Privacy Policy

Last updated: December 11, 2025

1. Introduction

Sideline Captions (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our website, application, and related services (collectively, the “Service”).

By using the Service, you consent to the practices described in this Policy.

2. Information We Collect

2.1 Contact and Support Information

When you contact us or request support, we collect information such as your name, email address, message content, and related details to respond to your inquiry.

2.2 Purchase and License Information

When you purchase a Sideline Captions license, we collect:

  • Email address
  • License key and referral code (if applicable)
  • Payment details provided via Stripe (we do not store credit card numbers)
  • Transaction identifiers, amount, and receipt URLs

2.3 Usage and Analytics Data

We automatically collect certain data to improve performance and reliability, including:

  • Application performance metrics (e.g., number of images processed, success/failure rates)
  • Basic technical data such as browser type, operating system, and app version
  • Website analytics through Google Analytics (aggregated and anonymized)

2.4 Caption and Metadata Processing

To deliver and maintain high-quality captioning results, we may temporarily retain certain user-submitted information (including captions, metadata, and limited image previews) solely for service functionality, debugging, and quality assurance. This data is never sold or used for advertising or model training purposes and is removed after a limited period of operational necessity.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Service
  • Process your purchase and deliver license information
  • Authenticate users and prevent fraud
  • Respond to customer inquiries and support requests
  • Analyze trends and usage for product improvement
  • Comply with legal and regulatory obligations

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) or the United Kingdom, we rely on the following legal bases:

  • Performance of a contract (to provide access to purchased software)
  • Legitimate interests (to improve and maintain the Service)
  • Consent (for analytics and cookies)
  • Legal obligations (to comply with applicable law or enforce agreements)

5. Third-Party Services

We use trusted third parties to process and store data securely:

5.1 Stripe

Handles payment transactions. We never receive your full card details. Stripe Privacy Policy

5.2 OpenAI

We use the OpenAI API to generate captions from user-provided content. Data sent to OpenAI is processed in accordance with their privacy policy and is not used to train their models. OpenAI Privacy Policy

5.3 Google Analytics and Meta Pixel

Used for website analytics and traffic attribution. Data is aggregated and not used for direct advertising. Google Privacy Policy | Meta Privacy Policy

5.4 Supabase

Stores license and analytics data in secure cloud infrastructure. Supabase Privacy Policy

5.5 Resend

Sends transactional emails like license keys and download links. Resend Privacy Policy

6. Data Retention

We retain data only as long as necessary for operational or legal purposes. Examples include:

  • License and payment records: Retained indefinitely for proof of purchase and support.
  • Analytics and diagnostic data: Retained for up to 12 months and aggregated for performance monitoring.
  • User-submitted data: Temporarily stored for up to 30 days to ensure reliable caption generation and service quality, then automatically deleted.
  • Support correspondence: Retained up to 90 days for issue resolution.

7. Data Sharing and Disclosure

We do not sell or rent personal data. We may disclose limited information only:

  • To service providers and partners who perform services on our behalf
  • To comply with legal obligations or government requests
  • To enforce our Terms of Service or protect our rights, property, or safety

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our service providers (such as OpenAI, Stripe, and Supabase) operate. These countries may have data protection laws that differ from those in your jurisdiction.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we ensure that appropriate safeguards are in place when transferring your personal data internationally, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Reliance on our service providers' compliance with applicable data protection frameworks
  • Adequacy decisions by the European Commission where applicable

By using our Service, you understand that your information may be transferred internationally as described above.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for analytics and site functionality:

  • Performance cookies: Help us analyze site usage and improve performance.
  • Functional cookies: Maintain preferences and login sessions.
  • Security cookies: Used by Google reCAPTCHA to prevent spam and abuse.

You can control cookies through your browser settings. Disabling cookies may affect site functionality.

Do Not Track Signals: Our Service does not currently respond to "Do Not Track" (DNT) signals from web browsers. We may adopt a DNT standard if one is established in the future.

10. Data Security

We use reasonable administrative, technical, and physical safeguards to protect personal information. While we strive to protect your data, no method of transmission over the Internet is entirely secure, and we cannot guarantee absolute protection.

Security Breach Notification: In the event of a data breach that compromises your personal information, we will notify affected users within 72 hours of discovering the breach via email to the address associated with your account. We will also notify relevant supervisory authorities as required by applicable law.

11. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, commonly used format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing that requires it (without affecting prior lawful processing)

To exercise these rights, contact us via our website’s contact form. We will respond within 30 days.

Supervisory Authority: If you are located in the EEA or UK, you have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data appropriately.

Automated Decision-Making: We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

12. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us and we will remove it promptly.

13. Changes to This Policy

We may update this Privacy Policy periodically. Updates take effect immediately upon posting, as indicated by the “Last updated” date above. Continued use of the Service constitutes acceptance of the revised Policy.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: