Privacy Policy

Effective: January 1, 2026 Last Updated: April 27, 2026
Important Notice — Content Liability Disclaimer

Pocket STB is a media player application only. We do not host, upload, store, distribute, broadcast, or provide any video, audio, or streaming content. We do not operate any IPTV service, channel lineup, or content delivery network.

All content streamed through Pocket STB is sourced exclusively from your chosen third-party IPTV service provider. It is solely your responsibility to verify that your IPTV provider is legally authorized to distribute the content they offer, and that accessing such content is lawful in your country or region under applicable copyright, broadcasting, and telecommunications laws.

Pocket STB bears no liability for any content accessed through third-party providers via this Application.

01 Introduction

Welcome to Pocket STB (the "Application"), an IPTV application ("we", "our", or "us"). We are committed to protecting the privacy of all users ("you" or "user") who access our Application, website, or related services (collectively, the "Services").

This Privacy Policy explains how we collect, use, store, share, and protect your information when you use Pocket STB on any platform including Android, iOS, Android TV, Apple TV, Amazon Fire TV, Smart TVs, Set-Top Boxes (STB), and desktop platforms.

By downloading, installing, or using Pocket STB, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of the Application.

This policy is designed to comply with applicable privacy laws worldwide, including: GDPR (EU/EEA), UK GDPR, CCPA/CPRA (California), PIPEDA (Canada), LGPD (Brazil), POPIA (South Africa), PDPA (Thailand/Singapore), APPI (Japan), PIPL (China), DPDP Act (India), Privacy Act (Australia), and other applicable regional laws.

02 Nature of the Application — What Pocket STB Is and Is Not

2.1 Pocket STB is a Player Only

Pocket STB is a software media player — similar in function to VLC Media Player — designed to play streams provided by your IPTV subscription service. The Application acts solely as a technical interface between you and your chosen provider's stream URL or M3U playlist.

Specifically, Pocket STB:

  • Does NOT host, store, cache, broadcast, or retransmit any video or audio content.
  • Does NOT provide, sell, or curate any IPTV channels, VOD libraries, or streaming content.
  • Does NOT have any affiliation with, or control over, any content provider, broadcaster, or channel operator.
  • Does NOT verify, endorse, or take responsibility for the content made available by your IPTV provider.
  • Does NOT operate a content delivery network (CDN) or streaming infrastructure.

2.2 Your Responsibility Regarding Content Legality

The legality of streaming content through an IPTV service varies significantly by country and jurisdiction. Laws governing broadcasting rights, copyright, digital content licensing, and telecommunications differ across regions and are subject to change.

Before using Pocket STB with any IPTV provider, you are solely responsible for:

  • Verifying that your IPTV service provider holds valid and current licenses, distribution rights, or broadcasting authorizations for all content they offer in your country or region.
  • Ensuring that accessing and streaming the content provided by your IPTV provider is lawful under the copyright laws, broadcasting regulations, and any other applicable legislation in your jurisdiction.
  • Confirming that your use complies with any territorial restrictions, geo-licensing agreements, or exclusive broadcast rights that may apply to specific content or channels.
  • Understanding that using an unauthorized IPTV service to access pirated, unlicensed, or otherwise restricted content may constitute a violation of law in your country and may expose you to civil or criminal liability.

2.3 No Liability for Third-Party Content

To the fullest extent permitted by applicable law, Pocket STB expressly disclaims all liability — whether direct, indirect, incidental, consequential, or otherwise — arising from:

  • The nature, legality, accuracy, or availability of any content streamed through a third-party IPTV provider via Pocket STB.
  • Any infringement of intellectual property rights, broadcasting rights, or copyright resulting from content accessed through your provider.
  • Any legal action, fine, penalty, or other consequence arising from your use of an unauthorized or unlicensed IPTV service.
  • Any disruption, unavailability, or termination of service by your IPTV provider.
If you are unsure whether your IPTV provider is legally authorized to operate in your country, we strongly recommend consulting a qualified legal professional in your jurisdiction before use.

03 Data Controller / Business Identity

The data controller responsible for your personal data is:

Company
Pocket STB
Application
Pocket STB: An IPTV App
Website
https://www.pocketstb.com
Privacy
privacy@pocketstb.com
Legal / DPO
legal@pocketstb.com
For EU/EEA users, we act as the Data Controller under Article 4(7) of the GDPR. For California users, we act as a "Business" as defined under the CCPA/CPRA.

04 Information We Collect

We collect only the minimum information necessary to provide our Services.

4.1 Information You Provide Directly

  • Account Information: name, email address, username, and password (if you register an account).
  • IPTV Playlist / M3U URL: stored locally on your device only — never transmitted to our servers.
  • Payment Information: processed by our third-party payment processor. We do not store full card details.
  • Support Communications: messages, emails, or feedback you send to us.

4.2 Information Collected Automatically

  • Device Information: device type, model, OS version, hardware identifiers (advertising ID, device ID).
  • Network Information: IP address, approximate geolocation (country/region level), ISP, network type.
  • Usage Data: features used, session duration, error logs, crash reports.
  • Streaming Metadata: buffer events, stream quality, playback failures — not the content of what is streamed.

4.3 What We Do NOT Collect

  • We do NOT record, intercept, or store the actual video/audio content you stream.
  • We do NOT store your IPTV provider credentials on our servers.
  • We do NOT access your contacts, photos, microphone, or camera.
  • We do NOT collect precise real-time GPS location.

05 How We Use Your Information

  • Service Delivery: to provide, operate, maintain, and improve the Application.
  • Account Management: to create and manage your account, authenticate identity, process subscriptions.
  • Customer Support: to respond to queries, troubleshoot issues, provide technical assistance.
  • Performance & Diagnostics: to identify and fix bugs, crashes, and optimize streaming performance.
  • Security & Fraud Prevention: to detect and prevent fraudulent activity and unauthorized access.
  • Legal Compliance: to comply with applicable laws and respond to lawful authority requests.
  • Communications: to send important updates, security notices, and (with consent) promotional messages.

06 Legal Basis for Processing (GDPR / UK GDPR)

For users in the EU, EEA, or United Kingdom, we process your personal data under the following legal bases:

  • Contractual Necessity (Art. 6(1)(b)): processing required to provide the Application and fulfill our Terms of Service.
  • Legitimate Interests (Art. 6(1)(f)): for analytics, security, fraud prevention, and service improvement.
  • Consent (Art. 6(1)(a)): for marketing communications and non-essential cookies — withdrawable at any time.
  • Legal Obligation (Art. 6(1)(c)): to comply with applicable laws and lawful authority requests.

07 Data Sharing & Disclosure

We do not sell your personal data. We may share data only in the limited circumstances described below.

7.1 Service Providers & Processors

  • Cloud hosting & infrastructure providers (e.g., Microsoft Azure, AWS, Google Cloud).
  • Analytics platforms — anonymized/aggregated data only (e.g., Firebase Analytics).
  • Crash reporting tools (e.g., Crashlytics, Sentry).
  • Payment processors (e.g., Stripe, PayPal, Razorpay) — governed by their own PCI-DSS compliant policies.
  • Customer support platforms.

All processors are bound by Data Processing Agreements (DPAs) and prohibited from using your data for any other purpose.

7.2 Legal & Regulatory Disclosure

We may disclose your information if required by law, court order, or governmental authority, or to protect our rights, prevent fraud, or ensure user safety.

7.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will provide notice of such transfer and any changes to this Privacy Policy.

08 International Data Transfers

Pocket STB is a global application. Your data may be transferred to and processed in countries other than your country of residence. We ensure adequate protection through:

  • EU Standard Contractual Clauses (SCCs) approved by the European Commission.
  • UK International Data Transfer Agreements (IDTAs) for UK transfers.
  • Adequacy decisions where applicable.
  • Binding Corporate Rules (BCRs) or equivalent mechanisms.

You may request a copy of the transfer mechanisms in place by contacting privacy@pocketstb.com.

09 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this Policy.

Data TypeRetention Period
Account DataDuration of account + 90 days after deletion
Usage & Analytics DataUp to 24 months (anonymized)
Crash & Diagnostic LogsUp to 12 months
Support CommunicationsUp to 3 years
Payment RecordsUp to 7 years (financial compliance)
Legal Hold DataAs required by legal proceedings

Upon expiry of retention periods, data is securely deleted or irreversibly anonymized.

10 Data Security

  • Encryption in transit using TLS 1.2 / TLS 1.3 for all data communications.
  • Encryption at rest using AES-256 for databases containing personal data.
  • Access controls and role-based permissions limiting data access to authorized personnel only.
  • Regular security assessments, vulnerability scanning, and penetration testing.
  • Incident response procedures for detecting and responding to data breaches.
  • IPTV credentials entered in the Application are stored only on your local device and are never transmitted to our servers.
While we employ robust security measures, no system is 100% secure. We encourage you to use strong passwords and keep your device software up to date.

11 Your Rights & Choices

Depending on your country of residence, you may have the following rights. We honor these rights regardless of where you reside, to the extent technically feasible.

11.1 Universal Rights (All Users)

  • Right to Know / Access: request a copy of the personal data we hold about you.
  • Right to Correction: request correction of inaccurate or incomplete data.
  • Right to Deletion / Erasure: request deletion of your personal data (subject to legal retention obligations).
  • Right to Data Portability: receive your data in a structured, machine-readable format.
  • Right to Withdraw Consent: where processing is based on consent, you may withdraw it at any time.

11.2 Jurisdiction-Specific Rights

EU / EEA / UK
GDPR · UK GDPR
  • Right to Restrict Processing (Art. 18)
  • Right to Object (Art. 21)
  • No automated decision-making
  • Lodge complaint with DPA / ICO
California
CCPA · CPRA
  • Know, delete, correct, portability
  • Opt-out of sale/sharing
  • Limit sensitive data use
  • No discrimination for exercising rights
India
DPDP Act 2023
  • Access, correction, erasure
  • Grievance redressal
  • Right to nominate representative
Brazil
LGPD
  • Access, correction, anonymization
  • Portability, deletion
  • Object to processing
  • Complaint to ANPD
Canada
PIPEDA
  • Access and correction
  • Complaint to OPC
Australia
Privacy Act 1988
  • Access and correction (APPs)
  • Complaint to OAIC
South Africa
POPIA
  • Notification, access, correction
  • Object to processing
  • Complaint to Information Regulator
Singapore / Thailand
PDPA
  • Access and correction
  • Complaint to PDPC
Japan
APPI
  • Disclosure, correction, deletion
  • Consent required for third-party sharing
To exercise any right, contact privacy@pocketstb.com. We respond within 30 days (or as required by applicable law — 45 days under CCPA, 1 month under GDPR). We may need to verify your identity before processing your request.

12 Cookies & Tracking Technologies

  • Essential / Strictly Necessary: required for the Application to function (session management, authentication). Cannot be disabled.
  • Performance / Analytics: help us understand usage patterns and improve performance. Can be disabled.
  • Functional: remember your preferences (language, settings). Can be disabled.
  • Advertising / Targeting: used by advertising partners. Opt out via device ad settings or NAI/DAA opt-out tools.

Where required by law (EU ePrivacy Directive, GDPR), we obtain your consent before placing non-essential cookies. You may withdraw consent at any time through Application settings.

Do Not Track (DNT): We honor browser-level DNT signals where technically feasible.

13 Children's Privacy

Pocket STB is not directed at children under the age of 13 (or under 16 in EU/EEA jurisdictions). We do not knowingly collect personal data from children without verifiable parental consent.

If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at privacy@pocketstb.com. We will promptly delete such data.

Age thresholds by jurisdiction: 13 (US — COPPA), 16 (EU — GDPR default), 14 (Brazil — LGPD), 15 (France), 14 (Austria/Bulgaria/Cyprus), 13 (Denmark/Estonia/Finland/Latvia/Sweden/UK). We apply the highest applicable threshold in each jurisdiction.

14 Third-Party Links & Services

Pocket STB may contain links to or integrate with third-party services (e.g., your IPTV provider, external media sources, payment gateways). These third parties have their own privacy policies, and we are not responsible for their data practices.

We recommend reviewing the privacy policies of any third-party services you access through or alongside Pocket STB, particularly your IPTV subscription provider.

15 Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours of becoming aware of the breach (GDPR Article 33).
  • Notify affected users without undue delay where the breach is likely to result in high risk (GDPR Article 34).
  • Comply with equivalent notification requirements under CCPA/CPRA, PIPEDA, LGPD, DPDP Act, and other applicable laws.

16 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The updated policy will be posted within the Application and on our website with a revised "Last Updated" date.

For material changes, we will provide prominent notice via in-app notification or email at least 30 days before the change takes effect, where required by law.

Your continued use of Pocket STB after the effective date of the updated Policy constitutes your acceptance of the changes.

17 Country-Specific Additional Provisions

17.1 United States — State Privacy Laws

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and other US states with comprehensive privacy laws have rights including access, correction, deletion, portability, and opt-out of targeted advertising. Contact privacy@pocketstb.com to exercise these rights.

17.2 Singapore (PDPA 2012)

For Singapore residents, we comply with the Personal Data Protection Act 2012. You have the right to access and correct your personal data. Contact our Data Protection Officer at privacy@pocketstb.com.

17.3 Thailand (PDPA 2019)

For Thailand residents, we comply with the Personal Data Protection Act B.E. 2562 (2019). Complaints may be directed to the Office of the Personal Data Protection Commission (PDPC).

17.4 Japan (APPI)

For Japan residents, we comply with the Act on the Protection of Personal Information (APPI) as amended. We only share personal data with third parties with your consent or as permitted by law.

17.5 China (PIPL)

For users in the People's Republic of China, we process personal information in accordance with the Personal Information Protection Law (PIPL, effective November 1, 2021), with separate consent and compliance with applicable data localization requirements where mandatory.

18 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy / DSR
privacy@pocketstb.com
Legal / DPO
legal@pocketstb.com
Website
www.pocketstb.com

We are committed to working with you to obtain a fair resolution to any complaint or concern about privacy. If you are not satisfied with our response, you have the right to contact your local data protection authority.

19 Governing Law & Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with applicable privacy laws of the jurisdiction in which you reside. For users in the EU/EEA, the GDPR and the laws of the applicable Member State govern. For users in the United States, applicable federal and state privacy laws apply.

Nothing in this Privacy Policy limits your rights to bring claims before applicable data protection supervisory authorities in your jurisdiction.