Privacy Policy

Last updated: April 23, 2026

GlossCap ("we", "our", "us") operates glosscap.com. This page explains what data we collect, why, and how you can control it.

1. What we collect

• Email address — when you join the waitlist or sign up, so we can contact you about the product.
• Usage data — pages you visit, buttons you click, session duration. Used to improve the product, never sold.
• Device info — browser type, screen size, approximate location (country level) inferred from IP.
• Communications — emails you send us and our replies.

We do not collect: financial information, government IDs, health data, precise location, or information from children under 16.

2. Why we collect it

• To provide the service you signed up for.
• To notify you about product updates (you can opt out at any time).
• To fix bugs and improve features based on aggregate usage patterns.
• To comply with legal obligations (tax records, anti-fraud, etc.).

3. Who we share with

We share the minimum necessary data with these categories of processors:

• Transcription (OpenAI Whisper API) — the audio track of your video is sent for speech-to-text, biased by your glossary. OpenAI's API is configured to not train on our data and deletes inputs after 30 days.
• Payment processing (Stripe) — when you upgrade to a paid plan. We never store your card details.
• Analytics — aggregate first-party access-log traffic only. No third-party tags.

We do not sell your data. Ever. We do not share it with advertisers.

4. Cookies

We use a minimal set of first-party cookies for session management. No third-party tracking cookies. If you disable cookies, some features (like staying logged in) won't work, but browsing stays functional.

5. Your rights

Under GDPR (if you're in the EU) and similar laws elsewhere, you have the right to:

• Access — request a copy of everything we have on you.
• Correction — ask us to fix incorrect data.
• Deletion — ask us to delete your data ("right to be forgotten"). We'll comply within 30 days unless legally required to retain (e.g. tax records).
• Portability — get your data in a machine-readable format.
• Objection — opt out of any processing based on legitimate interest.

Email privacy@glosscap.com to exercise any of these rights.

6. Data retention

We keep your account data while you have an account, plus 90 days after deletion (for backup recovery). Waitlist entries are deleted after 2 years of inactivity.

7. Security

Data is encrypted in transit (HTTPS) and at rest. Access is limited to the people who need it to operate the service. We are not perfect; if a breach affects you, we will notify you within 72 hours.

8. International transfers

Our primary infrastructure is in the EU. Speech-to-text runs via OpenAI's API, which may process audio in the United States under Standard Contractual Clauses. If you need EU-only processing for regulated content, email privacy@glosscap.com — we offer a self-hosted Whisper option on Org plans.

9. Changes

We'll update this page if material things change. If we do, we'll notify registered users by email at least 14 days before the change takes effect.

10. Contact

Questions? Email privacy@glosscap.com. We reply within 2 business days.