ScreenXshot

ScreenXshot Privacy Policy

Effective date: 12/27/2024

1. Introduction

Welcome to ScreenXshot. We prioritize your privacy and maintain minimal data collection practices. This privacy policy explains how we handle information when you use our screenshot API service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Username: Your chosen display name
  • Email Address: Used for account management and communications
  • Password: If using credentials signup, stored securely using industry-standard hashing

2.2 Authentication Methods

We offer multiple ways to sign in:

  • Credentials: Email and password (password is hashed)
  • Google OAuth: Managed through Google's authentication service
  • GitHub OAuth: Managed through GitHub's authentication service

When using OAuth (Google or GitHub), we receive and store:

  • Your username
  • Your email address
  • Your profile avatar URL

We do not receive or store any passwords or additional personal information from these providers. The avatar URL is stored to display your profile picture within our service.

2.3 Service Usage Data

  • API Usage Data: API calls and timestamps to manage your token usage
  • Technical Data: Basic request data necessary for service operation
  • Screenshot Data: Temporarily stored URLs and generated screenshots (automatically deleted after processing)

3. Payment Processing

For payment processing:

  • All payments are processed securely through Stripe
  • ScreenXshot does not collect, store, or process any payment information
  • When you make a purchase, you interact directly with Stripe's secure payment system
  • Stripe's privacy policy and terms of service govern the handling of your payment information

4. How We Use Your Information

We use the collected information solely for:

  • Managing your account and authentication
  • Processing your screenshot requests
  • Managing API token usage
  • Preventing service abuse
  • Technical service maintenance
  • Essential service communications

We do not:

  • Sell your personal information to third parties
  • Share your data with advertisers
  • Use your data for marketing purposes
  • Track your activity across other websites

5. Data Storage and Security

  • All API communications are encrypted using SSL/TLS
  • Passwords are securely hashed using industry-standard algorithms
  • Screenshots are temporarily stored and automatically deleted after processing
  • Account information is stored securely in our database

Data Transfer

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ.

If you are located outside [your country] and choose to provide information to us, please note that we transfer the data to [your country] and process it there.

Cookie Policy

We use only essential cookies necessary for:

  • Maintaining your authentication session
  • Storing your preferences
  • Ensuring secure API usage

We do not use any tracking or marketing cookies.

Data Breach Procedures

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of becoming aware of the breach
  • Provide information about the nature of the breach
  • Provide recommendations to protect yourself
  • Take immediate steps to prevent further unauthorized access

Service Termination

Upon service termination or account deletion:

  • All your personal information will be permanently deleted
  • Any remaining API tokens will be invalidated and fully refunded to your original payment method through Stripe
  • Cached screenshots will be immediately removed
  • Usage history will be anonymized

The refund process for unused tokens:

  • Will be processed automatically through Stripe
  • Will be sent to the original payment method used for purchase
  • May take 5-10 business days to appear in your account, depending on your payment provider
  • Will be calculated based on the number of unused tokens at the time of account termination

Age Restrictions

Our service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

6. Third-Party Services

ScreenXshot uses the following third-party services:

  • Stripe: For secure payment processing
  • Google OAuth: For authentication (optional)
  • GitHub OAuth: For authentication (optional)
  • Cloud Infrastructure: For hosting and processing screenshot requests

7. Your Rights

You have the right to:

  • Access your account information
  • Update your username and email address
  • Delete your account and associated data
  • Request information about your data usage
  • Opt-out of any future communications

8. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date.

9. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us.

Last updated: 12/27/2024