This Privacy Policy explains how mickMind (Mick Baruffato, Denmark — "we", "us") handles data in connection with the Bit Explains website (bitexplains.org) and the Bit Explains publishing platform (together, the "Service"). We are the data controller under the EU General Data Protection Regulation (GDPR).
1. Website visitors
bitexplains.org sets no cookies and uses no analytics or advertising trackers. Our hosting infrastructure (Cloudflare) processes standard technical request data (IP address, user agent) to serve and secure the site; see the Cloudflare Privacy Policy. Video thumbnails and fonts are loaded from YouTube/Google, which may process technical request data under Google's Privacy Policy. Watching an episode happens on YouTube itself, under YouTube's own terms.
2. Publishing platform — data we process
When an account owner connects a social-media account (for example a TikTok account via TikTok Login Kit), we process, strictly to operate the publishing function:
| Data | Source | Purpose |
|---|---|---|
| OAuth access & refresh tokens | The platform, on authorisation | To upload and publish episodes to the connected channel |
Basic account info (open ID, display name, avatar) via user.info.basic |
The platform | To confirm which channel is connected |
| Video files and metadata (title, description, privacy setting) | Created by us | The content being published |
| Upload/publish status and timestamps | Generated by the Service | To track releases and avoid duplicates |
We do not request the scopes user.info.profile, user.info.stats or
video.list, and we do not collect data belonging to any platform user other than the
connected channel itself.
3. How we use data
Solely to (a) authenticate connected channels, (b) upload and publish our episodes to them, and (c) keep an operational record of releases. Never for advertising, profiling or automated decision-making about individuals.
4. Legal basis (GDPR)
Processing rests on our legitimate interest (Art. 6(1)(f) GDPR) in operating and distributing our own content, and on the consent (Art. 6(1)(a)) given by the account owner at connection time. Consent can be withdrawn at any time (see sections 7–8).
5. Storage and security
Tokens and account data are stored on our own private server in Denmark, in a permissions-locked secrets store, never in application code, and transmitted only over HTTPS to the relevant platform APIs. No third-party analytics or advertising providers receive any Service data.
6. Sharing and retention
We do not sell, rent or share personal data. The only external transmission is to the platform APIs strictly necessary to publish content, under those platforms' own policies, including the TikTok Privacy Policy. Tokens are kept only while a channel remains connected and are deleted on disconnection, revocation or expiry. Release records are kept only for our own record-keeping and deleted on request.
7. Your rights
EU data subjects may access, rectify, erase, restrict or object to processing of their personal data, and have the right to data portability. Contact us using the details below. You may also complain to the Danish Data Protection Agency (Datatilsynet).
8. Revoking access
A connected account can be disconnected at any time — by contacting us, or directly in the platform's own settings (on TikTok: Settings → Security & permissions → Manage app permissions). Revoked tokens become invalid and are deleted from our server.
9. Children
Our content is made for children, but our website and publishing platform are operated by and directed at adults; we do not knowingly collect personal data from children. Episodes are marked "made for kids" on each platform, and viewing happens under that platform's children's-privacy protections.
10. Changes and contact
We may update this policy; the effective date above reflects the current version. Contact: [email protected] · mickMind, Randers, Denmark.