1. Who We Are
RecordNest ("we", "us", "our") is a screenshot and screen recording platform for Chrome, operated by RecordNest. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, Chrome extension, and services.
2. Information We Collect
We collect information in the following ways:
- Account information: When you register, we collect your name, email address, and password (stored hashed with bcrypt).
- Payment information: Billing details are collected and processed by our payment processor (Paddle). We do not store card numbers on our servers.
- Captures & recordings: All screenshots and recordings are saved locally on your device by default. No capture content is ever transmitted to our servers unless you explicitly enable an optional cloud feature.
- Extension usage: Anonymized usage counts (screenshots taken, recordings made) are synced to track plan usage limits. No capture content is transmitted unless you explicitly upload to cloud storage.
- Usage data: We collect log data such as IP addresses, browser type, pages visited, and timestamps to maintain security and improve the platform.
- Cookies: We use essential cookies to keep you signed in and functional cookies to remember your preferences. See Section 8 for details.
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our services
- Process payments and manage subscriptions
- Track anonymized monthly usage counts for plan limit enforcement
- Send you important service notifications and updates
- Respond to your support requests
- Detect and prevent fraud or abuse
- Comply with legal obligations
We do not sell your personal data or capture content to third parties. We do not use your screenshots or recordings to train AI models.
4. Data Sharing
We share your data only with:
- Paddle: Payment processing. Paddle is PCI DSS compliant and handles all billing data.
- AI providers (Pro plan only): If you use AI OCR or Auto-Redact features, screenshot thumbnails are sent to our AI processing pipeline. No data is retained by the AI provider beyond the request.
- Infrastructure providers: Secure cloud hosting for file storage. Data is stored in compliant, encrypted data centers.
- Legal authorities: Only when required by law or to protect our rights.
5. Data Retention
We retain your account data for as long as your account is active. Since captures are stored locally on your device, you control their deletion directly. When you delete your account, we permanently delete all associated account data within 14 days, except where retention is required by law.
6. Data Security
We implement industry-standard security measures including:
- TLS/HTTPS encryption for all data in transit
- AES-256 encryption for sensitive data at rest
- Bcrypt password hashing
- Regular security audits and penetration testing
- Strict access controls — only authorized employees can access production data
7. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your account and associated data
- Export your data in a portable format
- Opt out of marketing communications at any time
To exercise these rights, email us at privacy@recordnests.com.
8. Cookie Policy
We use the following types of cookies:
- Essential cookies: Required for login sessions and core functionality. Cannot be disabled.
- Preference cookies: Remember your settings such as language and UI preferences.
- Analytics cookies: Anonymized usage statistics to help us improve the product (e.g., page views, click paths). You can opt out via your account settings.
We do not use advertising or tracking cookies.
9. GDPR & International Users
If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data is typically contractual necessity (to provide our services) or legitimate interests. You have the right to lodge a complaint with your local supervisory authority.
For cross-border data transfers, we rely on Standard Contractual Clauses approved by the European Commission.
10. Children's Privacy
Our services are not directed to individuals under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice in the dashboard. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.
12. Contact Us
If you have any questions about this Privacy Policy, please contact us: