Home/Legal/Privacy Policy
Legal — Privacy Policy

Privacy Policy.

Last updated: April 28, 2026 · Effective: May 1, 2026

Plain English: We collect the minimum data needed to run the product. We don't sell your data, ever. You own your transcripts. You can delete your account and all data anytime.

1. Who we are

RecapGPT ("we," "us," or "our") operates the website at recapgpt.com and the RecapGPT service. This Privacy Policy explains what data we collect, why we collect it, and how we handle it.

Questions: privacy@recapgpt.com.

2. What data we collect

Account data

When you sign up: email address, hashed password (or OAuth identifier), and billing information if you upgrade. Billing is processed by Stripe; we do not store payment card details.

Usage data

To run the product, we store: YouTube URLs you process, resulting transcripts and outputs, library tags and folders, and any custom settings you create.

Telemetry

Basic analytics: pages visited, features used, error logs. We use Plausible Analytics (cookie-free, privacy-respecting) for aggregate data.

3. How we use your data

  • To provide the RecapGPT service
  • To send service emails (account confirmation, billing receipts)
  • To send product updates if you opt in
  • To improve the product through aggregate usage analysis
  • To comply with legal obligations

4. What we do not do

  • We do not sell your personal data, ever.
  • We do not use your transcripts to train our models without explicit opt-in consent.
  • We do not share your data with advertisers or data brokers.
  • We do not read your transcripts for any purpose other than providing the service.

5. Data sharing

We share data only with service providers necessary to run RecapGPT:

  • Stripe — payment processing
  • AWS — server hosting and storage
  • OpenAI / Anthropic — LLM processing (data is not retained per enterprise agreements)
  • Plausible Analytics — privacy-respecting analytics
  • Postmark — transactional email

6. Your rights

You have the right to:

  • Access your data — download a full export from your account settings
  • Correct your data — update your account info anytime
  • Delete your data — delete your account and all associated data immediately
  • Object to processing — opt out of any non-essential data use
  • Data portability — export everything in standard formats

7. Data retention

We keep your data as long as your account is active. When you delete your account, we delete all associated data within 30 days, except: billing records (7 years for tax compliance) and anonymized usage logs.

8. Security

We use industry-standard security: encryption in transit (TLS 1.3), encryption at rest (AES-256), regular audits, least-privilege access controls.

9. Cookies

We use a small number of essential cookies for authentication and session management. We do not use advertising or tracking cookies.

10. Changes to this policy

If we make material changes, we'll notify you by email and post the updated policy at least 30 days before changes take effect.

11. Contact

Questions or requests: privacy@recapgpt.com

Note: This is a starting-point template. Have a privacy lawyer review it for your specific jurisdiction before publishing, and consider using a service like Termly or Iubenda to keep it current with changing regulations.