Privacy Policy — infoSnap.ai

1. Who we are

infoSnap.ai is operated by the infoSnap team. Reach us at contact@infosnap.ai. For security reports: security@infosnap.ai.

2. What we collect

Only what we need to make infoSnap work for you:

Account basics — your name, email, and avatar from Google when you sign in.
Snaps you save — links, files, screenshots, text, and any metadata the source platform sends with them.
Derived data — AI-generated titles, summaries, tags, transcripts, and vector embeddings of your snaps. These exist only to power search and SnapBot.
Group memberships — which groups you belong to and the snaps shared into them.
Operational logs — IP, user agent, timestamps, and trace IDs for the requests we serve, retained for 30 days for debugging and abuse prevention. We scrub personal content from these logs.

3. What we don't collect

Your password. Sign-in is Google OAuth only.
Your browsing history outside infoSnap.
Anything from other tabs when our Chrome extension isn't actively saving.
Cookies for advertising. We don't run ads and we don't have advertising trackers.

4. Why we use it

To save, index, and serve your snaps back to you.
To run SnapBot, Recap, and semantic search across your vault.
To deliver snaps you share into a group to the other members of that group.
To prevent abuse and debug failures.
To bill you correctly if you're on Premium.

We never sell your data. We never use the content of your snaps to train public models. Our LLM providers operate under zero data retention contracts where available — your prompts and responses are not retained by them past the request.

5. Who else touches your data (sub-processors)

To run infoSnap we rely on these vendors. Each is bound by their own compliance program (SOC 2 / ISO 27001 / GDPR):

Vendor	Purpose	Region	Their docs
Supabase	Database, auth, file metadata	AWS · ap-south-1	supabase.com/security
Cloudflare	Workers, Pages, Vectorize, WAF, CDN	Global edge	cloudflare.com/trust-hub
Microsoft Azure	Blob storage for original files	Central India	azure compliance
Groq	LLM inference for titles, summaries, SnapBot	US	groq.com/privacy
Voyage AI	Search reranking	US	voyageai.com/privacy
Tensorlake	PDF / Office → markdown conversion	US	tensorlake.ai
Google	OAuth sign-in	Global	google privacy

6. Where your data lives

Your snaps and metadata live in Supabase (AWS Mumbai region) and Azure Blob Storage (Central India region). Cloudflare Workers process requests at whichever edge node is closest to you. LLM inference happens in the United States; only the minimum needed for the request is sent there, and the providers operate under no-retention contracts where available.

7. How long we keep it

Snaps and derived data — until you delete them or delete your account.
Operational logs — 30 days.
Backups — rolling 7-day window. After you delete an account, residual backup copies cycle out within 7 days.

8. Your rights

Under GDPR (EU/UK), CCPA (California), and India's DPDP Act, you have the right to:

Access — get a copy of your data. Shipping in Settings → Export (Phase 2).
Delete — wipe your account and all associated data. Shipping in Settings → Delete Account (Phase 2). In the meantime email contact@infosnap.ai and we'll process within 7 days.
Correct — edit profile fields directly in the app; ask us for other corrections.
Object / restrict — write us and we'll respond within 30 days.
Withdraw consent — revoke Google OAuth in your Google account at any time. You'll lose access to your vault but the data remains until you also request deletion.

9. Children

infoSnap.ai is not directed to anyone under 13 (under 16 in the EU). We do not knowingly collect data from children. If you believe a child has signed up, email us and we'll remove the account.

10. Changes to this policy

If we change this policy in a material way, we'll email registered users and post the new effective date at the top. Past versions are available on request.

11. Contact

Anything privacy-related: contact@infosnap.ai. We answer within 3 business days.

In plain words.