How your storage works

Klipr is a different shape from typical capture tools: your captures don't live on our servers. Here's exactly where they go, what we can see, and how sharing works.

The short version. When you connect Google Drive, Klipr creates one folder in your Drive and uploads captures there. The folder is private to your Google account — never link-shared. Klipr only has permission to touch files it created in that folder, nothing else in your Drive. When you share a klip, you hand out a getklipr.app/v/<id> link; Klipr enforces who can view, then streams the file from your Drive on demand. There is no public Drive URL anywhere.

Where your files live

Every screenshot, recording, and voice klip you capture uploads directly to a folder Klipr creates in your Google Drive (default: Klipr Captures). Klipr's servers never store the file bytes — only metadata: the Drive file id, file name, size, upload time, and any transcripts or comments tied to the klip.

If you delete the file in your Drive, the klip stops working. If you disconnect Klipr, the files stay in your Drive — they're yours.

What Klipr can and can't see in your Drive

Klipr requests Google's most restrictive Drive permission: the drive.file scope. This scope grants the app access only to files it created itself or that you explicitly hand it. Concretely:

Klipr can read, update, and delete the captures it uploaded to your Klipr folder.
Klipr cannot see anything else in your Drive — not your other folders, documents, photos, sharing settings, or files shared with you. They're invisible to it.
Klipr cannot list or browse your Drive at the top level. Even if our backend were compromised, the blast radius is the Klipr folder, not your Drive.

How sharing actually works

This is the part most people get backwards. The link you share is not a Google Drive URL. Walk through what happens when someone clicks getklipr.app/v/abc123:

The viewer hits Klipr's servers, not Google's. The viewer page doesn't embed a Drive URL anywhere. The browser only ever talks to getklipr.app.

Klipr checks your access rules. Public klip? Lock-screen protected? Sign-in required? Whatever you've set, Klipr enforces it before serving anything.

If allowed, Klipr fetches the file from your Drive server-side using the Google OAuth token tied to your account, then streams the bytes back through Klipr to the viewer. The viewer never receives a Drive URL or a token.

The Drive file itself stays private. No "anyone with the link can view" sharing is ever applied to your Drive file. The Klipr /v/<id> link is the share token; that's the only way in.

What this means in practice

The /v/<id> URL is the share. Treat it like an unlisted YouTube link — anyone with the URL can view, subject to whatever access rules you've set on the klip.
Sniffing a klip's URL doesn't give anyone access to the rest of your folder. There's no folder listing exposed; share ids are random and per-klip.
If you stop sharing a klip (or delete it), the link stops working immediately — Klipr's gate refuses the next request.

What happens when you disconnect

You can disconnect Klipr from your Drive at any time, from inside the app or from your Google account permissions page. When you do:

Klipr's OAuth token is revoked. Klipr can no longer read or write anything in your Drive.
Your files stay where they are, untouched, in your Drive folder.
Existing /v/<id> share links stop serving content (Klipr can't fetch from your Drive anymore).

What about S3, R2, and other buckets

For teams and self-hosters, Klipr also supports any S3-compatible bucket (AWS S3, Cloudflare R2, Backblaze B2, Wasabi, MinIO, and others). The model is the same: captures go to your bucket, Klipr's servers proxy the bytes through the same access-gated /v/<id> URL, and the underlying object URL is never exposed to viewers. Bucket credentials live encrypted at rest and are scoped to the bucket and prefix you configure.

Other things people ask

Can Klipr read my emails or other Google services?

No. Sign-in uses Google for identity (your name and email only). The Drive scope is separate and limited to drive.file — Klipr cannot see Gmail, Calendar, Contacts, Photos, or anything outside the files it created.

Are transcripts and comments stored on Klipr?

Yes — voice and screen-recording transcripts, plus comments and voice replies on a klip's viewer page, are stored on Klipr's servers (Cloudflare). The source audio and video stay in your Drive.

Can I see Klipr's source for the storage layer?

Klipr's storage code is small enough to audit. Email security@getklipr.app if you'd like a walkthrough or have specific questions for your security team.