YouTube API Terms of Service: Developer Policy III.E.4.b. states:
Note that even though an API Client may store this data for more than 30 days, the Client must still ensure every 30 days that it is still authorized by the user to access that data.
What does "ensure" mean?
Do we need to have a terrible UX that makes users re-authenticate every 30 days? Or do we just need to verify that the OAuth 2.0 credentials are valid?
Every 30 days use your refresh token to get a new access token if it works log the date to show you have access if it doesn't work then delete the data you have stored or..
What I normally do is contact the owner and ask them to authorize the app again wait a week if they haven't then delete the data.
You could check every twenty days if you want to stay on the good side of the 30day limit.
- use a refresh token every day to get a new access token
This is what they are designed to do
- use it to retrieve the day's data. 2. use it to retrieve the day's data and store it in our database.
This is what the api is designed to do
- one day, if it is revoked, delete the stored data.
This is what the we are directed to do by YouTube.
Sounds like your design is all within the guidelines as written. Note I am not a lawyer or a employee of YouTube, I am merely a developer like you interpreting the guidelines as written.