Privacy

Privacy Policy

v1 · Last updated 2026-04-19

This policy describes how TVWizard collects and handles data during our pre-launch phase. We'll revise it before paid tiers go live; anyone who already joined the waitlist will be emailed about material changes.

Who we are

TVWizard is operated by the team behind DJWizard. The service lives at tv.djwizard.ai, hosted on a single server in Frankfurt, Germany. You can reach us at hi@tv.djwizard.ai.

What data we collect

Waitlist signups

If you submit the waitlist form we store your email address and the optional "source" tag that indicates which post or page you came from. Nothing else. Your email is stored lower-cased, used only for product emails about early access, and deleted on request.

TV pairings

When you pair a TV we generate a 6-digit code plus a bearer token, and you choose a device ID (e.g. living-room). We store the device ID, the token, and the timestamp of pairing. We do not store anything about what the TV contains, what you watch, or what commands you issue.

Command traffic

Commands from your AI to your TV pass through our relay over encrypted HTTPS and WebSocket. We do not log command content. Standard HTTP access logs (method, path, status, response time, client IP) are retained for up to 14 days for debugging and abuse mitigation.

Aggregate metrics

Our /metrics endpoint exposes counters like "how many tool calls per tool name" and "how many paired devices." These are aggregate numbers; they don't identify individuals.

What we do not collect

No ad-tracking pixels. No Google Analytics, Segment, Meta, or similar.
No cookies. The landing page sets none. The authenticated MCP endpoint uses a bearer token you control, not a cookie.
No fingerprinting.
No content of your commands, no screen content, no viewing history.

Third parties we use

To make TVWizard work we call the following services. We do not share any personal data with them; they may observe our outbound requests originating from the relay.

Wikidata (Wikimedia Foundation) — title canonicalization + streaming content IDs for tv_play_title. CC0 public domain. Wikimedia privacy policy.
TVmaze (TVmaze B.V.) — TV episode metadata for tv_play_title. CC BY-SA 4.0. TVmaze privacy policy.
UptimeRobot — external uptime monitoring. Polls /health and /metrics from their servers; does not see user data.
Let's Encrypt — TLS certificates.

Where the data lives

Everything is stored on a single VPS in Frankfurt, Germany (EU) in a bbolt database on the server's filesystem. We do not use a managed database and we do not replicate to other regions. The server is backed up daily; backups never leave the EU.

Your rights (GDPR and comparable)

If you are in the EU, UK, or another jurisdiction with comparable data-protection rules, you have the right to:

Know what we hold about you.
Request deletion of your waitlist entry or your TV pairing.
Export your data.
Object to processing.

To exercise any of the above, email hi@tv.djwizard.ai. We aim to respond within 14 days.

Security

We authenticate every MCP request with a bearer token bound to a single device ID. Tokens are only issued via the pairing flow and can be revoked at any time (see the DELETE /pair endpoint, or ask us by email). The TV-side bridge is open source — you can audit exactly what runs on your TV at github.com/fizzious1/TVWizard-Bridge.

Data sharing and sales

We do not sell, rent, or share your data with advertisers or data brokers. Ever.

Children

TVWizard is not directed at children under 13. If you believe a child has submitted data to us, email us and we will delete it.

Changes to this policy

When we materially change this policy we will update the "last updated" date above and email everyone on the waitlist at least 7 days before the change takes effect.

Contact

Questions, deletion requests, anything else — hi@tv.djwizard.ai.