home Home search Search groups Artists
← Home 한국어

Privacy Policy

Last updated: 2026-04-19 · Effective: Store publication date (TBD)

Tintpop ("the Service") is a browser extension and website that provides real-time synchronized lyrics for YouTube videos. This policy explains what personal information we collect, how we use and retain it, and when it is deleted.

1. Information We Collect

  • Google account: email, display name, profile image (when signing in with OAuth)
  • YouTube metadata: video ID, title, channel name, artist and track name of the currently playing video
  • Playback events: start/end of playback, sync offset adjustments, lyric matching results
  • Bookmarks and recent history: songs you save and your playback history
  • Device identifier: an anonymous client ID used to prevent duplicate aggregation

2. Purpose of Collection

  • Automatic matching of YouTube videos with lyrics and improving sync quality
  • Synchronizing bookmarks and recent history across devices per account
  • Aggregating community contributions such as offset adjustments and part tagging
  • Providing popular song recommendations and statistics

3. Retention Period

  • Playback analytics events (for lyric matching quality — playback end signals, manual selections, "no lyrics" reports, re-requests, sync confidence measurements): automatically deleted after 7 days
  • Playback history (used to show your own recent plays): automatically deleted after 30 days
  • Edit history (used for clustering multilingual track and artist names; contains no personally identifiable information): retained indefinitely
  • Bookmarks: retained until the account is deleted
  • Google account information: deleted immediately upon account deletion
  • Sync offset contributions: retained indefinitely after anonymous aggregation (community asset)

Automated deletion runs once per day via a Cloudflare Workers cron job.

4. Third-Party Services

The Service forwards the minimum information required to the following external services for lyric matching:

  • NetEase Music / LRCLIB: lyric search (track and artist names)
  • iTunes Search API: track metadata matching
  • Google Gemini API: lyric translation (lyric text)
  • Google OAuth: authentication

We do not sell or otherwise provide personal information to any other third party.

5. Storage Location

  • Cloudflare Workers — API request handling and caching
  • Turso (libSQL) — account, bookmark, and event database
  • Local browser storage — settings and caches (localStorage, chrome.storage)

6. Your Rights

  • Access / correction: review bookmarks and account information from the extension's settings panel
  • Deletion: PiP Settings → Account accordion → Delete button removes your account and all related data
  • Withdrawal: revoke Tintpop's OAuth permission from your Google account settings
  • Data export: not currently offered; available on request via email

7. Cookies and Local Storage

The Service stores a session JWT in localStorage and user preferences in chrome.storage. It does not use third-party analytics or advertising cookies.

8. Security

All communication is encrypted over HTTPS. OAuth tokens are not stored on our servers, and session JWTs have an expiration time.

9. Operator & Contact

10. Changes to This Policy

If this policy is amended, we will post a notice on the website and in extension release notes at least 7 days in advance.