Legal
Privacy Policy
Effective date: February 5, 2026 · Last updated: February 5, 2026
Snap ("we," "us," or "our") operates the website https://snap-dock.co and the Snap desktop application (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have.
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Account Information
When you create an account, we collect information you provide directly:
- Email address — required for account creation and communication.
- Full name — optionally provided during sign-up or pulled from your OAuth provider.
- Profile avatar URL — retrieved from your OAuth provider (Google or GitHub) if you use social login.
- Password — if you sign up with email and password. Passwords are hashed and never stored in plaintext.
1.2 Payment Information
When you subscribe to a paid plan, payment processing is handled entirely by Stripe, Inc. We do not store your credit card number, bank account details, or other payment instrument data on our servers. We receive and store:
- Stripe customer ID and subscription ID.
- Subscription plan, status (active, canceled, past due), and billing period dates.
- The email address associated with your Stripe account.
Stripe's handling of your payment data is governed by the Stripe Privacy Policy.
1.3 Authentication Data
We support sign-in via Google OAuth and GitHub OAuth. When you authenticate through a third-party provider, we receive your name, email address, and profile picture URL from that provider. We do not receive or store your third-party password.
1.4 License Keys
When you subscribe to a paid plan, we generate and store a software license key tied to your account. This key is used to activate the Snap desktop application.
1.5 Usage & Analytics Data
We use Vercel Analytics to collect anonymized, aggregated usage data about how visitors interact with our website. This includes:
- Page views and navigation paths.
- Core Web Vitals (performance metrics such as page load time).
- Referring URLs, browser type, and device type.
- Country-level geographic data (not precise location).
Vercel Analytics does not use cookies for tracking and does not collect personally identifiable information. For more details, see the Vercel Analytics Privacy Policy.
1.6 Cookies
We use a limited number of cookies, all of which are essential to the operation of the Service:
- Authentication session cookies — httpOnly, Secure cookies set by Supabase to maintain your login session. These are strictly necessary and cannot be disabled without losing the ability to sign in.
We do not use advertising cookies, social media tracking cookies, or any non-essential cookies.
1.7 Desktop Application
The Snap desktop application runs locally on your device. Screenshots, prompts, voice recordings, console output, and any other content you interact with through the desktop application are processed locally and are not transmitted to our servers unless you explicitly choose to share them (e.g., copying annotated screenshots to your clipboard for use with a third-party AI tool). We do not collect, store, or have access to the content of your screenshots or prompts.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service.
- Create and manage your account and authenticate your identity.
- Process payments and manage your subscription.
- Generate and validate software license keys for the desktop application.
- Send transactional emails (account verification, password resets, billing receipts).
- Monitor website performance and diagnose technical issues.
- Comply with legal obligations.
We do not sell, rent, or share your personal information with third parties for their marketing purposes.
3. Third-Party Services
We share information with the following third-party service providers, solely to operate the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, authentication | Email, name, avatar URL, hashed password |
| Stripe | Payment processing | Email, subscription & payment details |
| Vercel | Hosting, analytics | Anonymized usage metrics |
| Google (OAuth) | Authentication | OAuth tokens (name, email, avatar) |
| GitHub (OAuth) | Authentication | OAuth tokens (name, email, avatar) |
Each provider is subject to their own privacy policies. We recommend reviewing them.
4. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it by law (e.g., billing records for tax compliance, which may be retained for up to 7 years).
Stripe may retain payment-related records independently in accordance with their own retention policies and legal obligations.
5. Data Security
We implement industry-standard security measures to protect your data:
- All data in transit is encrypted via TLS/HTTPS.
- Passwords are hashed using bcrypt before storage.
- Authentication tokens are stored in httpOnly, Secure cookies.
- Stripe webhook signatures are verified to prevent tampering.
- Administrative API keys are stored as environment variables and are never exposed to the client.
No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access — Request a copy of the personal data we hold about you.
- Correction — Request correction of inaccurate or incomplete data.
- Deletion — Request deletion of your personal data ("right to be forgotten").
- Portability — Request your data in a structured, machine-readable format.
- Objection — Object to processing of your data for certain purposes.
- Withdrawal of Consent — Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, please contact us at snap@snap-dock.co. We will respond within 30 days.
7. International Data Transfers
Our service providers (Supabase, Stripe, Vercel) may process data in the United States or other countries outside your jurisdiction. By using the Service, you consent to the transfer of your information to these countries. We ensure that appropriate safeguards are in place, including reliance on Standard Contractual Clauses where applicable.
8. Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us at snap@snap-dock.co.
9. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose.
- Request deletion of your personal information.
- Opt out of the "sale" of personal information. We do not sell your personal information.
- Not be discriminated against for exercising your privacy rights.
To make a CCPA request, contact us at snap@snap-dock.co.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through the Service. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- Email: snap@snap-dock.co
- Website: https://snap-dock.co