Privacy Policy

Last updated: May 9, 2026

HitOrNot ("we", "our", or "us") is operated by District Digital and is available at hitornot.io. This policy explains what personal data we collect, why we collect it, how we use it, and your rights over it.

1. What We Collect and Why

Google account information (when you sign in):

Name, email address, and profile picture — used to create and identify your account.
Legal basis (GDPR): performance of a contract (providing the Service to you).

YouTube channel data (only when you choose to connect YouTube Studio):

Channel name and subscriber count
Video titles, view counts, watch time, click-through rate, and average view percentage
Fetched via YouTube Data API v3 and YouTube Analytics API v2.
Used solely to calibrate prediction scores to your channel's performance history. Never shared or used for any other purpose.
Legal basis (GDPR): your explicit consent, given when you initiate the YouTube Studio connection.

Prediction inputs (when you use the tool):

Video ideas, titles, scripts, and thumbnail images you submit
Calibrated prediction scores generated by our model and accompanying analysis text
Thumbnail images are processed transiently to generate a numerical embedding feature for our own prediction model (the model that produces the 0–100 score) and are also sent to Anthropic's Claude for vision-based review that informs the qualitative analysis text accompanying your score. Anthropic does not generate the score itself. Raw thumbnail bytes are not retained server-side after the prediction completes; only the resulting numeric embedding is stored alongside your prediction record.
Thumbnail images are also temporarily held in your browser's session storage so you can iterate on title variations without re-uploading the image. They are cleared automatically when you close the browser tab.
Legal basis (GDPR): performance of a contract.

Payment information (if you upgrade to Pro):

Processed entirely by Stripe. We receive only a customer ID and subscription status — never your card number or full payment details.
Legal basis (GDPR): performance of a contract.

Session data:

A secure, randomly generated session token stored as an HTTP-only cookie to keep you signed in for up to 30 days. This is a strictly necessary cookie — it is required for the Service to function and does not track you across other websites.
Legal basis (GDPR): legitimate interest (secure account access).

2. How We Use Your Data

To provide and operate the Service
To calibrate prediction accuracy using your channel data (only if you connect YouTube Studio)
To manage your account and subscription
To contact you about your account or significant changes to this policy

We do not use your data for advertising. We do not sell your data to third parties. We do not share your data with Anthropic or any third party to train external AI models. We do use aggregated prediction feedback (actual view counts you voluntarily submit) to improve our internal ML scoring model — this data is not linked to your identity in the model.

3. YouTube API Services and Google User Data

HitOrNot uses YouTube API Services. By connecting your YouTube account, you also agree to:

Limited Use: HitOrNot's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we:

Use Google user data only to provide and improve user-facing features that are prominent in the HitOrNot interface (calibrating prediction scores against your channel's history).
Do not transfer Google user data to third parties except as necessary to operate the Service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with user notice.
Do not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
Do not allow humans to read Google user data unless we have your affirmative consent for specific items, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data is aggregated and used for internal operations in accordance with applicable privacy laws.
Do not transfer Google user data to, or use it to create, train, or improve, any generalized or foundational AI/ML model, including any third-party large-language model. We do not share Google user data with Anthropic or any other AI provider, including for model training.
As a permitted user-facing use, we may use aggregated YouTube Studio analytics from consenting users (video titles, view counts, click-through rate, average view percentage, watch time, and publish dates from connected channels) to train and refine HitOrNot's own narrow, niche-specific video-scoring model. This model is purpose-built solely for the YouTube performance prediction feature that the user enables by connecting Studio. It is not a generalized or foundational AI model and is not a large-language model. It runs entirely on HitOrNot's own servers, is never transferred to or shared with any third party, and its outputs are returned only to authenticated HitOrNot users requesting predictions for their own video ideas. Individual users' rows are not identifiable in model parameters or outputs.

You can revoke HitOrNot's access to your YouTube data at any time by visiting your Google Account permissions page and removing HitOrNot. To delete data already stored, use the in-app "Delete account" option in your account settings — this immediately removes all of your personal data and revokes any stored Google tokens. You can also email info@districtdigital.co to request deletion.

4. Data Storage and International Transfers

Your data is stored in a managed PostgreSQL database hosted on Railway. The Service itself is also hosted on Railway. We call Anthropic's API to produce the qualitative analysis text and vision-based thumbnail review that accompany the prediction (see Section 1 for the role of each system). These providers are based in or process data in the United States.

If you are located in the European Economic Area (EEA) or United Kingdom, your data is transferred to and processed in the United States. We rely on Standard Contractual Clauses or the Data Privacy Framework where applicable for such transfers.

We retain your data for as long as your account is active, or as necessary to comply with legal obligations. Upon account deletion, your personal data is deleted within 30 days, except where retention is required by law.

5. Security

We protect your data with the following measures:

Transport encryption: All traffic between your browser and HitOrNot is served over HTTPS (TLS 1.2+). HTTP requests are redirected to HTTPS.
OAuth tokens: Google access and refresh tokens are stored server-side in our database, are never exposed to client-side code, and are never returned in any API response. They are used solely to call YouTube APIs on your behalf.
Sessions: We use randomly generated session tokens (256-bit) stored as HTTP-only, Secure, SameSite=Lax cookies. Each browser/device receives its own session, so signing in on one device does not invalidate other active sessions. JavaScript on the page cannot read the session cookie, which mitigates session-theft via XSS.
Database access: The database is reachable only from our application servers; it is not exposed to the public internet. Provider-managed encryption-at-rest is enabled by our database host (Railway).
Payments: Card details are entered directly on Stripe-hosted infrastructure and are never seen, stored, or transmitted by HitOrNot.
Error monitoring: When errors occur we send minimal diagnostic context to Sentry. Personally identifiable information, request bodies, cookies, OAuth tokens, video titles, and channel analytics are scrubbed before transmission.
Operational access: Access to production data is limited to the application code itself and to a small number of administrative endpoints used for system health and ML training. We do not browse user data; the only times humans inspect Google user data are (a) with your affirmative consent for a specific item, (b) when investigating a security incident or abuse, (c) when required by law, or (d) when the data has been aggregated for internal operations consistent with applicable privacy laws.

No system is perfectly secure. Section 10 below explains how we will notify you in the event of a data breach.

6. Third-Party Services

Service	Purpose	Their Privacy Policy
Google / YouTube	Authentication and channel analytics	policies.google.com/privacy
Google Analytics (GA4)	Aggregate usage analytics (pages visited, session counts)	policies.google.com/privacy
PostHog	Product analytics (feature usage, event tracking)	posthog.com/privacy
Anthropic	Qualitative analysis text and thumbnail vision review (not the score itself)	anthropic.com/privacy
Stripe	Payment processing	stripe.com/privacy
Sentry	Error monitoring and crash reporting	sentry.io/privacy
Railway	Application and database hosting	railway.app/legal/privacy

7. Your Rights

Depending on your location, you may have the following rights:

Access — Request a copy of the personal data we hold about you.
Rectification — Request correction of inaccurate data.
Erasure — Request deletion of your account and all associated personal data.
Portability — Request your data in a structured, machine-readable format.
Restriction — Request that we limit processing of your data in certain circumstances.
Objection — Object to processing based on legitimate interest.
Withdraw consent — Revoke YouTube access at any time via Google Account permissions.

To exercise any of these rights, email info@districtdigital.co. We will respond within 30 days. EEA/UK users also have the right to lodge a complaint with their local data protection authority.

8. California Privacy Rights (CCPA)

California residents have the right to know what personal information we collect, the right to request deletion, and the right to non-discrimination for exercising these rights. We do not sell personal information. To exercise your California rights, email info@districtdigital.co.

9. Cookies and Analytics

Strictly necessary: We use one session cookie (HTTP-only, secure) to keep you signed in for up to 30 days. Clearing it or signing out ends your session.

Analytics: We use Google Analytics (GA4) and PostHog to understand aggregate usage — pages visited, feature usage, and session counts. These services may set their own cookies (e.g. _ga, ph_*). The data collected is anonymised where possible and is not used to identify you individually or for advertising. You can opt out of Google Analytics via the Google Analytics Opt-out Browser Add-on.

We do not use advertising cookies or sell cookie data to any third party.

10. Data Breach Notification

In the event of a data breach that affects your personal data, we will notify affected users and, where required, the relevant supervisory authorities, within the timeframes required by applicable law (72 hours under GDPR where applicable).

11. Children's Privacy

HitOrNot is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal data from anyone under these ages. If you believe a minor has provided us their data, contact us and we will delete it promptly.

12. Changes to This Policy

We may update this policy. We will notify you of significant changes by email or via a notice in the app. The "Last updated" date at the top indicates when the policy was last revised. Continued use of the Service after changes are posted constitutes acceptance.

13. Contact

Questions about this policy? Email us at info@districtdigital.co.