Privacy Policy
Last Updated: February 1, 2026
1. Introduction
NextGenMe ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered coaching platform.
This policy complies with the General Data Protection Regulation (GDPR), Google OAuth and YouTube API Services User Data Policies, and other applicable data protection laws.
2. Information We Collect
2.1 Personal Information You Provide
We collect information that you voluntarily provide when using the service, including:
- Account Information: Name, email address, encrypted password
- Profile Data: Coaching preferences, goals, priorities, and settings
- Subscription Information: Billing details and payment information (processed securely by Stripe)
- Communication Data: Messages, conversations, voice recordings, and uploaded documents
2.2 Google & YouTube Integration Data
When you choose to connect your YouTube account, NextGenMe accesses only the following data via YouTube API Services:
- Your YouTube subscriptions list
- Public video metadata (titles, descriptions, channel information, thumbnails)
We do not access, collect, import, or store:
- Watch history
- Liked or disliked videos
- Private playlists
- Video or audio content
- Comments or messages
- Google account passwords or credentials
2.3 Automatically Collected Information
We may collect limited technical data necessary to operate the service:
- Usage Data: Feature usage and session activity (non-Google data only)
- Device Information: Browser type, operating system, IP address
- Cookies: Authentication tokens and preference settings
3. How We Use Your Information
We use your information only for the following purposes:
- Service Delivery: Provide AI-powered coaching, chat responses, and personalized insights
- YouTube Integration: Analyze subscribed channel and video metadata to generate user-requested coaching insights
- Account Management: Create and maintain accounts and subscriptions
- Communication: Respond to inquiries, provide support, and send service-related notifications
- Security: Prevent fraud, abuse, and unauthorized access
- Legal Compliance: Meet regulatory obligations and enforce our Terms of Service
Important Restriction on Google User Data
Google and YouTube user data is used solely to provide user-requested functionality within the application.
We do not use Google user data for:
- Advertising or marketing
- Profiling or behavioral tracking
- Analytics unrelated to user-requested features
- Research or product development
- Training generalized AI or machine learning models
4. Legal Basis for Processing (GDPR)
We process personal data under the following lawful bases:
- Contract Performance: Processing required to deliver requested services
- Consent: Explicit consent for YouTube data access and optional features
- Legal Obligations: Compliance with applicable laws
Google and YouTube user data is processed only based on user consent and solely to provide requested features. It is not processed under legitimate interests.
5. Data Sharing and Disclosure
5.1 Service Providers
We share data with trusted service providers strictly as needed to operate the service:
- Cloudflare: Hosting, content delivery, and security
- Stripe: Payment processing
- OpenAI / Groq: AI model inference using non-Google or anonymized data where applicable
- Google: YouTube API access with explicit user consent
5.2 Google & YouTube Data Handling
We explicitly affirm that we do not:
- Share Google or YouTube user data with third parties except as necessary to provide requested features
- Use Google or YouTube user data for advertising or marketing
- Store video content or user credentials
- Use Google or YouTube user data for analytics, profiling, or AI/ML model training
Users may revoke access at any time via their Google Account security settings or within the application.
5.3 Legal Requirements
We may disclose information if required by law, court order, or to protect the rights, safety, or security of users or the service.
6. Data Retention
We retain data only for as long as necessary to:
- Maintain an active account
- Provide requested services
- Meet legal obligations
Upon account deletion, personal data is deleted or anonymized within 30 days, unless retention is legally required.
7. Your Rights (GDPR)
You have the right to:
- Access your personal data
- Correct inaccurate or incomplete data
- Request deletion ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing
- Withdraw consent (including YouTube access)
- Lodge a complaint with a supervisory authority
Requests may be sent to privacy@nextgenme.ai.
8. Data Security
We implement industry-standard safeguards, including:
- Encryption in transit (HTTPS/TLS) and at rest
- Password hashing (bcrypt)
- Secure authentication tokens (JWT)
- Access controls and monitoring
No system is completely secure; however, we take reasonable steps to protect your data.
9. International Data Transfers
Where data is transferred internationally, we ensure appropriate safeguards, including:
- Standard Contractual Clauses (SCCs)
- Privacy-compliant service providers
- GDPR-aligned protections
10. Children's Privacy
NextGenMe is not intended for users under 16 years of age. We do not knowingly collect data from children.
11. Cookies and Tracking
We use cookies solely for:
- Authentication and session management
- Preference storage
We do not use Google or YouTube user data for analytics or tracking.
Any analytics performed uses non-Google, aggregated application data only.
12. Third-Party Links
Our service may link to third-party websites (e.g., YouTube). We are not responsible for their privacy practices.
13. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated through the service or via email.
14. Contact Information
15. Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer at admin@nextgenme.ai.
© 2026 NextGenMe. All rights reserved.