Data Deletion — Video Controls Plus | GDPR-Compliant

Data deletion in Video Controls Plus is a self-service flow that removes every piece of data the project holds about you across both local browser storage and the optional cloud-sync backend. The flow is GDPR- and CCPA-compliant: cloud-side deletion happens within 30 days of request and produces a confirmation email; local-side deletion happens immediately the moment you uninstall the extension. Users who never signed in have nothing on the cloud to delete; uninstall alone is sufficient and immediate.

Use cases

Closing the account before switching to a different tool

Use the deletion flow to clear cloud-synced notes, collections, and preferences from the backend, then uninstall to clear local browser storage. Both sides need separate action.

Exercising GDPR / CCPA rights

EU and California residents have a legal right to deletion. The flow returns a written confirmation that satisfies the documentation requirement of those laws.

Resetting after a sync issue

If cloud sync produces unexpected results, deleting the account and reinstalling is a clean reset. The new account starts with empty storage on both sides.

Privacy hygiene on shared devices

On a shared computer, uninstalling clears the local data immediately. If you also synced to the cloud, run the deletion flow before handing the device off.

How it works

  1. Sign in (if applicable). Local-only users skip this step; uninstall is sufficient. Cloud-sync users sign in to authenticate the deletion request.
  2. Open the deletion page. The /data-deletion page lists every category of data held: notes, collections, preferences, learning paths, flashcards, screenshots, transcripts, account profile.
  3. Confirm the request. A two-factor confirmation prevents accidental deletion. The first click queues the request; the second click signed-in within 24 hours executes it.
  4. Receive confirmation. Email confirmation arrives within minutes for the queue, and within 30 days for the actual erase. The 30-day window is GDPR-mandated for backup retention.
  5. Uninstall the extension. Browser-managed: chrome://extensions, about:addons in Firefox, edge://extensions. Removing the extension clears all local browser storage immediately.

Examples

  • A signed-in user requests full deletion. Account profile + cloud data flagged for erase; primary records deleted within 24 hours; backup copies purged within 30 days; confirmation email sent at both checkpoints.
  • A user who never signed in. No cloud data exists. Uninstalling the extension immediately clears local browser storage. Nothing else to do.

Frequently asked questions

How long does deletion take?

Primary records: ~24 hours. Backup copies (encrypted, used for disaster recovery): up to 30 days, the GDPR-mandated maximum window.

What about my browser-local data?

Browser-local data is yours and lives on your device. Uninstalling the extension via the browser's extensions page clears it immediately. We never see it.

Can I export my data before deletion?

Yes. Settings → Export downloads everything as a ZIP — JSON for structured data (notes, collections, preferences) plus the raw files for screenshots and transcripts.

Will I get a confirmation?

Yes. Two emails: one acknowledging the queue, one confirming completion 30 days later.

What if I change my mind?

You can cancel within 7 days by signing in and clicking "Cancel deletion" on the same page. After 7 days, the request is irreversible.

Is anonymized usage data also deleted?

Yes. Aggregate-level analytics (total active users, feature usage) is anonymized at collection so individual rows do not exist; account-tied analytics (feature usage by you) is deleted with the account.

Tips

  • Export first if you want a record of your notes — the export bundle includes timestamps and original video URLs.
  • Local data is independent of cloud data; if you only used the extension offline, you do not need the deletion form at all.
  • The deletion request can be cancelled within 7 days. After that, it is irreversible.
  • For GDPR documentation purposes, save both confirmation emails — the queue acknowledgement and the 30-day completion notice.

Limitations

  • Encrypted backup copies persist for up to 30 days as required by disaster-recovery policy and GDPR Article 17(3).
  • Browser-local data must be cleared by uninstalling via the browser's extensions page; we cannot remotely wipe local storage.
  • Anonymized aggregate analytics (total user count, total feature uses) cannot be retroactively unlinked because they were never linked.

Last updated 2026-05-06 by Ahsan Mahmood, maintainer.