Skip to content
MetaTana
LEGAL

Privacy Policy

Effective date: April 18, 2026

MetaTana is local-first software with optional hosted account, billing, device-linking, email, and Pro AI Vision services. Your media files remain on your machine or server unless you choose to send limited data to configured integrations or hosted features.

MetaTana is operated by Watari Labs Pty Ltd (ABN 84 696 983 829). For privacy questions, access or correction requests, and complaints, contact support@watari.dev.

1. Data That Stays On Your Machine

By default, your local MetaTana installation stores and processes library data on your own device, server, or Docker volume. This can include:

  • media files, thumbnails, generated artwork, and sidecar files
  • the local SQLite database containing library metadata, identification results, configuration, and scan history
  • local logs, caches, provider responses, and rollback journals
  • local credentials or provider keys you choose to configure

MetaTana does not upload full media files by default and does not send raw local filesystem paths to hosted AI Vision in the default hostedidentify path.

2. Hosted Account And Billing Data

If you create an account, sign in, link a device, subscribe to Pro, or purchase AI credits, MetaTana processes hosted account data such as:

  • email address, profile identifiers, sessions, and device links
  • subscription status, entitlements, AI credit balances, and usage
  • billing event identifiers, order identifiers, and invoice metadata
  • support requests and account-administration notes

Payment card details are handled by MetaTana's payment processor. MetaTana stores the billing records needed to operate subscriptions, entitlements, receipts, support, fraud prevention, and accounting, but does not store full card numbers.

3. AI Vision

When AI-assisted identification is enabled, MetaTana may send limited data either to the AI provider you configure in BYOK mode or to the hosted AI Vision service for Pro accounts. This can include:

  • reviewed frame samples extracted from media files
  • privacy-reviewed hints such as filename basename, parsed title, year, media type, and provider candidate context
  • model-routing, cache, latency, cost, and credit-accounting metadata

Hosted AI Vision is intended for hint-assisted identification. It does not upload full video files, does not need your full library inventory, and does not use raw local paths in the default hosted identify flow.

4. Metadata Provider API Calls

MetaTana fetches metadata from external providers such as TMDb, TVDB, OMDb, Fanart.tv, MDBList, and AniList to enrich your library. Direct provider requests generally contain search hints such as title, year, media type, and provider IDs, not media files.

Provider requests are governed by the privacy policies, terms, and rate limits of the provider you use. Hosted provider-backed routes may add MetaTana-operated caching, quota, entitlement, and compliance checks when those routes are enabled.

5. Playback Server Sync

If you configure playback server integrations such as Plex, Kodi, Emby, or Jellyfin, MetaTana communicates with those servers to sync library data, watch status, and metadata. This communication happens directly between your MetaTana instance and your configured server unless a future feature explicitly says otherwise.

6. How We Use Hosted Data

We use hosted data to operate the Services, authenticate accounts, link devices, maintain subscriptions and AI credit balances, process payments and receipts, route hosted AI Vision requests, prevent abuse,investigate security issues, provide support, comply with law, and improve reliability.

We do not sell personal information. We do not use your local media files for advertising. Hosted AI Vision remains hint-assisted: it usesreviewed frame samples and limited local title, year, media-type, and provider-candidate context, not full media uploads or full library inventory.

7. Email, Support, And Operations Providers

MetaTana may use third-party providers to operate the Services, including email delivery, payment processing, hosting, logging, security monitoring, and customer support. These providers process data only as needed to deliver those functions.

Current provider categories include:

CategoryCurrent providersPurpose
Hosting and infrastructureHosted API, website hosting, DNS, backups, and deployment providersOperate the hosted API, website, storage, backup, and network paths
Payment processingPolarCheckout, subscriptions, invoices, refunds, chargebacks, and tax records
Email deliveryResendSign-in codes, device-linking email, service email, and account notices
AI routing and model providersOpenRouter and selected model providers used for hosted AI VisionRoute reviewed frame samples and limited hints for hint-assisted identification
Support, logging, and securityAccount-operations, logging, monitoring, security, and support toolsSupport requests, diagnostics, abuse prevention, incident response, and reliability

We review this list as hosted infrastructure changes and update this policy when provider categories or material processing purposes change.

These providers may process data outside Australia. Likely countries or regions include Australia, the United States, the United Kingdom, the European Union or European Economic Area, Singapore, and other regions used by our hosting, email, payment, AI routing, model, and support providers. Provider locations can change as infrastructure and routing changes.

8. Optional Telemetry And Logs

MetaTana does not require library analytics for normal local use. Optional OpenTelemetry export is operator-configured and sends data to the endpoint you choose. Hosted Services may keep security, diagnostic, quota, billing, and abuse-prevention logs. Diagnostic payloads should avoid raw query bodies by default and may be retained for shorter operational windows than billing records.

9. Docker Deployment

When running MetaTana via Docker, local app data is stored within your configured host volumes. Hosted account, billing, and AI Visionbehavior is the same as other MetaTana deployments when you sign in or enable hosted features.

10. Security And Retention

You are responsible for securing your local device, server, container, filesystem, media library, backups, provider keys, and playback server credentials. MetaTana uses access controls and operational safeguards for hosted data, but no system can be guaranteed perfectly secure.

MetaTana retains hosted data for as long as needed to provide the Services, maintain accounts, comply with legal and accounting obligations, resolve disputes, prevent abuse, and enforce terms.

Indicative retention periods for hosted data are:

  • Account records and device links: for the account lifetime, then during the account-deletion window unless longer retention is required for billing, security, dispute, fraud-prevention, or legal reasons
  • Sessions, sign-in records, and email-code challenges: for short operational and abuse-prevention windows after expiry or revocation
  • Billing, tax, invoice, order, refund, and chargeback records: for up to seven years where accounting, tax, payment, dispute, or legal obligations require it
  • AI Vision request metadata, including model, cache, latency, cost, credit, and quota records: for operational, billing, abuse-prevention, and cost-accounting periods
  • Diagnostic payloads: for short diagnostic windows unless needed for security investigation, legal compliance, or an active dispute
  • Backups: for the configured backup retention window before ordinary rotation, unless a backup must be retained for security, legal, accounting, or dispute reasons

You can request account export or deletion through supported account flows where available. Some records may be retained after deletion if needed for billing, tax, dispute, fraud-prevention, security, or legal compliance reasons.

11. Access, Correction, And Complaints

You may ask to access or correct personal information that Watari Labs holds about you by emailing support@watari.dev. We may need to verify your identity before acting on the request. We aim to respond within 30 days where practicable, or within another period required by applicable law.

If you have a privacy complaint, contact us with the account email, the issue, and the outcome you are seeking. We will acknowledge the complaint, investigate it, and provide a response within a reasonable time. If you are not satisfied with the response, you may contact the Office of the Australian Information Commissioner.

12. Marketing Communications

We may send service emails about sign-in codes, device linking, billing, security, account administration, and support. We may send marketing emails only with consent or where permitted by law. Marketing emails will identify the sender and include a functional unsubscribe method. You can also ask to unsubscribe by emailing support@watari.dev.

13. Data Breaches

If a data breach involving hosted personal information is likely to result in serious harm, we will assess and notify affected users and regulators where required by Australian law.

14. Contact

Questions about this privacy policy can be sent to support@watari.dev.

This page may be updated as the project evolves. When that happens, the effective date at the top of this page will change.