Privacy Policy
Last updated: 2 June 2026
We don’t sell your data. We don’t use advertising or cross-site tracking. We don’t run ads.
We only collect what’s needed to make Screenity work, and you’re always in control.
Got questions? → privacy@screenity.io
Who We Are
Screenity is built by Serial Labs Ltd, a small UK-based company.
We host our infrastructure in the EU, only work with vendors who meet strong EU/UK privacy standards, and collect the bare minimum needed to run the app.
What We Collect (and Why)
Account
- Name – Personalises your dashboard and emails
- Email – Needed for login and account setup. We may also use it to send you a one-time email when your video finishes rendering, containing a secure download link.
- Google account info – Only if you sign in with Google (name, email, avatar)
Videos
- Videos, edits, settings – To record, edit, and share your work
- Temporary local storage – Edits are saved briefly in your browser (IndexedDB) for autosave and undo/redo. These are automatically synced to our servers after a short delay
- Aggregated, non-identifying view counts per video – Basic stats per video (no tracking, no IDs)
In limited cases, we may access your video data to resolve technical issues, assist with recovery, or investigate failed renders or uploads. This access is strictly for support and maintenance purposes, and never for analytics, training, or content review.
Technical
- IP address – Used briefly to stop spam/abuse (e.g. rate-limiting); then discarded
- Support messages – Processed under legitimate interest (Art. 6(1)(f)) to respond to your inquiry.
- Crash reports – To keep Screenity stable and fix bugs, we collect basic error logs via a self-hosted Glitchtip instance. This includes technical info like browser version, page URL, and error messages. We do not capture or send any videos, transcripts, or user content. Glitchtip is hosted on our own EU-based server (Hetzner) and does not share data with third parties.
- Diagnostic telemetry – For signed-in Pro users, we collect a small set of diagnostics with each cloud recording to track down recording failures, which usually come down to a specific mix of operating system, browser, and hardware encoder. This includes your browser and OS (user-agent, OS, CPU core count, approximate memory), basic recording settings (whether camera, mic, and system audio are on; quality and frame rate), counts of open tabs and windows (numbers only, never titles or URLs), the domain of the page you're recording (never the full URL or page title), and technical details about the video encoder. If a recording fails, we also keep a short, scrubbed log of the recording's lifecycle. We do not collect your video, audio, transcripts, screenshots, full URLs, page titles, file names, or any identifier beyond your Screenity account ID. Free users have no remote telemetry. Like crash reports, this goes to our own EU-based server (Hetzner) and is not shared with third parties.
Your Role and Ours
When you use Screenity, you are the data controller for any personal data contained in your videos, recordings, or other uploaded content. Screenity acts as your data processor under GDPR, handling this data solely on your instructions to provide the service.
For account information (such as your name, email, and billing details), Screenity acts as the data controller.
If you are a business or institutional user and require a Data Processing Addendum (DPA) under Article 28 GDPR, you can request one by emailing privacy@screenity.io.
Legal Grounds (GDPR)
We process your data based on:
| Purpose | Legal Basis |
|---|---|
| Creating and managing your account | Contract (Art. 6(1)(b)) |
| Editing and storing videos | Contract (Art. 6(1)(b)) |
| Billing and payments | Contract (Art. 6(1)(b)) |
| Customer support | Legitimate interest (Art. 6(1)(f)) |
| Abuse prevention | Legitimate interest (Art. 6(1)(f)) |
| Google Drive integration | Consent (Art. 6(1)(a)) |
| Signing in with Google (optional) | Consent (Art. 6(1)(a)) |
| Error tracking, crash reports, and diagnostics | Legitimate interest (Art. 6(1)(f)) – to maintain service stability |
| Website & product analytics (privacy-friendly) | Legitimate interest (Art. 6(1)(f)) |
| Render-completion and account emails | Contract (Art. 6(1)(b)) |
Where Your Data Lives (Our Subprocessors)
Core infrastructure (EU-based)
Essential services
- Scaleway – Sends transactional emails, such as passwordless login links and one-time emails with download links when a render is complete
- Paddle – Our Merchant of Record. Handles billing, subscriptions, and VAT/GST compliance. Paddle acts as an independent controller for billing data when processing payments and issuing invoices.
- Tally.so – Contact and support forms. When submitting a support request, your email and name may be prefilled via a secure link to improve support response times. Tally.so processes form submissions under its own privacy policy, and we retain support correspondence only as long as needed to resolve your request.
- Google OAuth – Optional login method. We only request your basic profile (name, email, and avatar), no additional scopes.
Chrome Extension Privacy
You can use the Screenity Chrome extension with or without an account.
Free Users
- All data stays local on your device
- No account, no backend, no tracking
- If you connect Google Drive, we only use your token when you click “Save to Drive”. We use Google APIs only to provide this feature, and we do not transfer Google user data to third parties except as necessary to provide the service.
- Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. We do not use Google Drive data for advertising, we do not let humans read it (except with your consent, for security, or where required by law), and we do not sell it or transfer it to others except to provide this feature.
Paid Users
When you subscribe to a paid plan, we enable cloud features that require uploading and processing your content — including:
- Video uploads to Bunny.net for cloud storage, playback, and sharing
- Audio uploads for transcription and captioning via our EU-based servers
- Storage of transcripts and edits so you can access them across devices
We only collect this data to provide the paid features you’ve opted into — and we never use it for anything else.
You log in via our website. We store a secure session token locally in your browser to unlock your paid features inside the extension. The extension itself only records. All uploads and syncs follow the same privacy model as the web app.
Free Trials
If you start a free trial, we store basic account and payment info (via Paddle) to prevent repeated trials or abuse. This does not affect your privacy, it ensures fairness for all users. Paddle handles billing data securely under its own privacy commitments and applicable law.
Cookies & Local Storage
- Session cookie – Only used to keep you logged in
- IndexedDB – Local storage for unsynced edits
- Paddle checkout uses essential cookies to process payments and prevent fraud; these are strictly necessary and not used for tracking.
- No marketing cookies, no tracking, no fingerprinting
Website Analytics
We use a self-hosted instance of Umami to collect basic analytics on our landing pages (like page views and language selection). This setup is fully hosted on our own EU-based server and does not use cookies, store IP addresses, or collect any personal data.
Umami helps us understand what’s working — without tracking you. It doesn't fingerprint devices, and no data is shared with third parties.
Your Rights
You're in control. You can:
- View, update, export, or delete your data
- Ask for a copy of your data
- Withdraw consent at any time
If you're in the EU or UK
You also have the right to:
- Access, correct, or delete your data
- Restrict or object to processing
- Data portability
- File a complaint with a supervisory authority. UK users can complain to the Information Commissioner's Office (ICO), ico.org.uk. EU users may contact their local data protection authority.
We don't carry out automated decision-making or profiling that produces legal or similarly significant effects.
If you're in California
Under the CCPA/CPRA, you have the right to:
- Know what we collect, where it comes from, and why
- Access or delete your data
- Correct inaccurate data
- Opt out of the sale or sharing of personal information. We don't do either: we don't sell your data, and we don't share it for cross-context behavioral advertising.
- Limit the use of sensitive personal information. Any sensitive information in your recordings, transcripts, or audio is used only to provide the service you asked for (recording, editing, transcription, storage), never to infer characteristics about you and never for advertising. Because of this limited use, no separate action is needed.
- Not be treated differently for using these rights
In the preceding 12 months, Serial Labs Ltd has not sold and has not shared (for cross-context behavioral advertising) any personal information, including that of anyone under 16. Because we don't sell or share data, Global Privacy Control (GPC) signals require no action on our part.
If you're in another US state
If you live in Virginia, Colorado, Connecticut, Texas, or another state with a consumer privacy law, you have similar rights to access, correct, delete, and obtain a portable copy of your data, and to opt out of targeted advertising, sale, and profiling (none of which we do). If we deny a request, you can appeal by replying to our decision email, and we'll respond within the time your state's law requires.
To exercise any of these rights, email us: privacy@screenity.io
How Long We Keep Things
| Type of Data | How Long We Keep It |
|---|---|
| Account & videos | As long as your account is active + 30 days for recovery |
| Deleted accounts | Wiped within 30 days |
| Local browser storage | Stays on your device (unless you delete it) |
| Billing info | 7 years (required by UK tax law). Invoices and payment records are retained by Paddle (our Merchant of Record) to meet legal obligations. |
| Crash, analytics, and diagnostic logs | Deleted automatically within 90 days |
International Transfers
Your videos, recordings, transcripts, and renders stay in Europe. Two account-related services involve transfers that need extra safeguards: billing through Paddle in the UK, and optional sign-in through Google in the US. Both are covered below.
Paddle.com Market Ltd is registered in the UK and processes payments on our behalf globally. Because the UK is now outside the EU, Paddle relies on Standard Contractual Clauses (SCCs) and additional safeguards to ensure that personal data transferred from the EU to the UK (or to Paddle’s sub-processors outside the EU/UK) remains protected under GDPR-equivalent standards.
If you choose to sign in with Google, your basic Google profile (name, email, and avatar) is processed by Google LLC in the United States. This transfer relies on Google’s certification under the EU–US Data Privacy Framework (and its UK Extension for transfers from the UK), supported by Standard Contractual Clauses. Google sign-in is optional: if you’d rather keep authentication within the EU, you can log in with an email magic link instead, which we send through our EU-based provider (Scaleway).
Business Transfers
If Screenity or Serial Labs Ltd is involved in a merger, acquisition, bankruptcy, or sale of assets, your data may be transferred to the acquiring entity. We will notify you via email or through the platform, where practicable before or promptly after such a transfer, and before your personal data becomes subject to a different privacy policy.
Security
We take privacy and security seriously:
- Encryption (at rest + transit)
- EU-based infrastructure
- Strict access controls
- No third-party trackers
We apply data protection by design and by default: minimal data collection, local processing whenever possible, and privacy-friendly defaults throughout Screenity.
Age Requirements
Screenity is for users 13 and older. Let us know if a child has submitted data—we’ll delete it.
Do Not Track & Global Privacy Control
We don’t use cross-site or cross-context tracking, advertising trackers, or fingerprinting.
Because we don’t sell or share your personal data, there’s nothing to opt out of, and Global Privacy Control (GPC) signals require no action on our part. Your browser’s “Do Not Track” setting doesn’t change our behavior, since we don’t track you across sites in the first place.
Policy Updates
We’ll notify you of major changes via email or in-app.
You can always find the latest version at screenity.io/privacy-policy.
EU & UK Data Protection Contact
For any data protection inquiry, from the EU, the UK, or anywhere else, you can contact Serial Labs Ltd at privacy@screenity.io.
Your videos, recordings, transcripts, and renders are hosted and processed in Europe. Two subprocessors involve transfers with extra safeguards: Paddle (billing) in the UK, which is in Europe but outside the EU, and Google (optional sign-in) in the US. Both are covered by the safeguards described in “International Transfers” above.
Contact
Need help or have a privacy question?
For GDPR or CCPA-related matters, email us at privacy@screenity.io and include "Privacy Request" in the subject.
For more details on using our services, see our Terms of Service.
Serial Labs Ltd, registered in England and Wales, company number 16617535.
Registered address:
71-75 Shelton Street
Covent Garden
London
England
WC2H 9JQ
This Privacy Policy is governed by the laws of England and Wales. By using Screenity, you consent to the practices described above.
We don’t appoint a Data Protection Officer, but we'll always take your concerns seriously and respond.