LEGAL

Privacy Policy

Last updated: 2026-05-13

StreamLink lets you broadcast your iPhone screen, a photo, or a video to anyone with a link. This policy explains what we collect, why we collect it, and how to ask us to delete it.

1. Information we collect

When you sign up for a StreamLink account, we store:

  • Your email address (used to sign in and receive verification codes).
  • A display name you choose.
  • A hashed password (we never store passwords in clear text — we use Argon2id).
  • Account metadata: locale, creation date, last sign-in time.

When you broadcast a room, we store:

  • The room name and privacy setting (public, private, invite-only).
  • Server-side timestamps: created, started, ended, expired.
  • Aggregate counters: peak viewer count and total unique viewers.
  • Chat messages, for the duration of the broadcast. Messages are deleted shortly after the room ends.

We do not store the video or audio of your broadcasts. Streams pass through our media server (LiveKit) in real time and are not recorded.

2. Information we collect automatically

  • IP address — used to apply rate limits and detect abuse. Stored in short-lived server logs (≤ 14 days).
  • Approximate device and browser type from request headers, for the same reasons.
  • No third-party advertising trackers. No analytics SDKs.

3. How we use this information

  • To run the service — sign you in, route your stream, deliver chat, send transactional emails.
  • To protect the service — rate limiting, abuse detection, fraud prevention.
  • To improve the product — anonymized usage counts (e.g. total broadcasts per region).

We do not sell your information. We do not share it with third parties except the strictly necessary infrastructure providers listed below.

4. Third-party services we rely on

  • Resend — to send verification and password-reset emails. They receive your email address and the email body.
  • LiveKit — open-source media server, self-hosted on our infrastructure. Real-time audio and video stream through it but are not stored.
  • Cloudflare Speed Test endpoints — used only when you tap "Test signal" on iOS. No personally identifying data is sent.

5. Microphone and screen access

The StreamLink iOS app requests access to your microphone and to record your screen only when you start a broadcast. Both grants can be revoked at any time from iOS Settings → Privacy & Security.

Audio and video captured during a broadcast are sent to your viewers in real time through LiveKit. They are not stored on our servers.

6. Data retention

  • Account data — retained as long as your account is active.
  • Room data — retained for 90 days after a room ends, then deleted.
  • Chat messages — deleted shortly after a room ends.
  • Server logs — rotated every 14 days.
  • Audio/video — never recorded.

7. Your rights

You can at any time:

  • Sign in and update your display name or change your password.
  • Request account deletion by emailing support@saviourtool.com. We delete the account and all associated rooms and chat within 14 days.
  • Request a copy of the data we hold on you.
  • Withdraw consent for email communications.

8. Children

StreamLink is not intended for children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has signed up, contact us and we will delete the account.

9. Security

  • All connections use TLS 1.2 or higher.
  • Passwords are hashed with Argon2id.
  • Session tokens are signed with RS256 and rotated.
  • Rate limits guard credential-checking endpoints.

No system is perfectly secure. If you discover a vulnerability, please email security@saviourtool.com.

10. Changes to this policy

If we change this policy materially, we will update the "Last updated" date above and, for significant changes, notify you by email. Continued use of StreamLink after a change means you accept the revised policy.

11. Contact

Questions about this policy: support@saviourtool.com.