Privacy Policy

Last updated: April 28, 2026

What Klipr is

Klipr is a cross-platform capture app (Mac, Windows, and web) for screenshots, screen recordings, voice clips, meeting recordings, and uploaded files like PDFs. Captures upload to storage you control — your own Google Drive or S3-compatible bucket today — and Klipr mints a short share URL. We act as a conduit: the file bytes live in your storage, not ours.

What we collect

• Account information — your name and email address, provided via Google sign-in (managed by Clerk).
• Capture metadata — for every klip you create we store a file name, size, content type, upload timestamp, and the storage location (Google Drive file ID or S3 key) so the share link can stream the file back. We never store the capture bytes themselves.
• Transcripts — for voice clips, screen recordings, and meeting recordings, we generate a text transcript via OpenAI (Whisper or diarization-capable models) and store it on our servers so viewers can read along and search. For meeting recordings the transcript is speaker-aware: we store a per-speaker name/role map and timestamped segments. The source audio or video stays in your storage.
• Meeting context — when you choose a calendar event at recording time we take a one-time snapshot of that single event and store it with the klip: event title, start/end time, timezone, meeting URL, provider (Meet, Zoom, Teams, or Webex), organizer email, attendees (email, display name, response status), agenda preview, and location. Klipr never browses or stores the rest of your calendar; the Google Calendar OAuth scope is read-only and only used to list upcoming events when you arm a recording.
• Document text — for PDFs and other text-bearing files, we extract the text on our servers so the document is searchable from your library.
• AI-generated descriptions and embeddings — we may use AI (OpenAI) to generate a short description of each klip and produce embedding vectors of transcripts and document text so you can semantically search across your own library. Embeddings are derived from your own content and stored only to power your own search and AI workflows.
• Comments and voice replies — text comments and replies posted on a klip's viewer page are stored on our servers. Voice-reply audio is stored on our servers as well, since replies originate from any viewer and aren't associated with a connected storage provider.
• View events — when someone opens a share link we log the timestamp, the viewer's IP address (both raw and a salted hash), country, referrer, and user-agent so the klip owner can see read receipts and detect abuse. If the viewer is signed in we also log their Klipr user ID; if they have volunteered a display name in the comments UI we log that too. For video and audio klips we also log watch time and completion percentage per view.

What we do not collect

• The byte content of your captures — screenshots, recordings, voice clips, and uploaded files all upload directly to your Google Drive or S3 bucket.
• Your Google Drive credentials or the ability to read any files other than the ones Klipr itself created.
• Your S3 long-term credentials in plaintext — the access key/secret are encrypted at rest with a key only the worker holds.
• Persistent device identifiers or advertising IDs.

How we use your data

We use the data above solely to operate the service: authenticate you, generate and serve share links, show you view receipts, deliver transcripts, and power the AI features you opt into. We do not sell your data or use it for advertising.

AI processing & your OpenAI key

Klipr's AI features (transcription, descriptions, embeddings, the AI-collab interpreter) call OpenAI using either an OpenAI API key you provide in Settings → AI or, if you start a Klipr-funded trial, Klipr's platform key until the trial ends. Your API key is encrypted at rest and never sent anywhere except OpenAI. Per OpenAI's API data policy, content sent to their API is not used to train their models. Every AI call is logged in Settings → AI with its model, cost, and funding source.

Third-party services

• Clerk — handles authentication. See clerk.com/privacy.
• Google Drive / S3-compatible storage — stores your capture files in storage you own. See Google's privacy policy for Drive.
• Google Calendar (optional) — read-only access used only to list upcoming events when you arm a meeting recording, so we can attach the event title, attendees, and agenda to that one klip.
• OpenAI — processes transcription, descriptions, and embeddings using your own API key or Klipr's platform key during a Klipr-funded trial. See openai.com/policies/privacy-policy.
• Cloudflare — hosts our backend and database connection layer. See cloudflare.com/privacypolicy.
• Sentry — captures error and performance telemetry from the desktop app and backend. We scrub URLs and identifiers where possible. See sentry.io/privacy.

Data retention

Capture metadata, transcripts, document text, embeddings, descriptions, comments and replies, AI history, and view events are retained as long as your account is active or the underlying klip exists. Delete a klip and its associated metadata, transcript, embeddings, description, comments, and replies are removed from our servers within 30 days. You can delete your entire account and all associated data at any time using the self-serve flow in Settings → Account, described below.

Your rights — export and delete

You can export Klipr-held account data at any time. Sign in, open Settings → Account → Data & privacy, and click Download. The download is a single JSON file covering your profile, klips, transcripts, topics, comments, view events, AI/search data, storage connections, and related settings. Stored credentials, hashes, bearer/session tokens, and raw IP fields are excluded or replaced with presence flags. Capture bytes themselves live in your Google Drive or S3 and are not included in the export — you already have access to those in your own storage.

You can also permanently delete your account from the same screen via Delete account. This removes Klipr-held account data, signs you out, and deletes your Klipr-side authentication record. Files in your Google Drive or S3 are not touched — those belong to your storage account and you can delete them yourself there. Account deletion is immediate and cannot be undone.

If you'd prefer to handle either request manually, or you don't have access to your account, email privacy@getklipr.app.

Changes

If we make material changes to this policy we'll update the date above. Continued use of Klipr after changes are posted constitutes acceptance.

Contact

Questions? Email privacy@getklipr.app.