Privacy Policy

HGCC YouTube System is an educational application developed by Hau Giang Community College (HGCC). It integrates the YouTube Data API v3 to support teaching, learning, and academic video content management.

1. Information We Collect

When users sign in with their Google accounts, the application may access the following basic data:

• Google Account ID, display name, email address, and profile picture.
• OAuth credentials (access tokens and refresh tokens) — temporarily stored in encrypted form to perform authorized actions on behalf of the user.

2. Purpose of Data Use

The collected information is used strictly for educational and operational purposes, such as:

• Synchronizing video, channel, or playlist data for educational use.
• Performing user-authorized actions such as liking, commenting, or subscribing to academic channels.

We do not sell, share, or use any personal data for advertising or commercial purposes.

3. User Control and Revocation

Users can revoke the application's access to their data at any time via:

https://myaccount.google.com/permissions

Once revoked, all related tokens are permanently deleted from our servers within 24 hours.

4. Data Storage and Protection

• All sensitive data (access tokens, refresh tokens, and user IDs) are encrypted using AES-256 before storage.
• All communications between client and server are secured with HTTPS (TLS 1.2 or higher).
• Access to stored data is restricted by system role and monitored through audit logs.
• Backup data is encrypted and stored separately from production systems.

5. Data Retention and Deletion

We retain user data only for as long as necessary to fulfill the stated purposes. Tokens and user identifiers are deleted immediately after authorization revocation. Non-personal metadata may be anonymized and retained for analytical reporting.

6. Compliance with Google Policies

This application complies fully with the Google API Services User Data Policy, including the Limited Use Requirements — ensuring that user data is used solely to provide or improve user-facing features of the app.

• YouTube Terms of Service
• Google Privacy Policy
• YouTube API Services Terms of Service
• Google API Services User Data Policy

7. Security of Sensitive Data

• We apply encryption at rest and encryption in transit for all OAuth tokens and personal identifiers.
• We implement strict token access lifecycle control — automatic token expiry and deletion after inactivity.
• Regular internal security reviews and restricted administrative access ensure protection against data misuse.

8. Contact

For any privacy concerns, please contact:

• Email: saletpcn@gmail.com
• Website: https://sales1h.com