Last updated: April 26, 2026 · Service: twitch-clips-postiz · Operator: individual developer (Helsinki, Finland) · Contact: support@webscenen8n.xyz
1. Who we are
twitch-clips-postiz ("the Service", "we", "us") is an automated content-clipping and republishing tool for Twitch streamers. The Service extracts highlight moments from a creator's own Twitch livestream recordings, renders them into vertical short-form videos, and publishes them to the same creator's social-media accounts (TikTok, YouTube Shorts, Instagram Reels, etc.) via the official APIs of those platforms.
The Service is operated by an individual developer for personal and small-scale use. It is not a registered business entity.
2. What data we collect
We collect only the minimum data required to operate the Service:
OAuth access & refresh tokens issued by TikTok, YouTube, Instagram, etc. when a user connects their account. Stored encrypted at rest in our PostgreSQL database.
Platform-side identifiers (e.g. TikTok open_id, YouTube channel ID, integration ID returned by Postiz). Used solely to attribute future API calls to the correct connected account.
Display name and profile picture URL as returned by the platform after OAuth. Shown in our internal dashboard so the user can confirm which account is linked. Never displayed publicly.
Post identifiers (the ID returned by the platform when our service publishes a clip). Used to track delivery success and, optionally, to fetch publicly-available aggregate statistics (follower count, total views) shown only to the connected user.
Twitch stream recordings belonging to the connected user, processed transiently on our server, deleted after a clip is generated and uploaded to the destination platform.
We do not collect: email addresses, phone numbers, payment data, browsing history, location data, biometrics, or any data about viewers/audience of the published content.
3. How we use the data
To authenticate API calls to TikTok, YouTube, Instagram on behalf of the connected user.
To upload the user's own clip to the user's own connected social account.
To display delivery status and follower/view counts in the user's private dashboard.
To investigate platform-side errors (e.g. rate-limit responses) for debugging.
We do not use the collected data for advertising, profiling, or any third-party analytics. We do not sell, rent, or share the data with any third party.
4. Data retention
OAuth tokens: retained as long as the user keeps the integration active. Deleted within 24 hours of the user disconnecting.
Source stream recordings: deleted within 1 hour of clip extraction.
Generated clips: deleted within 7 days of publication.
Aggregate stats history (follower count snapshots): retained for up to 180 days for trend visualisation, then auto-pruned.
5. Data sharing with third parties
The Service uses the following sub-processors strictly to deliver the user's own content to platforms the user has connected:
TikTok (Content Posting API) — receives the video file and caption when the user publishes a clip.
Google / YouTube (YouTube Data API v3) — receives the video file and metadata when the user publishes to a YouTube channel.
Meta (Instagram Graph API) — receives the video file when the user publishes to Instagram.
DeepSeek AI — receives a short text excerpt (Whisper transcript of the clip) for caption generation. No personal data is sent.
OpenAI Whisper (locally-hosted, no data sent externally) — speech-to-text transcription.
Telegram Bot API — used by the operator to receive admin alerts about service health. No user data passes through.
Each platform's privacy policy applies to the data it receives. We are not responsible for how platforms handle data on their end.
Request deletion of all data we hold about your account by emailing support@webscenen8n.xyz. We respond within 7 days.
Export the post history we have for you (JSON) — same email.
7. Security
OAuth tokens and database credentials are stored on a private VPS hosted by Aeza (Helsinki, EU). All web traffic is served over TLS via Let's Encrypt certificates. Database access is restricted to the Service application; no external connections are accepted.
8. Children's privacy
The Service is not directed at children under 13. We do not knowingly collect data from minors. If you believe a minor connected an account, contact us and we will delete the data immediately.
9. Changes to this policy
We may update this policy. The "Last updated" date at the top will reflect changes. Material changes will be communicated via email to active users when feasible.