DeArrow is a browser extention that allows you to submit titles and thumbnails for YouTube videos and fetch titles and thumbnails that other people have already submitted.
It consists of one server that handles titles and timestamps of when thumbnails occur (they are screenshots at specific timestamps), and another server that acts as a cache of the thumbnail images themselves.
Also see the terms of use.
Almost all data that is collected through this extension can be downloaded from https://sponsor.ajay.app/database. Some more sensitive data such as votes and hashed IPs are stored in a private database.
The only things I keep are:
- Information you submit (submitted titles, thumbnails, reports, and votes on existing submissions)
- A hashed version of your userID (a randomly generated value assigned when you first install the extension), only if a submission or vote has occurred
- The time the submission happened
- A hashed + salted version of your ip address for ratelimiting. This process makes it close to impossible to retrieve the original value if they don't have access to the salt.
- The name of your client (if using an extension, another port, etc.)
The extension also makes requests to YouTube URLs to generate thumbnails and get metadata, such as video duration, of videos.
Each time a video title or thumbnail is displayed on screen:
- An anonymous request is sent asking for the submissions for that video
- If a thumbnail is submitted, or the "Show screenshot from random timestamp when no submissions exist" option is enabled, it will then send a request to the thumbnail generation/cache server to generate a thumbnail at the given timestamp
- This request contains no personally identifiable information and no IPs are logged connected with this request
If you disable using the thumbnail generation/caching service:
- All querying requests will use the prefix of the videoID hash to decrease the server's ability to know what exact video you were looking for. This returns a list of videos that potentially could be the one you are looking for
- This is not used when the thumbnail generation/caching service is enabled since the raw videoID is needed to generate the thumbnail
Each time you submit, vote, or make a report:
- A request with your userID and the segment ID is sent
- A hashed IP is stored with this information to help prevent spammers
For every request:
- A hashed + salted (salt rotated every 48 hours) IP address is temporarily stored without the actual request details
- This allows the stats page to have count the number of users of the API
- This data is stored in a seperate program from the main server and stored in memory. Form more details on how it works, see here
This data stays on your device
Each time you submit:
- This submission is stored on device to show it even if another submission has more votes
- This can be disabled in the options
By using this browser extension or API, you hereby consent to the Privacy Policy.
Please email me with your request.
Cloudflare's proxy is used to reduce load on the servers. It logs some information itself that I cannot control, such as the number and location of connecting IPs. More information can be found at https://www.cloudflare.com/privacypolicy/
I sometimes need to enable error logging in nginx. This does log IPs associated with connection errors (not all requests), but I will delete these logs within 72 hours whenever that is enabled.
If you have additional questions or require more information, contact me through email at dev@ajay.app. You can also ask me questions on Discord (@theajayyy) or Matrix.