Privacy Policy
Last updated: January 1, 2026
1. Overview
CHANGE_ME Your Legal Entity Name LLC ("Fitdown," "we," "us") built this Service around collecting as little personal data as possible. This policy explains what we do collect, why, and for how long.
2. Information we collect
The Service does not require account registration to use its core download features. We collect:
- A one-way hash of your IP address (not the raw address itself) at the time you submit a URL to analyze or a format to fetch, used for rate limiting and abuse prevention. This hash cannot practically be reversed back into your original IP address.
- The URL you submit and the metadata we retrieve about it (title, thumbnail, duration, uploader, available formats), so we can show you the results and avoid re-fetching the same URL repeatedly.
- Standard web server logs (timestamps, requested paths, response codes, user agent string) for security monitoring and troubleshooting.
- A theme preference (light/dark mode) stored in your browser's local storage, never transmitted to us.
We do not use advertising trackers, third-party analytics scripts, or cross-site tracking cookies. The only cookie the Service sets is a strictly-necessary session cookie required for the site to function (and, for admins, to stay signed in) — it does not identify you personally beyond the current browser session and does not require consent under most cookie-law frameworks, which generally exempt strictly-necessary cookies.
3. How we use information
- To provide the Service — analyzing URLs, fetching content, and delivering files to you;
- To enforce rate limits and protect the Service against abuse;
- To diagnose and fix technical problems;
- To maintain the security of the Service and its infrastructure.
We do not sell personal information, and we do not use it for advertising.
4. Data retention
- Fetched files are automatically deleted from our servers after a limited retention window (24 hours by default, configurable by the site operator) and are not recoverable once deleted.
- Analysis records (the metadata for a URL you've submitted) are retained for a short period to avoid redundant re-fetching, and older failed or expired records are periodically and automatically purged.
- Hashed IP addresses are stored alongside these records for the same retention period and are deleted along with them.
5. Third-party platforms
When you submit a URL from a third-party platform (such as YouTube, TikTok, X/Twitter, Instagram, Facebook, Vimeo, or SoundCloud), our servers make a request to that platform on your behalf to retrieve the content. That platform may log this request independently of us, under its own privacy policy. We encourage you to review the privacy policy of any platform whose content you access through the Service.
6. Admin accounts
Administrator accounts (used to manage the Service, not by end users) store a name, email address, and a securely hashed password. Administrator login activity is logged for security auditing.
7. Your rights
Depending on your jurisdiction, you may have rights to access, correct, or request deletion of personal data we hold about you. Because the Service does not tie requests to an identifiable account, and IP addresses are stored only as one-way hashes, we generally have no practical way to look up or delete data tied to a specific individual beyond what naturally expires per our retention schedule above. If you believe we hold data about you that concerns you, contact us at [email protected] and we will address your request to the extent technically possible.
8. Children's privacy
The Service is not directed at children and we do not knowingly collect personal information from children under the age required by applicable law to consent to data processing without parental permission (13 in the United States, and as otherwise defined by local law).
9. Security
We use industry-standard measures to protect the Service, including encrypted connections (HTTPS), hashed rather than plaintext storage of sensitive identifiers, and access controls on administrative functions. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
10. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date above reflects the most recent revision.
11. Contact
Questions about this policy can be sent to [email protected].