Privacy Policy

Last updated: May 16, 2026

This Privacy Policy explains how LightLoop ("we", "us", or "our") collects, uses, stores, and protects your information when you use our media management and playback platform.

1. Information We Collect

When you use LightLoop, we collect and process the following types of information:

• Google Account Information: When you sign in with Google, we receive your name, email address, and OAuth tokens. This is used solely for authentication and to access your Google Drive for media storage.
• Media Metadata: We store information about your uploaded files (names, types, sizes, durations, thumbnails) in our Cloudflare-based infrastructure to power the dashboard and playback experience.
• Session Data: Authentication session tokens are stored securely to keep you signed in. Sessions expire after 30 days.
• Feed Identifiers: Short codes used by Apple TV devices to access playlists. These are stored in our database.
• Usage Data: We may collect anonymized usage statistics to improve the Service. This does not include personal information or media content.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve LightLoop
• Authenticate users and manage access
• Enable media upload, organization, and playback
• Push real-time updates to connected Apple TVs
• Communicate with you about the Service
• Detect and prevent fraud, abuse, or security issues

3. Data Storage & Infrastructure

LightLoop is built on Cloudflare's infrastructure. Your data is stored as follows:

• Media Files: Stored in your own Google Drive account. We do not store original media files on our servers.
• Metadata & Thumbnails: Stored in Cloudflare D1 and R2 within your deployment region.
• Sessions: Stored in Cloudflare KV with expiration.

4. Third-Party Services

LightLoop integrates with the following third-party services:

• Google (OAuth & Drive API): Used for authentication and media file storage. Subject to Google's Privacy Policy.
• Cloudflare (Workers, D1, R2, KV, Durable Objects): Provides the infrastructure for the application. Subject to Cloudflare's Privacy Policy.

5. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. We only share data with infrastructure providers as necessary to operate the Service, or when required by law.

Media content within feeds is accessible to anyone who knows the feed's short code. Treat feed codes with the same care as you would a shared link.

6. Companion App Data

LightLoop includes two companion apps that operate independently of the web dashboard and do not transmit data to LightLoop servers.

LightLoop (Apple TV / tvOS): The tvOS app stores the following data locally on the Apple TV device:

• Server URL and feed ID (persisted in UserDefaults)
• Cached media files (stored in the device's Caches directory, subject to system eviction)

No personal information is collected from Apple TV viewers. The tvOS app does not require authentication.

LightLoop Remote (iOS): The iOS companion app is a local network controller for the Apple TV app. It stores the following data locally on the device and does not transmit any data to LightLoop servers:

• The display name of the last connected Apple TV device (persisted in UserDefaults for auto-reconnect). This name is provided by Apple's Multipeer Connectivity framework and is the device's local network name.

Local Network Access: LightLoop Remote uses Apple's Multipeer Connectivity framework to discover and communicate with nearby Apple TV devices running LightLoop. This requires the Local Network permission on iOS. All communication occurs exclusively within your local network — no data is routed through LightLoop servers or the internet. Your device's local network name is used as a peer identifier during these sessions and is not stored or shared beyond the local session.

LightLoop Remote does not require a LightLoop account, does not collect personal information, and does not transmit any data outside your local network.

7. Data Retention & Deletion

You have control over your data:

• Media can be deleted from the web dashboard at any time (removes metadata from our systems and files from your Google Drive, if selected)
• Account data can be removed by request
• Apple TV caches can be cleared by disconnecting from a feed or reinstalling the app

We retain anonymized usage data indefinitely for analytical purposes.

8. Security

We use HTTPS for all communications, OAuth 2.0 for authentication, and industry-standard practices to protect your data. However, no method of transmission over the Internet or electronic storage is 100% secure.

9. Children's Privacy

LightLoop is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated date. Continued use of LightLoop after changes constitutes acceptance of the updated policy.