Privacy Policy ⚠️

Effective Date: October 19, 2025 — Version: 3.1 | view logs

This Privacy Policy explains how AposTube (“we”, “our”, “us”) collects, uses, stores, shares and protects personal information when you visit apostube.com, create an account, or use our services. If you have questions or want to exercise your data rights, see the Contact Us section below.

1. Scope & Definitions

This Policy applies to visitors, registered users, customers, and individuals who contact or interact with AposTube. “Personal Data” means any information relating to an identified or identifiable natural person.

2. Categories of Information We Collect

a) Device & Browsing Information

  • IP address, browser type, language, time zone, device model, and OS.
  • Referring websites, pages viewed, time on page, and interaction data.
  • Cookies, web beacons, pixels, and similar tracking technologies.

b) Order Information

  • Full name, billing & shipping addresses, payment details (processed by third parties), email, phone, and purchase history.

c) Account Information

  • Username, hashed password, preferences, and account activity.

d) Communications & Marketing

  • Email preferences, contact details, and consent logs.

e) Sensitive Information

We do not intentionally collect sensitive personal data. If we ever need to, we will request explicit consent and apply additional safeguards.

3. How We Collect Information

We collect data via direct interactions (account registration, purchases, support), automated technologies (cookies, analytics), third-party integrations (payment & marketing providers), and communications (email, chat).

4. Legal Bases for Processing (EEA/UK residents)

  • Contractual necessity: to perform a contract or process orders.
  • Consent: for marketing and non-essential cookies.
  • Legitimate interests: to improve services, secure the platform, prevent fraud (balanced with user rights).
  • Legal obligation: to comply with tax or regulatory requirements.

5. How We Use Your Information

  • Process and deliver orders and payments.
  • Manage accounts and provide customer support.
  • Communicate updates, notices, and confirmations.
  • Detect fraud, improve security, and maintain platform integrity.
  • Conduct analytics and personalize content and recommendations (subject to consent where required).
  • Comply with legal obligations and enforce our terms.
  • Send marketing communications (only with consent where required).

6. Cookies & Tracking Technologies

We use cookies to enable essential functionality, improve performance/analytics, remember preferences, and support advertising where applicable. Cookie controls are available via our cookie banner or your browser settings. Refer to our Cookie Policy for details.

7. Sharing & Disclosure of Personal Information

We may share your data with trusted third parties, including:

  • Analytics providers (e.g., Google Analytics) to measure site usage.
  • E-commerce & payment processors (e.g., Shopify, Stripe, PayPal).
  • Shipping providers to deliver orders.
  • Marketing/email service providers (with your consent).
  • Professional advisors (legal, tax, accounting).
  • Authorities where required by law.

All processors operate under Data Processing Agreements (DPAs) and contractual safeguards to protect your data and support GDPR compliance.

8. Data Retention

We retain personal data only as long as needed for the purposes described or as required by law. Representative retention periods are as follows:

Order fulfillment & legal compliance: Name, address, transaction data — retained for up to 7 years.

Account management: Username and preferences — retained until account deletion plus 1 year.

Analytics: Anonymized IP and session data — retained for up to 24 months.

Marketing: Contact details and consent logs — retained until consent is withdrawn.

Customer support: Emails and support tickets — retained for 2–5 years.

Security logs: IP addresses and timestamps — retained for up to 12 months.

After retention periods expire, data is securely deleted or anonymized. Backup copies may be retained briefly for disaster recovery and legal compliance.

9. International Data Transfers

Your data may be processed outside your jurisdiction (e.g., the United States or Canada). We protect transfers via EU Standard Contractual Clauses (SCCs), DPAs, and adequacy decisions where available.

10. Security Measures

We implement technical and organizational measures including TLS (HTTPS), access controls, MFA for admins, encryption at rest where applicable, vulnerability assessments, incident response plans, and PCI DSS compliance for payments (we do not store raw card data).

In case of a breach we will notify competent authorities within 72 hours where required and inform affected users without undue delay.

11. Your Data Protection Rights

Depending on your location, rights may include:

  • Access to your personal data;
  • Rectification of inaccurate data;
  • Erasure (“right to be forgotten”);
  • Restriction or objection to processing;
  • Data portability;
  • Withdrawal of consent at any time;
  • Right to lodge a complaint with your DPA.

California residents also have CCPA/CPRA rights such as the right to know, delete, and opt out of selling/sharing data (we do not sell personal data).

12. Exercising Your Rights & Account Deletion

To exercise rights, contact us at info@apostube.com. We will respond within applicable legal timeframes (typically 30 days). To request account deletion, visit https://apostube.com/delete-my/. Deletion requests are typically completed within 30 days, subject to legal exceptions.

13. Automated Decision-Making & Profiling

We may use automated systems for analytics, personalization, or marketing. These do not produce legal or similarly significant effects on you. Where applicable you may request human review or opt out of profiling-based processing.

14. Children’s Privacy

Services are not intended for children under 13. We do not knowingly collect personal data from children. If you suspect a child has submitted data without consent, contact us to request removal. Users aged 13–17 must obtain parental/guardian consent before using the site.

15. Data Deletion & Anonymization

When personal data is no longer necessary we delete or anonymize it securely. Backup copies may be retained for limited periods for recovery or compliance.

16. Consent Management

We keep logs of consent for cookies, marketing, and specific processing activities. You may withdraw consent through links in our emails or by contacting us directly.

17. Advertising & Third-Party Marketing

Advertising partners may use cookies or similar technologies. You can opt out of personalized ads via cookie settings or industry opt-out tools (YourAdChoices, NAI). We do not sell your personal data.

18. Third-Party Links

Our site may link to external websites. We are not responsible for their content or privacy practices — please review their policies before sharing personal data.

19. Updates to This Policy

We may update this Policy to reflect legal, technical, or operational changes. Significant updates will be announced by email or site notice, and the new Effective Date will be posted.

20. Contact Us / Data Protection

If you have questions, concerns, or requests, contact us:

Email: info@apostube.com
Contact form: https://apostube.com/contact/

21. Processor Agreements & Guarantees

Vendors processing data on our behalf are contractually required to implement appropriate security measures, process data only per our instructions, notify us of incidents, and assist with data subject requests.

22. Illustrative Use Cases

  • Order Fulfillment: Data shared with payment & courier providers to complete deliveries.
  • Customer Support: Access to past orders and communications to resolve requests.
  • Personalization: Usage analysis to recommend relevant content or products (consent where required).

23. Legal Disclaimer

This Policy is not legal advice. Consult a qualified privacy attorney to ensure compliance with applicable laws before publishing or implementing.

24. Internal Governance

We maintain a Record of Processing Activities (ROPA), incident response plans, encryption & access control standards, DPAs with subprocessors, consent audit logs, and staff privacy training.

25. Sample Response Template (Data Requests)

Subject: Your Data Request under the AposTube Privacy Policy
Dear [User Name],
We have received your request regarding [access / deletion / correction] of your personal data on [date]. We will process your request within 30 days in accordance with applicable data protection laws. To verify your identity, please confirm [email or additional identifying information].
Sincerely,
AposTube Privacy Team — info@apostube.com

26. Final Notes

This Privacy Policy reflects AposTube’s commitment to transparency and protection of user data. We continuously review and improve our practices to meet evolving standards.

Contact the Privacy Team

Last updated: October 19, 2025. If you need a machine-readable or printable PDF/plain-text version, contact us at info@apostube.com.