Privacy Policy

As of: March 2026 — This is a courtesy translation. The German version is legally binding.

1. Controller

Eric Isensee - Software Entwicklung
Am Moor 7a
28870 Ottersberg
Email: contact@screenshots.live

2. Overview of Processing

We process personal data only to the extent necessary to provide our Service. The following overview summarizes the types of data processed and the purposes of processing.

3. Data Collected

3.1 Registration Data

  • Email address
  • Name (if provided)
  • Address (optional, if provided)
  • Password (stored encrypted)

Legal basis: Performance of contract (Art. 6(1)(b) GDPR)

3.2 Payment Data

Payment data (credit card numbers, bank details) is processed exclusively by our payment provider Stripe, Inc. and is not stored on our servers. We store the Stripe customer ID, subscription status, and a log of payment-related webhook events (event type, subscription tier, amounts, and timestamps) for auditing, deduplication, and customer support purposes.

Legal basis: Performance of contract (Art. 6(1)(b) GDPR)

Stripe Privacy Policy: https://stripe.com/privacy

3.3 Usage Data

  • Templates created and their content
  • Render jobs and results
  • Uploaded fonts and images

Legal basis: Performance of contract (Art. 6(1)(b) GDPR)

3.4 Affiliate Payout Data

If you participate in the referral program, we additionally collect the following data for paying out your commissions:

  • IBAN (International Bank Account Number)
  • BIC/SWIFT code
  • Account holder name
  • PayPal email address (optional, if provided)

This data is used exclusively for the quarterly payout of your commissions and is stored on our servers.

Legal basis: Performance of contract (Art. 6(1)(b) GDPR)

3.5 Communication Data

When you contact us via email or use the in-app chat, we process the content of your messages, your email address, and any metadata (e.g., timestamp). This data is used exclusively to handle your inquiry and improve our support.

Legal basis: Performance of contract (Art. 6(1)(b) GDPR) and legitimate interest in providing customer support (Art. 6(1)(f) GDPR)

3.6 Technical Data

  • IP address
  • Browser type and version
  • Access timestamp

Legal basis: Legitimate interest in the security and operation of the Service (Art. 6(1)(f) GDPR)

4. Cookies

We use technically necessary cookies for authentication and session management. Optional analytics cookies (Microsoft Clarity) are only set with your explicit consent.

Legal basis: Legitimate interest for necessary cookies (Art. 6(1)(f) GDPR); Consent for analytics cookies (Art. 6(1)(a) GDPR)

5. Third-Party Services

5.1 Stripe (Payment Processing)

Stripe, Inc., 354 Oyster Point Blvd, South San Francisco, CA 94080, USA. Stripe processes payment data under its own responsibility. Data transfers to the USA are based on EU Standard Contractual Clauses. A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is in place with Stripe.

5.2 Microsoft Clarity (Web Analytics)

Only with consent. Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA. Collects anonymized usage data to improve the website experience. Data transfers to the USA are based on the EU-US Data Privacy Framework.

5.3 Hetzner (Hosting)

Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. Our servers are located in Germany. A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR is in place with Hetzner.

6. Retention Period

Personal data is deleted once the purpose of storage no longer applies. Account data is deleted after account deletion, unless statutory retention obligations exist (e.g., tax retention obligations of 10 years).

7. Your Rights

You have the following rights regarding your data:

  • Access (Art. 15 GDPR) – What data we store about you
  • Rectification (Art. 16 GDPR) – Correction of inaccurate data
  • Erasure (Art. 17 GDPR) – Deletion of your data
  • Restriction (Art. 18 GDPR) – Restriction of processing
  • Data portability (Art. 20 GDPR) – Export your data in a machine-readable format
  • Objection (Art. 21 GDPR) – Object to processing
  • Withdrawal of consent (Art. 7(3) GDPR) – Possible at any time

Please direct requests to: contact@screenshots.live

8. Right to Complain

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the State Commissioner for Data Protection of Lower Saxony (Landesbeauftragte für den Datenschutz Niedersachsen), Prinzenstraße 5, 30159 Hannover, Germany.

9. Data Security

We use SSL/TLS encryption for all data transfers. Passwords are stored exclusively as cryptographic hashes. Access to personal data is limited to the necessary minimum.

10. Data Breaches

In the event of a personal data breach, we will notify the competent supervisory authority without undue delay in accordance with Art. 33 GDPR. If the breach is likely to result in a high risk to your personal rights and freedoms, we will also notify you without undue delay in accordance with Art. 34 GDPR.

11. Changes

We reserve the right to update this Privacy Policy to reflect changes in legislation or modifications to the Service. The current version is always available on this page.