Privacy Policy

Effective Date: January 1, 2026
Last Updated: January 1, 2026

Welcome to ScreenDetect! This Privacy Policy ("Policy") describes how ScreenDetect LLC ("we," "us," "our," "ScreenDetect," or "the Company"), operator of https://screendetect.com (the "Site") and our web-based screen detecting suite (the "Service" or "Tool"), collects, uses, shares, discloses, and protects your personal information when you access or use the Site or Service. The Service includes features for screen diagnostics (e.g., pixel testing, backlight bleed detection), AI-driven analysis, subscription management, and experimental tools like the Stuck Pixel Fixer.

By accessing or using the Site or Service, you consent to the practices described in this Policy. If you do not agree, please do not use the Site or Service. This Policy incorporates by reference our Terms and Conditions, which govern your use of the Service.

We are committed to protecting your privacy in compliance with applicable laws, including but not limited to the California Consumer Privacy Act (CCPA/CPRA), General Data Protection Regulation (GDPR), EU Data Act (effective September 12, 2025), and 2025/2026 U.S. state privacy laws (e.g., Delaware Personal Data Privacy Act, Iowa Consumer Data Protection Act). Our practices emphasize data minimization, transparency, and user rights. For questions, contact our Data Protection Officer (DPO) at hello@screendetect.com.

This Policy is structured as follows: a high-level summary, followed by detailed sections. We may update it periodically—check the date above and subscribe to notifications for changes.

Summary of Key Practices

What We Collect: Account details (e.g., email), usage data (e.g., features used), device info (e.g., IP, screen resolution), and User Content (e.g., uploaded screen images/videos for analysis).
How We Use It: To provide and improve the Service (e.g., AI diagnostics), respond to support, and send opted-in marketing.
Sharing: Only with trusted service providers (e.g., analytics tools); no sales of personal data.
Your Rights: Access, deletion, portability, and opt-outs—exercisable via hello@screendetect.com.
Security & Retention: Industry-standard protections; data kept only as needed (e.g., 30 days for images).
Children: Service is for users 18+; no knowing collection from minors under 13 (COPPA-compliant).
International Users: Data processed in the U.S.; safeguards for transfers (e.g., EU Standard Contractual Clauses).

Information We Collect

We collect personal information ("Personal Data") only as necessary to operate the Service. "Personal Data" includes any information that identifies or relates to you (e.g., email) or your device. We do not collect sensitive data (e.g., health, race) unless incidentally captured in User Content (e.g., reflections in images), in which case we process it minimally and pseudonymize where possible.

Personal Data Collected Directly from You

Account Information: Email address, username, and payment details (if subscribing). Collected during signup or newsletter opt-in.
User Content: Screen images, videos, or webcam inputs for diagnostics (e.g., pixel testing). Includes metadata like timestamps or device IDs. You control uploads; we do not require them for basic access.
Communications: Inquiries or support requests via email/form (e.g., hello@screendetect.com).

Automatically Collected Data

Usage Data: Interactions such as screens tested, features used (e.g., Stuck Pixel Fixer sessions), pages visited, time spent, and session IDs. Helps analyze trends and prevent fraud.
Device & Technical Information: IP address, browser type/version, operating system, device type/model, screen resolution/color depth (for compatibility), and location data (inferred from IP, not precise geolocation).
AI-Derived Insights: Anonymized outputs from our algorithms (e.g., pixel defect counts), retained only for service improvement unless you request export.

Data from Third Parties

Analytics Partners: Aggregated insights from tools like Google Analytics (e.g., referral sources).
Payment Processors: Billing info (e.g., Stripe) for subscriptions— we do not store full card details.

We do not collect data from minors under 13 (COPPA) or 16 (COPPA updates effective 2025) without verifiable parental consent. Users under 18 require supervision for features like the Stuck Pixel Fixer.

How We Use Your Information

We use Personal Data for legitimate business purposes, balancing your rights with our operations. Under GDPR, bases include consent, contract performance, legitimate interests (e.g., fraud detection), and legal obligations.

Service Delivery: Process uploads for AI analysis (e.g., detecting backlight bleed), generate reports, and enable features like subscriptions.
Improvement & Analytics: Train AI models (anonymized data only; opt-out available), optimize usability (e.g., via heatmaps), and measure performance.
Communications: Respond to support (e.g., account deletion), send transactional emails (e.g., receipts), or opted-in marketing (e.g., newsletters—unsubscribe anytime).
Security & Compliance: Detect abuse (e.g., malicious uploads), comply with laws (e.g., retain logs for audits), and enforce Terms.
Marketing: Personalize ads (e.g., via Facebook Pixel) only with consent; no profiling for automated decisions affecting you.

AI Usage Disclosure: Our Service uses AI (e.g., computer vision models) to analyze images for defects. This involves automated processing that may infer device details but not personal traits. Outputs are estimates (e.g., 60-70% accuracy for stuck pixels, varying by input); we do not use AI for high-risk decisions.

Analytics and Tracking Technologies

We use cookies, pixels, and similar technologies for functionality, analytics, and ads. Essential cookies (e.g., session management) are always active; others require consent via our banner.

Cookies (Essential): Provided by ScreenDetect. Purpose: Maintain logins, cart sessions. Data Collected: Session IDs, preferences. Opt-Out: Browser settings.
PostHog: Provided by PostHog. Purpose: In-app analytics, usage trends. Data Collected: IP, events (e.g., feature clicks), anonymized behavior. Opt-Out: PostHog Opt-Out.
Google Analytics: Provided by Google. Purpose: Site engagement metrics. Data Collected: IP (anonymized), referrals, device info. Opt-Out: Google Opt-Out.

"Do Not Track" (DNT) signals are honored where possible. For EU users, consent is granular and withdrawable.

We do not sell or share (as defined under CCPA) your Personal Data for monetary or other valuable consideration. Disclosures are limited to:

Service Providers: Contracted vendors (e.g., AWS for hosting, Stripe for payments) bound by data processing agreements (DPAs) ensuring GDPR/CCPA compliance. Full list available upon request.
Legal Requirements: To authorities for subpoenas, fraud prevention, or emergencies (e.g., under CALEA).
Business Transfers: In mergers/acquisitions, with notice where required.
Affiliates: Only for operational support (e.g., shared analytics team); no marketing use.

No sharing with affiliates for cross-context behavioral advertising without opt-in.

Security Measures

We implement reasonable administrative, technical, and physical safeguards to protect Personal Data, aligned with industry standards, including NIST SP 800-53 (Rev. 5, 2025 updates) and ISO 27001:

Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256) where applicable, including uploads and databases, both on our systems and those of our service providers.
Access Controls: Access to Personal Data is restricted using role-based permissions and multi-factor authentication for authorized staff. Service providers, such as Supabase, also maintain access controls on their infrastructure.
Monitoring: We monitor activity and conduct regular audits and vulnerability scans. Supabase provides additional intrusion detection and security monitoring on its platform.
Breach Response: In the event of a data breach, we will notify affected users and report to authorities in accordance with applicable laws, including GDPR (72 hours) and U.S. state requirements (up to 60 days).

No system is 100% secure—we cannot guarantee against all risks (e.g., user-side breaches). Report suspected issues to security@screendetect.com.

Your Rights and Choices

You have rights based on your location. We respond to verified requests within 45 days (extendable under law). No fee unless excessive/repetitive. Appeal denials at hello@screendetect.com.

Access: Obtain details on collected data. Applicable Laws: GDPR, CCPA, All 2025 States (e.g., DE, IA, NE). How to Exercise: Email request; we provide a report.
Correction: Update inaccurate data (e.g., email). Applicable Laws: GDPR, CCPA, MN, MD. How to Exercise: Via account dashboard or email.
Deletion: Request erasure (e.g., account data). Applicable Laws: GDPR ("Right to be Forgotten"), CCPA, All 2025 States. How to Exercise: Email; processed within 24-45 days.
Portability: Receive data in structured format (e.g., JSON/CSV for diagnostics). Applicable Laws: GDPR, EU Data Act, CCPA, MN. How to Exercise: Free export via request; supports switching providers.
Privacy & Data Use: We do not sell or share your personal information with third parties for marketing purposes, do not serve targeted ads, and comply with CCPA/CPRA and other relevant state privacy laws (e.g., DE, NH, NJ, TN, MD). Contact us at hello@screendetect.com with any questions or to exercise your rights.
Objection/Limit Processing: Object to marketing or profiling. Applicable Laws: GDPR, IA, NE. How to Exercise: Unsubscribe links; email for others.
Withdraw Consent: Revoke prior consents (e.g., cookies). Applicable Laws: GDPR, All. How to Exercise: Cookie banner or email.
Non-Discrimination: No retaliation for exercising rights. Applicable Laws: CCPA, 2025 States. How to Exercise: N/A—automatic.

EU Data Act: You can switch SaaS providers with 1–2 months’ notice; we facilitate data handover without unfair fees.

California Residents (CCPA/CPRA): We do not sell or share your personal information with third parties for their own marketing purposes. You have the right to request access to the personal data we collect about you and to know how it is used. For any requests, please contact us at hello@screendetect.com.

Data Retention and Deletion

We retain Personal Data only as necessary:

Account/Usage Data: Duration of relationship + 1 year (for disputes).
User Content/Images: 30 days post-analysis (or until deletion request); anonymized for AI improvement.
Logs: 6 months for security.
Marketing: Until unsubscribe.

Upon deletion, data is purged or anonymized. Backups may retain for 90 days.

International Data Transfers

Data is primarily processed in the U.S. (via AWS US-West). For EU/UK users:

Transfers use Standard Contractual Clauses (SCCs) or adequacy decisions.
We conduct Transfer Impact Assessments (TIAs) annually.
No transfers to high-risk countries without safeguards.

Email: hello@screendetect.com (general).
Response Time: 1-3 business days for inquiries; 45 days for rights requests.
EU Representative: [Appointed under GDPR—details on request].
Complaints: EU users may contact supervisory authorities (e.g., CNIL in France).

We value your trust—thank you for using ScreenDetect responsibly.