Privacy Policy

Last updated: April 5, 2026

1. Who we are

ContextSnip (“we”, “us”, “our”) is a screen-capture tool that converts recordings into AI-readable markdown. We are based in Rotterdam, South Holland, the Netherlands.

Data controller: ContextSnip, Rotterdam, the Netherlands.

Contact: info@contextsnip.com

2. Our privacy-first approach

ContextSnip is designed around local-first processing. Screen recordings, click tracking, frame extraction, and transcription (via Whisper.cpp) all happen entirely on your device. We never upload, transmit, or store your capture data on our servers.

3. What data we collect

3.1 Account data

When you create an account (via email/password or Google OAuth), we collect your email address and, optionally, your name and profile picture. Account creation is invite-gated. You need a valid invite code to sign up. This data is stored securely in Supabase and used to provide the service.

3.2 Google OAuth

If you sign in with Google, we receive your email address, name, and profile picture from Google. We use this data solely to create and manage your account. We do not access your Google Drive, Gmail, contacts, or any other Google service data.

3.3 Waitlist data

If you join our waitlist, we collect your email address. This is used only to communicate product updates and grant access.

3.4 Payment data

Payments are processed by Stripe. We do not store your credit card number or full payment details. Stripe provides us with a customer ID, subscription status, and billing metadata (plan type, trial end date). See Stripe’s Privacy Policy for how they handle payment data.

3.5 Transactional emails

We send transactional emails (invite notifications, account updates) via Resend from noreply@contextsnip.com. Your email address is shared with Resend solely for delivery purposes.

3.6 Website usage data

Our website may use essential cookies for session management. We do not use advertising trackers or sell your data to third parties. See our Cookie Policy for details.

3.7 Desktop application data

The ContextSnip desktop app processes all capture data locally. We do not collect, access, or store any of your screen recordings, extracted frames, transcriptions, or generated markdown output.

The desktop app makes the following network requests:

  • Authentication: connects to Supabase to manage your session and verify your subscription status.
  • Update checks: on launch, the app contacts GitHub to check if a newer version is available. No personal data is sent in this request.
  • Whisper model download: if you opt in to audio transcription, the app downloads the Whisper model from HuggingFace. This is a one-time download.

4. Legal basis for processing (GDPR)

We process personal data under these legal bases:

  • Contract performance: to provide the service when you create an account and subscribe.
  • Consent: when you sign up for the waitlist or accept optional cookies.
  • Legitimate interest: to improve our website and understand aggregate usage patterns, balanced against your rights.

5. Data sharing and transfers

We do not sell, rent, or trade your personal data. We share data with the following processors, all under Data Processing Agreements:

  • Supabase: authentication and database hosting.
  • Stripe: payment processing.
  • Resend: transactional email delivery.
  • Vercel: website hosting.
  • Legal obligations: when required by Dutch or EU law.

If data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).

6. Data retention

Waitlist emails are retained until you unsubscribe or request deletion. Account data is retained for the duration of your account plus 30 days after deletion. Payment records are retained as required by Dutch tax law (7 years). We periodically review and purge data that is no longer needed.

7. Your rights under GDPR

As an EU/EEA resident, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens): autoriteitpersoonsgegevens.nl

To exercise any of these rights, email info@contextsnip.com. We respond within 30 days.

8. Security

We use industry-standard security measures to protect the limited data we collect, including encrypted connections (TLS), secure storage, Row Level Security on our database, and access controls. The desktop application’s local-only architecture means your most sensitive data (recordings, frames, transcriptions) never leaves your machine.

9. Children

ContextSnip is not directed at individuals under 16. We do not knowingly collect data from children. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

10. Changes to this policy

We may update this policy as our product and legal obligations evolve. Material changes will be communicated via email or a notice on our website. Your continued use of ContextSnip after changes constitutes acceptance.