Skip to content
NJAC Logo
NJAC

Privacy Policy – StreamNexus (SN)

Effective Date: April 24, 2026

YouTube API Services Use
This application uses YouTube API Services. By using this application, you agree to be bound by the YouTube Terms of Service. You can review Google's privacy policy at https://policies.google.com/privacy.

NJAC (“we”, “our”, or “us”) respects your privacy and is committed to protecting your information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our software and services.

1. Information We Collect

a) Information You Provide

  • Name (if provided during purchase)
  • Email address (if provided)
  • Phone number (if provided)

b) Payment Information

Payments are processed securely via third-party providers such as Razorpay. We do not store:

  • Card details
  • Banking credentials
  • UPI PINs

We may store:

  • Payment ID
  • Transaction status

c) Device & License Data

  • License key
  • Device ID
  • License status
  • Expiry timestamp

2. How We Use Your Information

  • Process and verify payments
  • Generate and manage licenses
  • Activate software access
  • Prevent fraud or misuse
  • Provide support

We do not use your data for advertising or profiling.

3. Data Storage

Your data is stored securely using trusted cloud infrastructure. We take reasonable steps to protect it from unauthorized access.

4. Data Sharing

We do not sell or rent your data.

Data may be shared only with:

  • Payment providers (to process transactions)
  • Infrastructure providers (for storage and delivery)

5. Data Retention

  • Payment records: retained for verification
  • License data: retained during validity
  • Expired data may be deleted periodically

6. Your Rights

  • Access your data
  • Request correction or deletion
  • Withdraw consent (if applicable)

Contact us at: njac@tuta.io

7. Security

We use standard security practices, but no system is completely secure.

8. Data Protection Mechanisms (How We Protect Your Data)

I treat the protection of your data as a core responsibility. As the sole developer of StreamNexus, I’ve put several technical and organisational measures in place to keep all user data safe — especially sensitive data accessed through Google API Services.

Technical Protections:

  • Auth Token Encryption: Authentication tokens obtained via Google OAuth are encrypted using a dedicated encryption mechanism before they are ever stored. Even if someone gained access to the raw storage, the tokens would remain unreadable.
  • Encryption in Transit: All data moving between your device and StreamNexus is encrypted with HTTPS (TLS), so it cannot be intercepted while in transit.
  • Secure Storage at Rest: Sensitive data that is stored is kept in an encrypted format within my hosting environment, using strong encryption standards such as AES-256.
  • Access Control: I’m the only person with access to the production environment and the stored data. Access credentials are protected by strong, unique authentication and are never shared.
  • Secure Coding & Maintenance: I follow secure development practices, keep software dependencies up to date, and review my code for potential vulnerabilities.

Organisational Protections:

  • No Data Sharing — Period: I do not share, sell, or transfer any personal data or Google user data to any third party. All data stays inside StreamNexus and is used exclusively to provide the app’s functionality.
  • Limited Use of Google Data: Any information received from Google APIs is used strictly in compliance with the Google API Services User Data Policy, including the Limited Use requirements. I do not read or access your Google data for any purpose beyond what’s needed to make StreamNexus work.
  • Incident Response Plan: If a data breach ever occurs, I have a plan in place to quickly assess the situation, contain the impact, and notify affected users (and Google, when required) within 72 hours.
  • Data Retention & Deletion: I only keep user data for as long as I need it to run the service — as described in Section 5 (Data Retention). Once data is no longer needed, it is securely deleted.

Ongoing Monitoring:

I regularly monitor the app and the underlying infrastructure for unusual activity, and I review my security practices to stay ahead of new threats. No online service can be completely immune to risk, but I do everything reasonably possible to keep your data protected.

9. Children’s Privacy

SN is not intended for users under 13. We do not knowingly collect children's data.

10. Changes to This Policy

We may update this policy anytime. Changes will be reflected with a new effective date.

11. Contact

Email: njac@tuta.io

Summary

  • We collect minimal data
  • No payment credentials stored
  • Used only for licensing
  • No data selling

← Back to Home