Privacy Policy
This Privacy Policy explains how HippoDailyVibes ("HippoDailyVibes", "we", "us", or "our") accesses, uses, and protects data when it publishes its creator's own short-form videos to the creator's own social media accounts. It applies to the publishing tool operated at hippo.day and the connected platform accounts it posts to.
1. Who we are (data controller)
HippoDailyVibes is a personal automation tool run by an independent solo creator based in Valencia, Spain (European Union). Because we operate from the EU, the General Data Protection Regulation (GDPR) applies. We act as the data controller for the data described below.
- Service: HippoDailyVibes
- Website: https://hippo.day
- Location: Valencia, Spain (EU)
- Contact: privacy@hippo.day
2. What data we access and why
HippoDailyVibes is a self-publishing tool. It only connects to the creator's own social media accounts to upload the creator's own comic and animation videos. It does not collect data from third-party end users or members of the public. For each connected platform we access the minimum data needed to publish:
YouTube (YouTube Data API)
We access the connected Google account's YouTube channel ID and channel name and the videos uploaded by the app. This data is used solely to upload and manage the creator's own videos on the creator's own channel.
TikTok (Login Kit + Content Posting API)
We access the connected TikTok account's basic profile (open ID, display name, avatar) and the videos posted on the creator's behalf. Posting is performed on the creator's behalf via TikTok's Content Posting API.
Instagram & Facebook (Instagram Graph API + Facebook Login)
We access the connected Instagram Business/Creator account ID and username, the linked Facebook Page, and the Reels/media published through the app. This data is used solely to publish the creator's own videos to the creator's own Instagram account.
OAuth tokens
To maintain these connections, we store the OAuth access and refresh tokens issued by each platform. Tokens are used only to keep the publishing connection active and are never used for any other purpose.
3. How we use data
We use the data above for one purpose only: to schedule and publish the creator's own videos to the creator's own connected accounts. Specifically:
- We do not sell your data.
- We do not use your data for advertising or profiling.
- We do not share your data beyond what is strictly necessary to publish to the connected platforms.
4. Third parties and sub-processors
To publish content, data flows to the official platform APIs you connect:
- Google / YouTube — to upload and manage videos on your YouTube channel.
- TikTok / ByteDance — to post videos via the Content Posting API.
- Meta (Instagram & Facebook) — to publish Reels/media to your Instagram account.
The publishing backend runs on the operator's own private infrastructure, and the public website at hippo.day is hosted on Cloudflare. We do not provide your data to advertisers, data brokers, or other third parties.
5. Data retention and deletion
We keep OAuth tokens and connection metadata only for as long as the account stays connected and the service is in use. When you disconnect an account or request deletion, the associated tokens and metadata are deleted.
To revoke access or request deletion of your data, email privacy@hippo.day and we will delete the stored tokens and connection metadata for the account(s) you specify. You can also revoke the app's access directly on each platform:
- Google / YouTube: https://myaccount.google.com/permissions
- TikTok: Settings → Security & permissions → Manage app permissions
- Meta: https://www.facebook.com/settings?tab=business_tools
6. Security
We protect connection data with reasonable technical safeguards. OAuth tokens are stored encrypted at rest, we request the least-privilege scopes required to publish, and access to stored credentials is restricted to the operator. No method of storage or transmission is 100% secure, but we take appropriate measures to protect your data.
7. Your rights
Under the GDPR you have the right to access, rectify, erase, and port your data, and to restrict or object to its processing. If you are a California resident, the CCPA gives you the right to know what personal information is collected and to request its deletion; we do not sell personal information. To exercise any of these rights, contact privacy@hippo.day.
8. Children
HippoDailyVibes is a personal publishing tool and is not directed to children under 13 (or under 16 where a higher age applies). We do not knowingly collect personal data from children.
9. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and post the new version at https://hippo.day/privacy. Material changes will be reflected on this page.
10. Platform disclosures
HippoDailyVibes uses YouTube API Services. By using the YouTube-connected features you also agree to the YouTube Terms of Service. Google's handling of your data is described in the Google Privacy Policy. You can revoke this app's access to your Google account at any time via https://myaccount.google.com/permissions.
For TikTok, we access only your basic profile and the videos posted on your behalf, and all posting is performed on your behalf through TikTok's Content Posting API. For Meta, we use your Instagram Business/Creator account ID and username, your linked Facebook Page, and the media published through the app solely to publish your own content; you can request deletion of this data at any time by emailing privacy@hippo.day.
11. Contact
For any privacy question or request, contact us at privacy@hippo.day.