Privacy Policy

Last updated: March 15, 2026

1. Who We Are

realstats.me is operated by Darius Achilles / Bartis.Dev, Goethestr. 30, 39397 Schwanebeck, Germany. Contact: support@realstats.me

2. Data We Collect

Account Data (via Google OAuth)

Email address, Google ID, and profile picture. We do not receive or store your Google password.

Social Platform Data (via OAuth2)

When you connect YouTube, Twitch, or TikTok, we access your public channel statistics (subscriber count, view count, engagement rates) using read-only API permissions. We store OAuth tokens securely to refresh this data automatically.

Payment Data

Payments are processed by Stripe. We store your Stripe Customer ID but never your credit card details. All payment data is handled by Stripe in accordance with PCI-DSS standards.

3. Cookies

We use a single HTTP-only, Secure session cookie to keep you logged in. This cookie contains a JWT token and expires after 7 days. It is HTTP-only (not accessible via JavaScript, protecting against XSS attacks) and Secure (transmitted only over HTTPS in production). We do not use tracking cookies, advertising cookies, or analytics tools.

4. How We Use Your Data

  • To provide the service: displaying your verified stats on your public profile
  • To authenticate you via Google OAuth
  • To process subscription payments via Stripe
  • To refresh your social platform stats automatically

We do not sell, share, or transfer your data to third parties for marketing purposes.

5. Data Sharing & Visibility

Your stats are only visible on your public profile if you choose to make them public. You can set your profile to private, password-protected, or agency-only at any time via your Dashboard Settings.

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Delete your account and all associated data
  • Export your data
  • Restrict processing of your data

To delete your account and all data, go to Dashboard → Settings → Delete Account. All your data will be permanently removed immediately.

7. Data Retention

We retain your data for as long as your account is active. When you delete your account, all data (including social accounts, shared links, and agency relationships) is permanently deleted from our database immediately.

8. Security

We use HTTPS encryption, HTTP-only cookies, bcrypt password hashing, and OAuth2 for all third-party integrations. We never store your social media passwords — only read-only API tokens.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

10. Contact

For any questions regarding this Privacy Policy or your data, contact us at support@realstats.me.