PLAXT
Get Started

Privacy Policy

Last updated: January 2025

Overview

Plaxt ("we", "our", or "us") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information when you use our media scrobbling service.

Information We Collect

Account Information

When you create an account, we collect your email address and password (stored securely using industry-standard hashing).

Connected Services

When you connect media servers (Plex, Emby, Jellyfin), streaming services (Netflix), or tracking services (Trakt, Simkl), we store authentication tokens or cookies required to sync your watch history. These credentials are encrypted at rest.

Watch Activity

We process your watch events (play, pause, stop) to sync them to your chosen tracking services. We store minimal metadata about sync events for debugging and to show your sync history.

How We Use Your Information

  • To provide and maintain the scrobbling service
  • To sync your watch history between connected services
  • To send important service updates and security notifications
  • To respond to your support requests
  • To process payments (handled by Stripe)

Data Security

We take security seriously and implement industry-standard measures to protect your data:

  • All data is encrypted in transit using TLS
  • Sensitive credentials are encrypted at rest using AES-256
  • Passwords are hashed using Argon2
  • JWT-based authentication with secure token handling

Data Sharing

We do not sell your personal information. We only share data with:

  • Connected services — Your watch data is sent to tracking services you explicitly connect (Trakt, Simkl)
  • Payment processor — Stripe handles payment processing; we don't store card details
  • Infrastructure providers — Our hosting providers process data on our behalf under strict agreements

Data Retention

We retain your data in accordance with GDPR requirements. Your data is kept for as long as your account is active and necessary to provide our services. When you delete your account, we remove your personal data without undue delay, except where retention is required for legal obligations, dispute resolution, or enforcement of our agreements.

Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access — Request a copy of your personal data
  • Rectification — Correct inaccurate or incomplete data
  • Erasure — Request deletion of your personal data ("right to be forgotten")
  • Data portability — Receive your data in a structured, machine-readable format
  • Restriction — Request limited processing of your data
  • Object — Object to processing of your personal data
  • Withdraw consent — Disconnect any connected service at any time

To exercise these rights, contact us at the email below. We will respond within one month as required by GDPR.

Cookies

We use essential cookies only for authentication purposes. We do not use third-party tracking cookies or advertising cookies. For Netflix integration, we store Netflix session cookies (provided by you) to sync your watch history. Provide cookies only if permitted by Netflix's terms; you can revoke access anytime by disconnecting the integration.

Changes to This Policy

We may update this policy from time to time. We'll notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance.

Contact Us

If you have questions about this privacy policy or your data, contact us at: [email protected]