Privacy Policy

Account information. When you sign in with Google, we receive your email address, name, and profile photo as provided by Google. We store these on Supabase (our auth and database provider) to identify your account.

Content you upload.Screenshots, reference images, and prompts you submit to the Service are stored in Supabase Storage and the Service's database, scoped to your user account. We use them solely to operate the Service for you.

Outputs. AI-generated feedback, redesigns, and generated screenshots produced for you are also stored in your account so you can revisit them.

Billing information. If you subscribe to Pro, payment details (card number, billing address, etc.) are collected and held by Lemon Squeezy, our payment processor. We do not see or store your card number. We receive a transaction reference and subscription status so we can grant you Pro access.

Usage and diagnostics. We collect anonymized analytics (page views, performance metrics) via Vercel Analytics and Vercel Speed Insights. These do not use cookies and do not track you across sites.

Cookies. We use functional cookies set by Supabase to keep you signed in (session and PKCE cookies). We do not use advertising cookies.

We process your data only to:

• provide, secure, and improve the Service;
• run AI requests on your behalf (sending Inputs to AI providers, returning Outputs to you);
• process payments and manage your subscription;
• respond to your support requests;
• comply with legal obligations and enforce our Terms.

We do not sell your data, and we do not use your screenshots, prompts, or Outputs to train our own AI models.

We share data only with vendors strictly necessary to run the Service:

• Supabase — authentication, database, file storage. Stores your account, project records, and screenshots.
• OpenAI— AI processing. Your screenshots, reference images, and prompts are sent to OpenAI's API to generate roasts, redesigns, and screenshots. OpenAI's API-default data policy states it does not train on data sent via the API.
• Vercel — hosting and analytics. Receives request metadata necessary to serve the site.
• Google — sign-in provider. Receives the OAuth handshake; we do not share your Service data back to Google.
• Lemon Squeezy — payments. Handles checkout, subscription billing, and receives the data you provide at checkout.

Your data is stored on infrastructure operated by Supabase, Vercel, and our other sub-processors, which may be located in the United States or other regions. By using the Service you understand that your data may be transferred to and processed in those jurisdictions.

We keep your account data, projects, screenshots, and Outputs for as long as your account is active. You can delete individual projects at any time from your dashboard. To delete your entire account and associated data, email info.screenshotroast@gmail.com; we will process deletion within 30 days, except where we are required to retain certain records for legal, accounting, or fraud-prevention purposes.

Failed or partial uploads and AI requests that produce no output are typically purged within 30 days.

Depending on where you live, you may have the right to:

• access the personal data we hold about you;
• correct inaccurate information;
• delete your data;
• export your data in a portable format;
• object to or restrict certain processing;
• withdraw consent where processing is based on consent.

To exercise any of these rights, email info.screenshotroast@gmail.com. We may need to verify your identity before fulfilling the request.

We use industry-standard practices to protect your data: HTTPS in transit, encrypted storage at rest via Supabase, row-level security so users can only access their own projects, and signed short-lived URLs for screenshot access. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

The Service is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with data, contact us and we will delete it.

We may update this policy as the Service evolves. The "effective date" above will always reflect the latest version. For material changes, we will notify you in the Service or by email.

Questions, deletion requests, or other privacy concerns? Email info.screenshotroast@gmail.com.