, we rely on the following:
We share personal information only in the limited circumstances described below.
We use the following third parties to operate the Service. They process personal information on our behalf under contractual confidentiality and data protection obligations:
| Provider | Purpose | Data processed |
|---|---|---|
| Stripe | Payment processing, subscription billing, fraud prevention | Billing email, payment method, transaction data |
| Cloud hosting providers (e.g., AWS, Google Cloud, Cloudflare) | Hosting, content delivery, DDoS protection, database storage | All categories above, encrypted in transit and at rest |
We may add or change subprocessors as our Service evolves. Material changes will be reflected in this policy.
To run the Service, we exchange data with the streaming platforms you connect (such as Twitch or YouTube). See Section 5 for details.
We may disclose information if we believe in good faith that disclosure is necessary to: (a) comply with a law, regulation, subpoena, or court order; (b) enforce our Terms of Service or investigate violations; (c) protect the rights, property, or safety of BACKRND, our users, or others; or (d) prevent fraud or security incidents.
If BACKRND is involved in a merger, acquisition, financing, or sale of assets, personal information may be transferred as part of that transaction. We will notify you (for example, by email or by a notice on the Service) before personal information becomes subject to a different privacy policy.
The Service is designed to interoperate with third-party streaming platforms. When you connect a platform via OAuth, you authorize that platform to share certain information with us, and you authorize us to take actions on your behalf within the scopes you grant — such as reading chat, posting messages, listening for events, and accessing channel metadata.
The exact scopes are presented to you at the time of authorization. You can revoke these permissions at any time from the connected platform's settings (typically under "Connections" or "Apps") and from your BACKRND account settings.
Your use of any streaming platform is governed by that platform's own terms and privacy policy. BACKRND is not responsible for how those platforms collect, use, or share your information.
We use a small number of essential cookies required to operate the Service:
We do not use third-party advertising cookies, cross-site tracking pixels, or behavioral advertising technologies. Because we only use essential cookies, we generally do not require a consent banner under most cookie laws — but you can block or delete cookies through your browser settings. Some features of the Service may not work without them.
We honor Global Privacy Control (GPC) signals where applicable.
We retain personal information for as long as necessary to provide the Service and for the legitimate purposes described in this policy. Specific retention periods include:
| Data type | Retention period |
|---|---|
| Account and configuration data | For the life of your account, plus up to 90 days after deletion to allow recovery |
| OAuth tokens | Until you disconnect the platform or delete your account |
| Chat and stream event logs | Up to 30 days, unless you configure longer retention or applicable law requires otherwise |
| Analytics and usage data | Up to 13 months in identifiable form, then aggregated or de-identified |
| Payment and billing records | As required by tax and accounting laws (typically 7 years) |
| Support communications | Up to 3 years after the issue is resolved |
After applicable retention periods, we delete or de-identify personal information. We may retain data longer when required by law, to resolve disputes, or to enforce our agreements.
We extend the following rights to all users of the Service, regardless of location:
To exercise any of these rights, email privacy@backrnd.io from the email address associated with your account, or use the in-app controls in your account settings. We will respond within the timeframes required by applicable law (generally 30 to 45 days).
We will not discriminate against you for exercising any of these rights.
We use industry-standard technical and organizational measures to protect personal information, including encryption in transit (TLS) and at rest, access controls, principle-of-least-privilege for staff access, and regular security reviews. OAuth tokens are stored encrypted.
No system is perfectly secure. If we become aware of a security incident affecting your personal information, we will notify you and the appropriate authorities as required by law.
BACKRND is based in the United States, and we use cloud infrastructure that may store and process data in the United States and other countries. If you access the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States.
Where required (for example, for transfers from the EU/UK to the US), we rely on lawful transfer mechanisms such as Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum. Copies are available on request.
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. In jurisdictions where the minimum age is higher (for example, 16 in some EU member states), we do not knowingly collect information from children below that age without verifiable parental consent.
If you believe a child has provided us with personal information, please contact us at privacy@backrnd.io and we will take steps to delete it.
This section provides additional disclosures required by the California Consumer Privacy Act, as amended ("CCPA"), for California residents.
In the past 12 months, we have collected the categories of personal information described in Section 1, which correspond to the following CCPA categories: identifiers; commercial information; internet/network activity; geolocation (approximate, derived from IP); audio/electronic information (chat content); and inferences drawn from the above. We do not collect sensitive personal information beyond OAuth tokens (which we treat as confidential security credentials).
Sources, business purposes, and categories of recipients are described in Sections 1, 2, and 4 above.
We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We have not done so in the past 12 months and have no plans to do so.
California residents have the right to: know what personal information we collect and how we use it; request access to and deletion of personal information; correct inaccurate personal information; limit the use of sensitive personal information; and not be discriminated against for exercising these rights. These rights are available to all users globally under Section 8.
To submit a request, email privacy@backrnd.io. We will verify your identity using information already associated with your account. You may designate an authorized agent to submit a request on your behalf, subject to verification.
We may update this Privacy Policy from time to time. If we make material changes, we will provide reasonable notice — for example, by posting an updated version on the Service or by sending an email. The "Last updated" date at the top of this policy reflects the most recent revision. Continued use of the Service after changes take effect constitutes acceptance.
If you have questions about this Privacy Policy or how we handle personal information, contact us at:
BACKRND, LLC
2108 N St, Suite 4917
Sacramento, CA 95816
Email: privacy@backrnd.io