Privacy Policy

Last updated: July 16, 2026

1. Introduction

This policy explains how Mediar, Inc. d/b/a Screenpipe (“ScreenPipe”, “we,” “us,” or “our”) collects, uses, and discloses personal information.

Personal information that we handle on behalf of our enterprise customers (who maintain Team or Enterprise plans) in our role as a service provider / data processor is governed by our Data Processing Agreement.

2. Data Collection and Storage

If you use the product in local-only mode, your recordings, transcripts, and pipe data remain on your device. Data will only be transferred from your device if you choose to enable features such as data syncing, cloud AI, exports, connectors, or team workflows.

3. Types of Personal Information Collected

Screenpipe collects the following types of personal information:

Personal Information We Receive From You

When you connect third-party services (see Section 6), Screenpipe may also access personal information from those services as described below.

Personal Information Collected Automatically Through Use of Our Services

Analytics and cookies

Google Analytics and Google Ads load in Google Consent Mode with analytics and advertising storage denied. Before you choose, or after you decline, Google may receive cookieless measurement signals used for aggregate reporting and modeling. These signals do not set analytics or advertising cookies and do not enable personalized ads. Other optional analytics and marketing tools remain off unless you accept. If your browser sends Do Not Track or Global Privacy Control, Screenpipe does not load these optional tools or send the cookieless Google measurement signals.

If you accept optional analytics, Screenpipe may use PostHog Session Replay on this website to understand navigation, clicks, scrolling, and usability problems. Session Replay is not desktop screen recording. Form inputs are masked, cross-origin iframes are not recorded, URL query strings are removed, and request or response headers, bodies, and console logs are not captured. If you decline or later revoke optional analytics, PostHog analytics and Session Replay remain off.

We use the following tools for automatic data collection:

We honor browser Do Not Track and Global Privacy Control signals for optional website tracking. You can read more information about cookies at https://www.allaboutcookies.org/manage-cookies/.

4. How We Use Personal Information

We use personal information for the following purposes:

We engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

5. How We Disclose Personal Information

Screenpipe does not sell or rent personal information to third parties. Screenpipe discloses personal information in the following circumstances:

6. Third-Party Services

Screenpipe integrates with third-party services. This privacy policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties. This includes any third party operating any website or service to which our services link. The inclusion of a link on our services does not imply endorsement of the linked site or service by us or by our affiliates. When you use these services, your data is subject to their respective privacy policies.

Google API Services

Screenpipe's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Data Accessed from Google

When you connect your Google account, Screenpipe requests access to:

How Google Data is Used

Your Google Calendar data is used exclusively to:

Screenpipe does not use Google user data for advertising, does not share it with third parties (except as needed to provide the features you requested), and does not use it to train AI or machine learning models.

Google Data Storage and Protection

Google OAuth tokens (access and refresh tokens) are stored in our database, associated with your Screenpipe user account, and protected by server-level access controls and transport encryption (TLS). Calendar event data fetched from Google is cached temporarily in memory to serve your requests and is not persisted long-term on our servers. Your Google data is not accessible to other users.

Google Data Retention and Deletion

You can disconnect your Google account from Screenpipe at any time through the app settings. When you disconnect, your stored Google OAuth tokens are immediately deleted from our servers. Cached calendar data is purged and no longer fetched.

You may also revoke Screenpipe's access to your Google account at any time via your Google Account permissions page.

Cloud AI Processing

When you use Screenpipe's built-in AI features (chat, search, automations), your queries are routed to the following providers, all on US/EU infrastructure:

Confidential-inference PII removal: if you enable this Screenpipe Cloud feature, screen content is processed by our proprietary PII-detection model running inside a hardware-isolated trusted execution environment (TEE). The content cannot be read by us or by the infrastructure operator, is used only to detect and redact sensitive information, and is not retained after processing. See our security page for details.

Audio Transcription

Audio data is sent to Deepgram for cloud transcription. See Deepgram's privacy policy.

Payment Processing

If you create an account or buy a paid plan, Stripe processes your payments and subscription billing. Screenpipe does not store your full card number; Stripe handles payment data in accordance with Stripe's privacy policy.

7. Data Security

We seek to use reasonable organizational, technical, and administrative measures to protect personal information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately.

8. Data Retention and Deletion

Local data: screen recordings, audio transcriptions, and other locally stored data remain on your device until you delete them. You have full control over retention and can delete data at any time through the app or by removing the local database files.

Server-side data: if you use cloud features (e.g. Google Calendar integration), we retain your account information and OAuth tokens only as long as your account is active and the integration is connected. When you disconnect an integration or delete your account, associated data is deleted within 30 days.

9. Cross-Border Transfer

Your personal information may be stored and processed in any country or region where we have facilities or in which we engage service providers. By using the services, you understand that your personal information will be transferred to countries outside of your country or region of residence, including the United States, which may have data protection rules that are different from those of your country or region. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries or regions may be entitled to access your personal information.

Some countries outside of the EEA/UK are recognized by the European Commission and/or the UK government as providing an adequate level of data protection according to EEA/UK standards: the list of the EEA’s adequate jurisdictions is available here, and the list of the UK’s adequate jurisdictions is available here. For transfers from the EEA or the UK to countries not considered adequate by the European Commission or the UK government (as applicable), we have put in place adequate measures, such as the standard contractual clauses adopted by the relevant authority to protect your personal data. You may obtain a copy of these measures by contacting us as set out below.

10. Your Privacy Rights

You may request the following regarding your personal information:

To make a request, please contact us in accordance with the “Contact Us” section below. We will respond to your request consistent with applicable law. For your protection, we may need to verify your identity before implementing your request.

Please note that we may need to retain certain information for recordkeeping purposes. Further, certain personal information may be exempt from requests pursuant to applicable data protection laws or other laws and regulations.

For locally stored data, you have full and direct control — you can access, modify, or delete your personal information at any time through the app or filesystem.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page with an updated "last updated" date. Any changes will become effective when we post the revised privacy policy.

12. Contact Us

When you use Screenpipe directly, Screenpipe is the entity responsible for your personal information. If you have any questions about this privacy policy or wish to exercise your data rights, please contact us at louis@screenpi.pe.