Privacy Policy

1. Information We Collect

We collect the following types of information when you use Keepcatcher:

1.1 Account Information

When you sign up for an account (via email, Google, or GitHub), we collect:

• Name, email address, and authentication details.
• Stripe customer ID (for billing and subscriptions).
• Library and workspace information you create within the app.

1.2 Usage Data

We automatically collect data about how you interact with the Service, including:

• IP address, browser type, operating system, and device information.
• Access times, pages viewed, and referring URLs.

1.3 Payment Information

Payments are processed securely by Stripe. We do not store your full credit card details on our servers. Stripe's own privacy policy governs their use of your data: https://stripe.com/privacy

1.4 Stored Content

Media assets, collections, and other files uploaded to Keepcatcher are stored in Microsoft Azure Blob Storage. These assets are associated with your account and delivered via a secure Content Delivery Network (CDN).

1.5 Communication Data

If you contact us via email or through support forms, we may collect your name, email address, and the content of your message.

2. Google User Data

When you connect your Google account to Keepcatcher, we access certain Google user data to provide the Google Drive integration feature. This section describes our practices regarding Google user data in compliance with Google API Services User Data Policy and Google APIs Terms of Service.

2.1 Data Accessed

Keepcatcher accesses the following types of Google user data:

• Google Drive Files: We access files from your Google Drive that you explicitly select using Google's file picker interface. We use the https://www.googleapis.com/auth/drive.file scope, which provides access only to files you create with our app or explicitly select via Google Picker API.
• Email Address: When you sign in with Google, we access your email address (https://www.googleapis.com/auth/userinfo.email scope) for account authentication and identification purposes.

Important: We do not access your entire Google Drive. We can only access files that you explicitly select through Google's native file picker interface. We cannot browse, search, or access files you have not selected.

2.2 Data Usage

We use Google user data solely for the following purposes:

• File Import: When you select files from Google Drive, we download or export those files and import them into your Keepcatcher library. Google Workspace files (Docs, Sheets, Slides) are automatically exported to standard formats (DOCX, XLSX, PPTX) before import.
• Account Authentication: Your Google email address is used to create and authenticate your Keepcatcher account when you sign in with Google.
• Persistent Access: We store encrypted OAuth tokens (access tokens and refresh tokens) to maintain your Google Drive connection, allowing you to import files without re-authenticating each time.

We do not: modify, delete, or share files in your Google Drive. We do not access files you have not explicitly selected. All access is read-only and user-initiated. We do not use Google user data for advertising, marketing, or any purpose other than providing the file import functionality.

2.3 Data Sharing

We do not share Google user data with any third parties. Specifically:

• We do not sell, rent, or share Google user data with advertisers, marketers, or data brokers.
• We do not share Google user data with other users of the Service.
• Files imported from Google Drive are stored in your Keepcatcher library and are subject to the same privacy protections as other content you upload (see Section 5 for storage details).
• OAuth tokens are stored securely in our database and are never shared or exposed.

The only exception is that files imported from Google Drive are stored using our service providers (Microsoft Azure Blob Storage for file storage and Supabase for database storage) as described in Section 5. These service providers act as data processors and are contractually obligated to protect your data. They do not have independent rights to use your Google user data.

2.4 Data Storage & Protection

We implement comprehensive security measures to protect Google user data:

• Encrypted Token Storage: All Google OAuth tokens (access tokens and refresh tokens) are encrypted using AES-256-GCM encryption before being stored in our database. Encryption keys are stored separately in secure environment variables.
• Secure File Storage: Files imported from Google Drive are stored in Microsoft Azure Blob Storage with encryption at rest and in transit. Files are associated with your account and protected by authentication and role-based access controls.
• Database Security: OAuth tokens and metadata are stored in Supabase (PostgreSQL) with encryption at rest and in transit. Access is restricted through authentication and role-based access controls.
• Token Access: OAuth tokens are decrypted only when needed for API calls to Google Drive. Tokens are never exposed to client-side code or logged.
• Automatic Token Refresh: Access tokens are automatically refreshed using refresh tokens before expiration, ensuring secure and seamless access without requiring re-authentication.

We follow industry best practices for data security, including regular security audits, secure coding practices, and access controls. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

2.5 Data Retention & Deletion

Retention Policy:

• We retain Google OAuth tokens for as long as your Google Drive integration is connected and your Keepcatcher account is active.
• Files imported from Google Drive are retained in your Keepcatcher library for as long as your account is active or until you delete them.
• If you disconnect your Google Drive integration, we immediately delete all stored OAuth tokens and cease accessing your Google Drive.
• If you delete your Keepcatcher account, all imported files and OAuth tokens are deleted or anonymized within a reasonable timeframe (typically within 30 days), except where retention is required by law.

Deletion Process:

You can request deletion of your Google user data at any time through the following methods:

• Disconnect Google Drive: You can disconnect your Google Drive integration at any time through your account settings. This immediately removes all stored OAuth tokens and prevents further access to your Google Drive.
• Delete Imported Files: You can delete individual files imported from Google Drive through the Keepcatcher interface. Deleted files are permanently removed from our storage.
• Delete Account: You can delete your entire Keepcatcher account, which will delete all imported files, OAuth tokens, and associated data.
• Request Deletion: You can contact us at hey@keepcatcher.com to request deletion of your Google user data. We will process your request within 30 days.

Note: Disconnecting your Google Drive integration or deleting imported files does not affect files in your Google Drive. We only delete copies of files that were imported into Keepcatcher. To revoke Keepcatcher's access to your Google Drive entirely, you must revoke access through your Google Account settings.

3. How We Use Your Information

We use your data to:

• Provide, maintain, and improve the Service.
• Manage user accounts, libraries, and subscriptions.
• Process payments and handle billing via Stripe.
• Send important updates and notifications related to your account.
• Ensure platform security and prevent fraud or misuse.
• Comply with legal and regulatory obligations.

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on:

• Performance of a contract: to provide you access to Keepcatcher.
• Consent: when you opt in to communications or analytics.
• Legal obligation: to comply with laws and regulations.
• Legitimate interests: to improve the Service and ensure its security.

5. How We Store and Protect Your Data

Data is hosted on Supabase, which uses PostgreSQL with encryption at rest and in transit.

Media files are stored securely in Azure Blob Storage.

Access to all data is restricted through authentication and role-based access controls.

We implement security best practices to prevent unauthorized access, loss, or misuse of data.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service.

If you delete your account, we will delete or anonymize your data within a reasonable timeframe, except where retention is required by law.

7. Sharing of Information

We may share your data with:

• Service providers (e.g., Supabase, Azure, Stripe) that help us operate the platform.
• Legal authorities when required by law or to protect our rights.

We do not sell or rent your personal data.

8. International Data Transfers

Your data may be processed and stored in countries other than your own.

We rely on standard contractual clauses (SCCs) and equivalent safeguards to ensure adequate protection of your personal information.

9. Your Rights

Depending on your location, you may have rights to:

• Access, correct, or delete your personal data.
• Object to or restrict processing.
• Withdraw consent for data processing.
• Request data portability.

To exercise these rights, contact us at hey@keepcatcher.com.

10. Cookies and Analytics

Keepcatcher may use cookies or local storage to maintain user sessions and preferences.

We may use analytics tools to understand how users interact with the platform, but we do not use third-party advertising trackers.

11. Children's Privacy

Keepcatcher is not intended for children under 13 years of age (or the minimum age required in your jurisdiction).

We do not knowingly collect personal information from minors.

12. Changes to This Policy

We may update this Privacy Policy periodically.

When we do, we will update the "Last updated" date above and notify users through the app or by email when appropriate.

13. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

hey@keepcatcher.com