Privacy Policy

What SnapZyn Is

SnapZyn is a Chrome extension that captures browser screenshots and makes them searchable using AI. It is built and operated by Lakshman ("we", "us"). This policy explains what data we collect, how we use it, and your choices.

Data That Stays on Your Device

By default, SnapZyn stores all screenshots, extracted text, and AI-generated metadata locally in your browser's IndexedDB storage. This data never leaves your device unless you explicitly enable Cloud Sync (available in a future update). We cannot access, view, or recover your local screenshots.

Specifically, the following always stays on your device:

• Full-resolution screenshot images — stored in IndexedDB, never uploaded to our servers or any third party
• OCR text extraction — performed locally on your device via Tesseract.js running in a Chrome offscreen document
• Embedding vectors — used for semantic search, stored locally in IndexedDB
• Threads and Collections — organizational metadata computed and stored locally
• Annotations and redactions — applied to screenshots locally before any AI processing occurs

Data We Send to Third-Party AI Services

When you use AI-powered features, the following data is sent to OpenAI's API via our backend proxy:

• Extracted text (OCR output) — sent to OpenAI for AI summarization, tagging, and embedding generation. This is text only; the screenshot image itself is never sent for standard analysis.
• Low-resolution thumbnail images (~40KB each) — sent to OpenAI only when you explicitly use the Screenshot Diff or Debug Mode features. These features require AI vision processing. Full-resolution screenshots are never sent.
• Ask queries — when you use ⌘J, your question and relevant extracted text from matching screenshots are sent to OpenAI for answer generation.

OpenAI processes this data under their API data usage policy. API requests are not used by OpenAI to train their models.

Local AI Processing (Chrome Built-in AI)

On supported hardware (Chrome 138+ with Gemini Nano), some AI features run entirely on your device. When local AI is used, no data is sent to our servers or OpenAI for that operation. The extension automatically detects availability and routes processing locally when possible, falling back to cloud AI when not.

Auto-Redact and Sensitive Data

SnapZyn's auto-redact feature detects sensitive patterns (email addresses, API keys, phone numbers, credit card numbers) in your screenshots using local regex pattern matching — no network call is involved. When you choose to redact, the sensitive regions are pixelated on the image and the corresponding text is scrubbed from OCR output before any data is sent to AI services. This means AI never sees your redacted sensitive information.

Account & Authentication Data

If you create an account (required for paid features), we collect your email address and basic profile information through Clerk, our authentication provider. Clerk's privacy policy governs their handling of authentication data.

Payment Data

Payments are processed by Dodo Payments, which acts as the Merchant of Record. We never see, store, or process your credit card or payment details directly. Dodo handles all payment compliance, including tax collection. Dodo's privacy policy applies to payment processing.

Waitlist & Communications

If you join our waitlist, we collect your email address via Loops.so. We use this solely to send you product updates. You can unsubscribe at any time via the link in any email.

Analytics

On snapzyn.comwe use Vercel Analytics, Vercel Speed Insights, and PostHog (product analytics) to understand traffic and usage patterns. These scripts only load after you accept the cookie banner on your first visit. You can change your choice at any time via the “Cookie Settings” link in the footer.

In the extension we use Sentry for error monitoring and PostHog for anonymous product analytics. You can disable both at any time via Settings → Privacy → “Send anonymous error reports” inside the extension.

We do not track browsing activity outside the extension. We do not sell or share analytics data.

No Always-On Recording

SnapZyn does not continuously record your screen. Screenshots are captured only when you explicitly trigger them with a keyboard shortcut (⌘+Shift+S). We do not monitor, record, or index any page you visit unless you choose to capture it. This is a fundamental design principle, not just a privacy feature.

Permissions

SnapZyn requests the following Chrome permissions, each for a specific purpose:

• activeTab — to capture the currently visible tab when you invoke the screenshot shortcut
• storage — to save screenshots and preferences locally in IndexedDB
• alarms — to schedule background AI processing, thread clustering, and collection rebuilds
• tabs — to retrieve the source URL and page title of captured pages
• commands — to register keyboard shortcuts (⌘+Shift+S, ⌘J, ⌘K)
• scripting — to inject the ⌘J command palette and capture overlays into the active tab
• offscreen — to run OCR processing in a Chrome offscreen document
• Host permissions — to enable screenshot capture on any page you visit (only activated when you invoke capture)

Third-Party Services

We use the following services to operate SnapZyn:

• OpenAI — AI text processing, embeddings, and vision analysis (GPT-4o-mini, GPT-4o, text-embedding-3-small)
• Clerk — authentication
• Neon — PostgreSQL database (stores account metadata and usage counts only; never stores screenshots or their content)
• Railway — API server hosting
• Vercel — website and dashboard hosting
• Loops.so — waitlist and email communications
• Resend — transactional emails (welcome, billing)
• Vercel Analytics & Speed Insights — website traffic analytics (cookie-banner gated)
• PostHog — product analytics (cookie-banner gated on the web; user-toggleable in the extension)
• Sentry — extension error monitoring (user-toggleable)
• Dodo Payments — payment processing (Merchant of Record)

Data Retention

Local data persists until you delete it or uninstall the extension. Server-side data: AI processing inputs (text, thumbnails) are discarded immediately after processing and are not stored on our servers. Account data is retained while your account is active and deleted within 30 days of account deletion request.

Your Rights

You can:

• Export all your local data at any time using the ZIP export feature in Settings
• Delete all local data by clearing extension storage or uninstalling
• Request deletion of any server-side account data by emailing us
• Unsubscribe from emails at any time

For users in the EU/UK, GDPR rights apply (access, rectification, erasure, portability, restriction, objection). For users in California, CCPA rights apply. Contact us to exercise these rights.

Children

SnapZyn is not intended for children under 13. We do not knowingly collect data from children.

Changes

We may update this policy as the product evolves. Material changes will be communicated via email or an in-extension notice.

Contact

Questions about this policy? Email us at support@snapzyn.com.