Legal
Privacy Policy
Last updated: June 13, 2026
This Privacy Policy explains how Caples ("Caples", "we", "us") collects, uses, and shares information when you use our website and product (the "Service"). We aim to collect only what we need to run the Service and to be clear about how it is used.
Questions or requests? Email office@caples.app.
1. Information we collect
- Account information. When you create an account we collect your email address. If you sign in with Google, we receive your name, email address, and profile identifier from Google (we do not receive your Google password).
- Content you submit. Product URLs you enter, the page content we fetch from those URLs to generate assets, your edits, and the assets you generate (videos, demos, copy, images, segment maps, outreach drafts, CRM contacts you add).
- Billing information. If you subscribe, payments are processed by Stripe. We receive limited details such as your subscription tier, status, and the last four digits / card brand — we do not store full card numbers.
- Usage and device data. Product analytics events (e.g. which features you use), and standard technical data such as IP address, browser type, and timestamps, used for security and to improve the Service.
2. How we use information
- To provide, operate, and maintain the Service and generate the assets you request.
- To process payments, manage your subscription, and track credit usage.
- To secure the Service, prevent abuse, and debug problems.
- To understand how the Service is used and improve it.
- To communicate with you about your account, security, and (if you opt in) product updates.
3. Legal bases (EEA/UK users)
Where the GDPR or UK GDPR applies, we process personal data on the bases of: performance of our contract with you (to provide the Service), our legitimate interests (to secure and improve the Service), your consent (where requested), and compliance with legal obligations.
4. Service providers (sub-processors)
We share data with vendors who process it on our behalf to run the Service. They are bound to use it only to provide their services to us:
- Supabase — authentication, database, and file storage.
- Stripe — payment processing and subscription billing.
- OpenAI — AI generation of videos, copy, images, and other assets from your inputs.
- Amazon Web Services (AWS) — media rendering and asset storage.
- Vercel — application hosting and privacy-friendly, cookieless web analytics.
- PostHog — product analytics.
We do not sell your personal information. We only share it with these providers, where required by law, or in connection with a business transfer (e.g. merger or acquisition), in which case we will notify you.
5. Cookies and similar technologies
We use a small number of cookies and similar storage:
- Strictly necessary — authentication and session cookies (Supabase) that keep you signed in, and cookies set by Stripe to process payments and prevent fraud. These are required for the Service to work and cannot be turned off.
- Analytics — Vercel Analytics is cookieless; PostHog is used to understand product usage. We do not use advertising or cross-site tracking cookies.
Because we do not use advertising cookies, we do not currently display a cookie consent banner. If we add cookie-based advertising or marketing analytics in the future, we will update this policy and request consent where required.
6. Data retention
We keep your account data and generated assets for as long as your account is active. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where we are required to retain it (for example, billing records for tax and accounting).
7. Your rights
Depending on where you live, you may have the right to access, correct, delete, export, or restrict the use of your personal data, and to object to certain processing. To exercise any of these, email office@caples.app. You may also withdraw consent at any time where processing is based on consent. California residents have rights under the CCPA/CPRA, including the right not to be discriminated against for exercising them.
8. International transfers
Our providers may process data in countries other than yours, including the United States. Where required, such transfers are covered by appropriate safeguards (such as Standard Contractual Clauses).
9. Security
We use industry-standard measures to protect your data, including encryption in transit and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
10. Children
The Service is not directed to anyone under 18, and we do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.
11. Changes to this policy
We may update this policy from time to time. We will revise the "Last updated" date above and, for material changes, take reasonable steps to notify you.
12. Contact
For any privacy question or request, email office@caples.app.