Last updated · January 2026

Privacy Policy

⚠ Template notice: This document is a starting point. Before you launch publicly, have a lawyer in your jurisdiction review it. The maintainers of BroadcastDeck are not your lawyers and this text is not legal advice.

BroadcastDeck ("we", "us") provides a desktop-class remote interview studio. This policy describes what information we collect when you use studio.broadcastdeck.com and the BroadcastDeck Desktop app, why we collect it, and your rights.

1. What we collect

Account data

Your email address and display name, used to sign you in and label sessions.
A hashed password (bcrypt) — we never see or store the plaintext.

Session metadata

Session titles, scheduled times, guest tokens.
Contact entries you create (name + email).

Media (video / audio)

Audio and video between a host and a guest is exchanged peer-to-peer (WebRTC). The media is end-to-end encrypted between participants and does not pass through our servers in the common case.
When direct P2P fails (firewalls, symmetric NAT), media is relayed through our TURN server. The relay forwards encrypted packets and does not record their contents.
Recordings made by the host are stored locally on the host's machine. We do not upload recordings to our servers unless the host explicitly chooses an ingest destination.

Technical / log data

HTTP request logs (IP address, user-agent, path, status code) retained for 14 days for security.
TURN session logs (timestamps, relay duration, byte counters — no media content) retained for 30 days.

2. What we don't collect

No analytics or advertising trackers on this marketing site or in the studio app.
No third-party fonts/scripts beyond Google Fonts (which receives only your IP for font CSS).
No payment information (the beta is free).

3. How we use the information

To authenticate you and protect your account.
To route peer-to-peer or TURN-relayed media between you and your guest.
To debug abuse and outages (logs).
To send transactional messages (e.g. password reset). We do not send marketing emails without opt-in.

4. Sharing

We don't sell or rent personal data. We share information only with:

Infrastructure providers running our servers (TLS-encrypted in transit; isolated tenancy).
Law enforcement when compelled by a valid legal request from a jurisdiction we operate in.

5. Cookies & local storage

The studio app uses localStorage to keep your sign-in token so you don't have to re-authenticate every visit. No third-party cookies are set.

6. Your rights

If you are in the EU, UK, California, or other jurisdictions with equivalent laws, you have the right to:

Access the personal data we hold about you.
Correct inaccurate data.
Delete your account and associated data.
Export your data in a machine-readable format.
Object to processing or restrict it.

To exercise any of these rights, email privacy@broadcastdeck.com. We aim to respond within 14 days.

7. Retention

Account data: kept while your account is active. Deleted within 30 days of account closure.
Session metadata: 12 months after the session date.
HTTP logs: 14 days.
TURN logs: 30 days.

8. Children

BroadcastDeck is not directed to children under 16, and we do not knowingly collect data from them. If you believe a child has created an account, email privacy@broadcastdeck.com and we will delete it.

9. Changes to this policy

We will post material changes here at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

10. Contact

Email privacy@broadcastdeck.com for any privacy question or request.