Signal Forge AI is an independently operated software application built and used by a single developer-operator. Throughout this policy, “we,” “us,” and “our” refer to that operator. The application is hosted at signal-forge-ai.com.
Contact: [email protected]
Signal Forge AI is a single-user application. The only person who authenticates to the application via Google OAuth is the operator-developer, who is also the owner of the YouTube channel(s) the application reads. The application is not offered to other users; there is no signup flow, no user accounts, and no end-user data collection beyond the operator’s own Google account information.
This policy nevertheless documents how the operator’s own Google data is handled, in compliance with Google’s requirements for applications that access sensitive scopes.
When the operator authenticates via Google OAuth, Signal Forge AI requests the following scopes:
https://www.googleapis.com/auth/youtube.readonly — read-only access to the operator’s YouTube channel metadata, including video IDs, titles, descriptions, and publish timestamps. Used to identify which videos to query for performance metrics.https://www.googleapis.com/auth/yt-analytics.readonly — read-only access to non-monetary YouTube Analytics for the operator’s own videos: views, watch time, average view duration, audience retention, traffic sources, subscriber gain and loss attributed to specific videos, and demographic summaries.https://www.googleapis.com/auth/yt-analytics-monetary.readonly — read-only access to estimated revenue and ad-impression metrics for the operator’s own videos. Used to compute per-video return on investment alongside the non-monetary metrics.The application accesses only the operator’s own channel and only via these read-only scopes. It does not write, edit, upload, comment, or otherwise modify any YouTube data.
Data retrieved from Google APIs is used solely for:
The data is not used to train any general-purpose machine-learning model, is not shared with third parties, and is not displayed to anyone other than the operator.
Signal Forge AI’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
OAuth refresh tokens and any cached metric responses are stored locally on the operator’s own infrastructure (a self-hosted machine running the Signal Forge AI orchestrator). Tokens are stored with file-system permissions restricted to the operator’s OS user. Tokens are never transmitted to any third-party service and never logged in plaintext.
Cached metric data is retained only for as long as it is useful to the application’s decision-making (typically rolling windows of 30 to 365 days, depending on the metric). The operator can delete all stored Google data at any time by:
This website (signal-forge-ai.com) does not set any cookies, does not use analytics tracking, and does not embed third-party fonts, scripts, or pixels. Server access logs may be retained by the hosting provider (Cloudflare) per their own retention policy.
We may update this policy as the application evolves. Material changes will be reflected by updating the “Last updated” date at the top of this page and, where appropriate, by re-prompting OAuth consent. The current version of this policy is always available at legal.signal-forge-ai.com/privacy.html.
Questions about this policy or the application’s handling of data can be sent to [email protected].