Learn how ThumbsupMe complies with the General Data Protection Regulation (GDPR) to protect the personal data of EU/EEA residents.
At ThumbsupMe (the "Company", "we", "us", or "our"), we are committed to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 when processing personal data of individuals located in the European Union ("EU") or European Economic Area ("EEA").
This GDPR Compliance Statement outlines how we collect, use, process, store, and disclose your personal data in accordance with the GDPR when you use our YouTube toolkit and content creation services.
This statement applies specifically to the personal data of EU/EEA residents who use our YouTube toolkit platform and related services.
The entity responsible for deciding how your personal data is processed ("Data Controller") is ThumbsupMe.
This statement applies to all personal data processing activities related to EU/EEA residents who use our YouTube toolkit service, including thumbnail generation, style analysis, and content preview features.
These protections apply regardless of where the data processing takes place, as long as you are an EU/EEA resident using our services.
We process personal data under the following GDPR-compliant legal bases:
When you have explicitly provided your consent, such as agreeing to use our thumbnail generation features or subscribing to marketing communications.
To provide and manage your account, process your subscription, generate YouTube thumbnails, and deliver our YouTube toolkit services in accordance with our Terms of Service.
To comply with legal requirements such as financial regulations, tax obligations, and law enforcement requests.
To protect our business interests, such as improving our thumbnail generation features, preventing fraud, ensuring security, and providing customer support. We always balance our legitimate interests against your rights and freedoms.
For complete details on what personal data we collect and how we use it, please see our Privacy Policy. In summary, we may collect:
Contact details (name, email address, profile information)
Account information (login credentials, account preferences)
YouTube content data (thumbnails, titles, descriptions for analysis)
Generated thumbnails and preview images
Payment details processed through secure third-party processors
Usage data and analytics (IP address, device information, usage patterns)
Technical data necessary for thumbnail generation and service delivery
We only collect and process personal data that is relevant, adequate, and limited to what is necessary for providing our YouTube toolkit services.
As an EU/EEA resident, you have the following rights regarding your personal data under the GDPR:
You have the right to be informed about how your personal data is being collected and used for YouTube content creation
You can request a copy of the personal data we hold about you, including your generated thumbnails and content data
You can request that we correct any inaccuracies in your personal data
You can request that we delete your personal data, generated thumbnails, and content data under certain conditions
You can request that we limit the way in which we use your personal data and content generation features
You can request to receive your personal data in a structured, commonly used, and machine-readable format
You can object to the processing of your personal data under certain circumstances, such as direct marketing
You have the right not to be subject to decisions based solely on automated processing that produce legal or significant effects
How to Exercise Your Rights: To exercise any of these rights, please contact us using the information provided in the Contact section below. We will respond to your request within one month, or sooner where feasible.
We may transfer your personal data to countries outside the EU/EEA where we or our service providers operate our content generation infrastructure. When doing so, we ensure appropriate safeguards are in place:
We incorporate SCCs approved by the European Commission for transfers to third countries, ensuring your data receives adequate protection.
Where the European Commission has determined that a non-EU country ensures adequate data protection, we may rely on such decisions for transfers.
Our service providers may maintain additional safeguards such as Binding Corporate Rules to ensure consistent protection of your data.
If you would like more information on the specific mechanisms used to transfer your personal data, please contact us using the details below.
Our YouTube toolkit service involves specific data processing activities that we want to make transparent:
When you use our thumbnail generation features, our system analyzes your content preferences and style choices to create customized thumbnails. This processing is based on your explicit consent and contractual necessity.
Our system makes automated decisions about thumbnail recommendations and style suggestions based on your preferences. These decisions do not have legal or similarly significant effects on you, as they only affect the creative output of your YouTube content.
We retain your generated thumbnails and content preferences only as long as necessary to provide the service. You can request deletion of your content data and associated information at any time.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in our Privacy Policy and to comply with our legal obligations. Specific retention periods include:
Account data: While your account is active plus reasonable period after closure
Generated thumbnails and content data: Duration needed to provide services unless deletion is requested
YouTube thumbnails: Stored for your access unless you request deletion
We implement appropriate technical and organizational security measures to safeguard your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access:
Encryption of data in transit and at rest
Access controls and authentication systems
Regular security assessments and updates
Secure content generation environments
Staff training on data protection principles
If you believe we are processing your personal data in a way that infringes upon your rights or violates the GDPR, we encourage you to contact us first using the details provided below.
We are committed to resolving any concerns you may have about our data processing practices. Please reach out to us at support@thumbsupme.app and we will work to address your concerns promptly.
You also have the right to lodge a complaint with a supervisory authority in the EU/EEA Member State where you live, work, or where the alleged infringement of data protection law has taken place. You can find your local data protection authority through the European Data Protection Board website.
We will cooperate fully with any supervisory authority investigations and work to resolve any identified issues.
For any questions about this GDPR Compliance Statement, to exercise your rights, or to raise concerns about our data processing practices, please contact us:
We will respond to your GDPR-related requests within one month of receipt, and will provide updates if additional time is needed for complex requests.
This GDPR Compliance Statement is part of our commitment to data protection and privacy rights for all EU/EEA residents using ThumbsupMe.