ytLove

Privacy Policy

Owner: HarbyAppsLast Updated: August 28, 2025

This Privacy Policy applies exclusively to the ytLove mobile application developed and published by HarbyApps. By using the application, you are deemed to have accepted the terms of this policy.

1. Purpose of the Policy

This policy explains how personal, device, and security-signal data collected during the use of the ytLove application is securely processed, stored, used, and, when necessary, shared in accordance with legal regulations.

2. Data Collected

2.1. Device and System Data

  • Device name, brand, model
  • Android version
  • Hardware ID (HWID), Android ID, MAC address
  • Build information (PRODUCT, MANUFACTURER, BRAND, DEVICE, MODEL, HARDWARE, FINGERPRINT)
  • OpenGL renderer info
  • App version
  • IP address and network provider
  • Session data during app use
  • Network connection status

2.2. User Account Data

  • Email address used for Google Sign-In
  • Name, surname, and profile photo from Google Account
  • YouTube channel name and channel ID
  • Videos watched, likes, and completed tasks

2.3. App Usage Data

  • Task completions and earned coin history
  • In-app purchases and subscriptions (via Google Play)
  • App navigation and behavior logs
  • Notification logs and usage duration
  • Firebase analytics, crash, and messaging logs

2.4. Security Signals & Device Integrity Data

Collected to detect abuse and ensure fair use of the service:

  • Network indicators: VPN active, proxy enabled, transport type (Wi-Fi, Cellular, Ethernet, VPN, Bluetooth), interface summary
  • Tethering indicators: USB tether, Bluetooth tether, PC tether likelihood
  • Root/emulation: rooted status, emulator score, build tags/props summary
  • System/debug: ADB enabled, ADB over TCP, app debuggable flag
  • Accessibility risk: suspicious accessibility services (e.g., auto-click/macro apps)
  • Graphics/runtime: GL renderer string
  • Summaries/IDs: build summary, Android ID, app version

Only boolean/score/summary values are collected. No personal content, keystrokes, or unrelated app data are captured.

2.5. Optional Data (with user permission)

  • Notification permission

3. Purposes of Data Use

  • Improving app performance and user experience
  • Operating the task system and preventing abuse
  • Detecting and mitigating fraudulent activity (multi-account, automation, emulators, VPN/proxy misuse)
  • Authenticating users via Google Sign-In
  • Displaying relevant content
  • Promoting user channels and videos within YouTube's policies
  • Error tracking, debugging, and application security
  • Processing billing and subscriptions

4. Third-Party Services

ytLove integrates the following services securely:

  • Google Firebase (Auth, Crashlytics, Messaging, Analytics)
  • Google Sign-In
  • AdMob & Unity Ads (for ad delivery)
  • Google Play Billing (for purchases)

No personal data is sold or shared outside the purposes of providing the core service. Ad personalization: You can reset your Android Advertising ID and limit ad personalization via device settings (Google > Ads). Disabling personalization may reduce ad relevance but the app remains functional.

5. Anti-Fraud, Multi-Account, and Misuse Policy

  • Users creating more than 3 accounts from the same device or network (IP), or engaging in account farming (phone farms), may be permanently banned.
  • Emulator, virtual device, or modified APK usage is prohibited
  • VPN/proxy usage to manipulate location, device or traffic is restricted
  • Automatic clicking, watching, or subscribing actions (bots/macros) will result in termination
  • Abusing the coin/task system may lead to suspension and reversal of earned coins
  • Exploiting vulnerabilities may result in permanent suspension and legal action

Automated decisions: Security signals may be used to automatically suspend or block accounts/devices suspected of fraud. Users may request human review of such decisions (see Section 10).

6. Data Storage and Security

  • All user data is encrypted and stored on secure servers
  • Data shared with external services is governed by confidentiality agreements
  • Firebase crash and analytics logs are used only to improve the app
  • Regular security audits are performed
  • Ad identifiers and notification permissions follow Google’s standards

Security incident notice: In the event of a data breach affecting your rights, we will notify affected users and/or authorities as required by applicable law within a reasonable timeframe.

7. WebView, Cookies & Embedded Content

The app includes a WebView to load third-party pages (e.g., YouTube) for task verification and content retrieval. Within WebView:

  • Cookies: First-party and third-party cookies may be set and read (the app allows third-party cookies). You can clear cookies via device settings; disabling them may affect functionality.
  • JavaScript: JavaScript is enabled to ensure page functionality. The app injects limited scripts to verify task state (e.g., like/subscribe checks) and to fetch public metadata (e.g., channel/video info). We do not collect passwords, payment details, or the content of private communications.
  • Multiple windows and mixed content: The WebView may open pop-ups or mixed content necessary for the tasks. We do not control third-party pages and their privacy practices.
  • When you interact with third-party sites within WebView, your use is also governed by those sites’ privacy policies and terms.

8. International Data Transfers

Data may be transferred and processed outside your country (e.g., Firebase/Google servers in the United States). Such transfers are protected by Google’s Data Processing Terms and Standard Contractual Clauses to ensure compliance with applicable laws.

10. User Rights

In accordance with local and international data protection laws (e.g. GDPR, KVKK), the user has the right to:

  • Access their personal data
  • Request correction or deletion
  • Withdraw consent at any time
  • Object to automated decision-making and request human review
  • File a complaint with the relevant authority

Request handling: We verify requests via your account email. We respond within 30 days (extendable where permitted). Upon request, we provide a portable copy of your data (JSON/CSV) or delete/anonymize data unless retention is required by law or for security/fraud prevention.
Appeal process: If your account/device is suspended by automated fraud checks, you may request a human review by emailing info.ytlove@gmail.com with the subject “Appeal – Fraud Decision” and any relevant evidence (screenshots, device details).

11. Policy Updates

HarbyApps reserves the right to update this Privacy Policy at any time. The updated version becomes effective once published within the application. By continuing to use the application, the user is deemed to have reviewed and accepted the updated terms.

12. Scope and Enforcement

This policy is effective from the user's first use of the application. It is exclusive to the ytLove application and does not apply to other HarbyApps services.

13. Disclaimer and Liability Limitation

HarbyApps takes reasonable technical and organizational measures to protect user data. However, the company is not liable for:

  • Data loss, corruption, or leakage due to cyberattacks, system failures, or unforeseen circumstances
  • Unauthorized access caused by third-party breaches or force majeure events
  • Losses arising from user negligence, such as sharing login credentials

By using the ytLove application, the user agrees that HarbyApps cannot be held responsible for any indirect, incidental, or consequential damages resulting from data breaches, service interruptions, or loss of data.

14. Children's Privacy

The ytLove application is not intended for users under the age of 13. We do not knowingly collect personal information from children. If we discover that we have inadvertently gathered such information, we will take steps to delete it promptly. Parents or guardians who believe that their child has provided personal data may contact us to have the data removed.

15. Data Retention

User data is retained for as long as the application is available and operating. All collected data, including security signals and device integrity data, is stored for the lifetime of the service unless a longer retention period is required by law or legitimate business purposes. If the application or related services are discontinued, all data will be securely deleted or anonymized.

16. Legal Bases for Processing (GDPR)

  • Contractual necessity: account operation, task/coin system, billing
  • Legitimate interests: security, fraud prevention, service integrity, analytics limited to service improvement
  • Consent: notifications and permission-based features
  • Legal obligation: responding to lawful requests from authorities

17. California Privacy (CCPA/CPRA)

For California residents, we do not “sell” or “share” personal information as defined by the CPRA. We process ad-related identifiers only to deliver and measure ads. You may request:

  • Access/Deletion: See Section 10 for data subject requests.
  • Opt-out of sharing: Email us with the subject “CPRA Opt-Out”. We will apply your preference to ad personalization where applicable.
  • We do not use or disclose sensitive personal information for purposes that require a “Limit the Use of My Sensitive Personal Information” link.