Privacy Policy

Effective date: February 15, 2026

Introduction

RecapKit ("we", "us", or "our") provides a developer SDK and platform for rendering animated story recaps. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, dashboard, SDK, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you create an account, we collect information such as your name, email address, and organization details. Authentication is handled through our identity provider, Clerk, which may collect additional data in accordance with their own privacy policy.

Billing Information

Payment processing is handled by Stripe. We do not store your full credit card number or payment credentials. Stripe collects and processes payment information in accordance with their privacy policy.

Usage Data

We collect information about how you interact with the Service, including API call volume, recap render counts, feature usage, and error logs. This data helps us enforce plan limits, monitor service health, and improve the product.

Data Passed Through the SDK

The RecapKit SDK renders story data that you provide. Story content (slide titles, descriptions, statistics, and image URLs) is processed client-side in the end user's browser. We do not store the content of your stories on our servers. API key validation and usage tracking requests are sent to our backend, but the story data itself remains on the client.

How We Use Information

  • Provide and maintain the Service — authenticate users, render recaps, enforce plan limits, and process billing.
  • Improve the Service — analyze usage patterns to identify bugs, optimize performance, and develop new features.
  • Communicate with you — send transactional emails (account verification, billing receipts, service updates) and respond to support requests.
  • Ensure security — detect and prevent fraud, abuse, and unauthorized access.

Data Sharing

We do not sell your personal information. We share data only with the following categories of service providers, solely to operate the Service:

  • Clerk — authentication and identity management.
  • Stripe — payment processing and subscription billing.
  • Cloudflare — CDN delivery, DDoS protection, and DNS.
  • Convex — backend infrastructure and database hosting.

We may also disclose information if required by law, regulation, or legal process, or to protect the rights, safety, or property of RecapKit, our users, or the public.

Data Retention

We retain your account information for as long as your account is active or as needed to provide the Service. Usage logs and analytics data are retained for up to 12 months. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing agreements).

Security

We take reasonable measures to protect your information, including:

  • All data transmitted over HTTPS.
  • API keys are SHA-256 hashed before storage — raw keys are never persisted.
  • Webhook secrets are encrypted at rest with AES-256-GCM.
  • Rate limiting on API endpoints to prevent abuse.
  • Role-based access controls on all dashboard operations.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that we correct inaccurate or incomplete data.
  • Deletion — request that we delete your personal data.
  • Export — request a portable copy of your data in a structured format.
  • Objection — object to certain types of data processing.

To exercise any of these rights, contact us at support@recapkit.app. We will respond within 30 days.

Cookies

We use minimal cookies to operate the Service:

  • Authentication session cookies — required to keep you signed in to the dashboard.
  • Analytics cookies — used to understand how visitors interact with our website and improve the experience.

We do not use cookies for advertising or cross-site tracking. You can configure your browser to refuse cookies, though this may affect your ability to use the dashboard.

Children's Privacy

The Service is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at support@recapkit.app and we will take steps to delete the information.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the effective date at the top of this page and, where appropriate, by email. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

Contact

If you have questions or concerns about this Privacy Policy, please contact us at:

support@recapkit.app