Privacy Policy for NoCap

Last Updated: December 23, 2024

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (for authentication and account recovery)
• Password (encrypted and securely stored)
• Account creation date

1.2 Content You Scan

When you use our scanning service:

• Photos and videos you upload are temporarily processed for content analysis
• We store scan results (safe/unsafe determination) in your scan history
• Media URLs or references may be temporarily cached for analysis
• Important: Your original media files are NOT permanently stored on our servers after analysis is complete

1.3 Usage Data

We automatically collect:

• Number of scans performed
• Scan timestamps and results
• Token balance and purchase history
• Game points and activity
• Device information (type, operating system)
• IP address and general location (country/region)

1.4 Payment Information

When you purchase tokens:

• Payment processing is handled by Stripe (a third-party payment processor)
• We do NOT store your credit card information
• We only receive transaction confirmations and purchase records

2. How We Use Your Information

We use the collected information to:

• Provide the Service: Scan content, manage your account, and maintain scan history
• Process Payments: Handle token purchases and maintain your balance
• Improve the Service: Analyze usage patterns to enhance features and accuracy
• Security: Detect and prevent fraud, abuse, or unauthorized access
• Communication: Send important updates about your account or service changes
• Compliance: Meet legal obligations and enforce our terms of service

3. Data Storage and Security

3.1 How We Protect Your Data

• All data is encrypted in transit using HTTPS/SSL
• Passwords are hashed and never stored in plain text
• Database access is restricted and protected by authentication
• Regular security audits and updates

3.2 Data Retention

• Account Data: Retained as long as your account is active
• Scan History: Retained for 90 days, then automatically deleted
• Uploaded Media: Temporarily stored during analysis only (typically less than 5 minutes), then deleted
• Transaction Records: Retained for 7 years for accounting and legal compliance

4. Third-Party Services

NoCap uses the following third-party services that may collect data:

4.1 Supabase (Database & Authentication)

• Stores your account information and scan history
• Privacy Policy: https://supabase.com/privacy

4.2 Stripe (Payment Processing)

• Processes token purchases
• Privacy Policy: https://stripe.com/privacy

4.3 Content Analysis API

• Analyzes your uploaded content for safety
• Media is sent securely and temporarily for analysis
• Data is not retained by the analysis service after processing

5. Data Sharing and Disclosure

We do NOT sell, rent, or trade your personal information. We may share data only in these limited circumstances:

• With Your Consent: When you explicitly agree to share information
• Service Providers: With trusted third parties who help operate our service (under strict confidentiality agreements)
• Legal Requirements: When required by law, court order, or government request
• Safety: To protect the rights, property, or safety of NoCap, our users, or the public
• Business Transfer: In connection with a merger, acquisition, or sale of assets (you will be notified)

6. Your Rights and Choices

You have the following rights regarding your data:

6.1 Access and Control

• View Your Data: Access your scan history and account information within the app
• Delete Scans: Remove individual scan results from your history
• Update Information: Change your email or password at any time

6.2 Account Deletion

• You can request account deletion by contacting us
• We will delete your account and associated data within 30 days
• Some information may be retained for legal compliance (e.g., transaction records)

6.3 Data Portability

• Request a copy of your data in a portable format
• Contact us to initiate a data export

7. Children's Privacy

NoCap is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

8. International Users

Your information may be transferred to and processed in countries other than your own. By using NoCap, you consent to the transfer of information to countries that may have different data protection laws than your country of residence.

9. Cookies and Tracking

NoCap uses minimal cookies and local storage to:

• Maintain your login session
• Remember your preferences
• Improve app performance

We do NOT use cookies for advertising or cross-site tracking.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

• The "Last Updated" date will be revised
• Significant changes will be communicated via email or in-app notification
• Continued use of the service after changes constitutes acceptance

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information (we do not sell data)
• Right to access your personal information
• Right to equal service and price
• Right to request deletion of personal information

12. European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under the General Data Protection Regulation:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

© 2024 NoCap. All rights reserved.