Privacy Policy for SnapIssue
Last Updated: October 24, 2025

Introduction
SnapIssue ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our browser extension and related services.

Information We Collect
1. Account Information
When you create an account, we collect:

Email address
Name
Password (encrypted)
Account plan type (Free, Pro, Team)
2. Screenshot Data
When you capture screenshots, we collect:

Screenshot images
Page URL and title
Your annotations and descriptions
Technical metadata:
Browser information (name, version)
Operating system information
Viewport size
Console logs (last 10 messages)
Failed network requests
Timestamp of capture
3. Team Information
If you use team features:

Team name
Team member email addresses
Role assignments
Team invitations
4. Integration Data
When you connect third-party services:

OAuth tokens (encrypted)
Integration settings
External issue IDs (GitHub, Jira)
5. Billing Information
For paid plans:

Payment information is processed by Stripe
We store only: subscription status, plan type, and customer ID
We do NOT store credit card numbers
6. Usage Data
We automatically collect:

Login timestamps
Feature usage statistics
Error logs and diagnostics
API request logs (IP addresses are anonymized after 30 days)
How We Use Your Information
We use collected information to:

Provide Services

Store and display your screenshots
Sync data across devices
Enable team collaboration
Process integrations with third-party services
Improve Services

Analyze usage patterns
Debug technical issues
Develop new features
Account Management

Authenticate users
Process payments
Send service notifications
Communication

Send team invitations
Notify about integration events
Send account-related emails (password resets, billing)
We do NOT:

❌ Sell your personal data
❌ Use your data for advertising
❌ Share your screenshots without permission
Data Storage and Security
Storage Location
Screenshots: Cloudflare R2 (encrypted at rest)
Database: PostgreSQL with encrypted connections
Location: European Union data centers
Security Measures
End-to-end encryption for data in transit (TLS 1.3)
Encrypted storage for sensitive data
Regular security audits
Access controls and authentication
Automated backups with encryption
Data Retention
Active accounts: Data retained while account is active
Deleted accounts: Data permanently deleted within 30 days
Backup retention: 90 days for disaster recovery
Anonymous logs: 30 days
Third-Party Services
We use the following third-party services:

Essential Services
Cloudflare R2 - Screenshot storage

Privacy Policy: https://www.cloudflare.com/privacypolicy/
Stripe - Payment processing

Privacy Policy: https://stripe.com/privacy
Resend - Transactional emails

Privacy Policy: https://resend.com/legal/privacy-policy
Optional Integrations (User-Initiated)
GitHub - Issue tracking integration

Privacy Policy: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement
Jira - Issue tracking integration

Privacy Policy: https://www.atlassian.com/legal/privacy-policy
Linear - Issue tracking integration

Data Sharing
We share your information only in these circumstances:

With Your Consent
When you create public screenshots
When you share screenshots with team members
When you export to third-party services
Service Providers
Cloud infrastructure providers (Cloudflare)
Payment processors (Stripe)
Email service providers (Resend)
These providers are contractually required to protect your data.

Legal Requirements
We may disclose information if required by:

Valid legal process (subpoena, court order)
Government requests
Protection of our rights or safety
Your Rights
Access and Control
You have the right to:

✅ Access your personal data
✅ Export your screenshots
✅ Update your information
✅ Delete your account
✅ Opt-out of emails (except essential notifications)

How to Exercise Rights
Account Settings: Update profile and preferences
Account Deletion: Settings → Delete Account
EU/UK Users (GDPR)
You have additional rights:

Right to rectification
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing
Right to lodge complaints with supervisory authorities
Cookies and Tracking
Cookies We Use
Authentication: Session cookies (required)
Preferences: User settings (required)
Analytics: Anonymous usage statistics (optional)
Browser Extension Permissions
Our extension requires:

activeTab - Capture current tab only when you click the button
storage - Store settings locally
tabs - Get page information for screenshots

We do NOT:

Track your browsing history
Monitor tabs you don't screenshot
Collect data from other websites
Children's Privacy
SnapIssue is not intended for users under 16 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, contact us immediately.

International Data Transfers
If you're outside the EU:

Your data will be transferred to EU servers
We use standard contractual clauses for protection
Equivalent privacy protections apply
Changes to This Policy
We may update this Privacy Policy periodically. We will:

Notify users of material changes via email
Update the "Last Updated" date
Post changes at least 30 days before they take effect

Compliance
This Privacy Policy complies with:

EU General Data Protection Regulation (GDPR)
UK Data Protection Act 2018
California Consumer Privacy Act (CCPA)
Chrome Web Store Developer Program Policies
Firefox Add-on Policies
By using SnapIssue, you acknowledge that you have read and understood this Privacy Policy.