Last Updated: [DATE]

Privacy Policy

1. Introduction

SnipAPI ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information when you use our screenshot service.

2. Information We Collect

2.1 Account Information

  • Username and Email: Required for account creation and service access
  • Password: Stored as encrypted hash for security
  • Verification Status: Email verification status for account security

2.2 Service Usage Data

  • Screenshots: Images and files you create using our service
  • API Usage: Requests made through our API with timestamps
  • Storage Usage: Amount of storage space used by your account

2.3 Security Information

  • Login Activity: Timestamps and IP addresses of login attempts
  • Two-Factor Authentication: Secret keys and backup codes (if enabled)
  • API Keys: Encrypted access keys for API usage

2.4 Technical Information

  • IP Addresses: For security monitoring and rate limiting
  • Browser Information: User agent for compatibility and security
  • Request Logs: For service optimization and security purposes

3. How We Use Your Information

3.1 Service Provision

  • Create and manage your account
  • Process screenshot requests
  • Provide API access and authentication
  • Monitor usage limits and quotas

3.2 Security and Safety

  • Detect and prevent unauthorized access
  • Monitor for suspicious activity
  • Implement rate limiting and abuse prevention
  • Maintain service security and integrity

3.3 Communication

  • Send account verification emails
  • Notify about important service changes
  • Respond to support requests
  • Send security alerts when necessary

4. Data Storage and Security

4.1 Storage Location

  • Screenshots are stored securely using Cloudflare R2 storage
  • Database information is stored on secure servers
  • All data transmission is encrypted

4.2 Security Measures

  • Password encryption using industry-standard hashing
  • API key encryption and secure storage
  • Two-factor authentication support
  • Regular security monitoring and logging

4.3 Data Retention

  • Active accounts: Data retained while account is active
  • Inactive accounts: Data may be deleted after extended inactivity
  • Deleted accounts: All data permanently deleted within 30 days

5. Data Sharing and Disclosure

We do not sell, trade, or share your personal information except:

5.1 With Your Consent

  • When you explicitly authorize sharing
  • For features that require third-party integration

5.2 Legal Requirements

  • To comply with legal obligations
  • To protect our rights and safety
  • To prevent fraud or abuse

5.3 Service Providers

  • Cloudflare R2 for secure file storage
  • Email service providers for account communications
  • Security monitoring services for threat detection

6. Your Rights and Choices

6.1 Account Control

  • Update your account information at any time
  • Change your password and security settings
  • Enable or disable two-factor authentication
  • Manage API keys and access permissions

6.2 Data Rights

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request account and data deletion
  • Portability: Export your data in standard formats

6.3 Privacy Controls

  • Control marketing communications (if applicable)
  • Manage data processing preferences
  • Request processing restrictions when needed

7. Cookies and Tracking

7.1 Cookies We Use

  • Session Cookies: For maintaining your login session
  • Security Cookies: To prevent unauthorized access
  • Preference Cookies: To remember your settings

7.2 Cookie Settings

  • Essential cookies cannot be disabled
  • You can control optional cookies through browser settings
  • Disabling cookies may affect service functionality

8. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international data transfers.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes through:

  • Email notifications to registered users
  • Prominent notices on our website
  • Updates to the "Last Updated" date

11. Data Breach Notification

In the unlikely event of a data breach affecting your personal information:

  • We will notify affected users within 72 hours
  • We will report to relevant authorities as required
  • We will provide clear information about the incident and our response

12. Contact Us

For privacy-related questions or requests:

  • Email: [ADMIN_EMAIL]
  • Data Protection: Submit requests through your account dashboard
  • Security Issues: Report immediately through our security contact

This Privacy Policy complies with applicable data protection laws including GDPR, CCPA, and other regional privacy regulations.