← Back to home

Privacy Policy

Last updated: April 21, 2026

Overview

ScreenshotPop ("we", "our", or "us") respects your privacy. This policy explains how we collect, use, and protect your information when you use our service.

Information We Collect

Images you upload: When you export an animation, your image is sent to our servers for rendering. Images are processed in memory and immediately deleted after rendering completes. We do not store, save, or retain your images in any database or file system beyond the render itself.

Videos you upload: Uploaded videos are temporarily stored on our servers for up to 6 hours to enable editing and rendering. Videos are automatically deleted after this window. If you clear your browser session or scene before then, the video remains on our servers until the 6-hour TTL expires.

Turbo Render (AWS): If you use our Turbo Render feature, your source media and composition data are sent to AWS Lambda (eu-central-1) for rendering. The rendered output file is stored in an AWS S3 bucket for a short period while the browser downloads it, then cleaned up. AWS is subject to its own privacy policy at aws.amazon.com/privacy.

Account information: If you create an account, we collect your email address and basic profile information from your authentication provider (Google) for authentication and communication purposes.

Export metadata: For authenticated users, we log basic export information (format, resolution, settings used) to enforce usage limits for free accounts and improve our service.

Turbo credit ledger: Purchases and consumption of Turbo Render credits are recorded against your account so we can honour the balance and refund unused credits if requested.

User presets: If you save animation presets, these settings are stored in your account so you can reuse them across sessions.

Analytics: We use self-hosted, privacy-focused analytics to understand how our service is used. This includes anonymized page views and feature usage. No personal data or tracking cookies are used for analytics.

Cookies

We use a session cookie for authentication when you sign in, and a short-lived CSRF token cookie to protect against cross-site forgery attacks. We do not use tracking, advertising, or third-party marketing cookies.

Third-Party Services

We use the following third-party services:

  • Google: For account authentication via OAuth. Google receives your authentication request but we only receive your basic profile information.
  • Creem: For payment processing (Pro upgrades and Turbo credit packs). Creem handles all payment information directly. We do not store your credit card details — only a transaction identifier for receipt purposes.
  • AWS (Lambda & S3): For Turbo Render. When you use Turbo Render, your source media and composition data are sent to AWS Lambda for rendering, and the output is stored briefly in AWS S3 while the browser downloads it.
  • GoSupportIt: For collecting user feedback. Feedback you submit is processed by GoSupportIt.

How We Use Your Information

  • To render and deliver your exported animations
  • To provide and improve our service
  • To enforce usage limits on free accounts
  • To communicate with you about your account
  • To send important updates about the service

Legal Basis for Processing (UK / EU)

  • Contract: processing necessary to deliver the service you signed up for — running renders, managing your account, and handling payments.
  • Legitimate interest: analytics, abuse prevention, and service improvements.
  • Consent: where explicitly requested (e.g. marketing emails, if we ever send any).

Data Retention

  • Uploaded videos: up to 6 hours, then automatically deleted
  • Uploaded images: deleted immediately after rendering
  • Rendered Turbo output files: briefly held in AWS S3 during download, then deleted
  • Account data (email, profile): retained while your account is active; deleted within 30 days of account closure
  • Export logs and Turbo credit ledger: retained while your account is active (required to honour usage limits and your credit balance)
  • User presets: retained while your account is active

International Transfers

ScreenshotPop is operated from the United Kingdom. Your data may be transferred to and processed in the following locations:

  • AWS (eu-central-1, Frankfurt): Turbo Render jobs and their output files stay within the EEA.
  • Google (global): authentication data may be transferred to Google servers outside the UK/EEA, under Google's standard contractual clauses.
  • Creem, GoSupportIt: payment and feedback data are processed by these providers under their own compliance frameworks (see their respective privacy policies).

Your Rights

We honour the following rights for all users, regardless of location:

  • Access: request a copy of the personal data we hold about you
  • Rectification: correct inaccurate data
  • Erasure: ask us to delete your data ("right to be forgotten")
  • Portability: receive your data in a machine-readable format
  • Restriction / objection: limit or object to our processing of your data
  • Withdraw consent: where processing relies on consent

To exercise any of these, email us at hello@afterimage-dev.com. We'll respond within one month.

UK / EU residents: you also have the right to lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your local EU supervisory authority.

California residents: you have the same access, deletion, and portability rights above. We do not sell personal information, and we do not share personal information for cross-context behavioural advertising.

Children

ScreenshotPop is not intended for users under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

Data Security

All uploads are transmitted securely via HTTPS (TLS). Images are processed in memory and immediately discarded after rendering. Videos are stored on our servers for up to 6 hours to support editing, then automatically deleted. Turbo Render output files are held briefly in AWS S3 during download and then cleaned up.

We use access controls, database-level authentication, and vendor platforms with their own security certifications (Creem is PCI DSS compliant; AWS operates SOC 2 / ISO 27001 certified infrastructure). We implement appropriate technical and organisational measures to protect any information we do collect.

Data Controller

ScreenshotPop is operated by Afterimage Software. Contact: hello@afterimage-dev.com.

Contact

Questions about this policy? Contact us at hello@afterimage-dev.com