Privacy Policy

1. Introduction

SurfShield ("we", "our", "us") provides AI-powered shoulder-surfing protection through our website, Chrome extension, and desktop application (collectively, the "Service"). This policy explains what information we collect, how we use it, and the rights you have over it.

By using the Service, you agree to the practices described in this policy. If you don't agree, please don't use the Service.

2. What information we collect

2.1 Camera frames (transient)

When you enable shield protection, SurfShield accesses your camera to capture short still frames at regular intervals. These frames are sent to our detection service to determine whether one or more people are visible.

• Frames are not recorded. No video stream is saved.
• SurfShield doesn't store frames. Once a detection result is returned, the frame is discarded from our servers — we don't keep a copy.
• Frames are processed by a third-party AI service (Anthropic). Anthropic may retain frames briefly (up to 7 days by default) for abuse prevention and reliability, then deletes them. Anthropic does not use API data to train their models. See §5.1.
• Frames are not used to identify you. SurfShield counts people in view; it does not match faces to identities.

2.2 Account information

If you subscribe to a paid plan, we collect:

• Email address (used to sign you in and contact you)
• Name and profile picture — only when you sign in with Google, supplied by Google
• Google account identifier — only when you sign in with Google
• Payment information (processed by Stripe — we never see or store your card number)
• Subscription status (active, trialing, canceled, past due)
• License key (used to authenticate your extension and desktop app)

2.3 Usage data

The Service may collect anonymous usage information to help us improve the product:

• How often you enable/disable shield protection
• Whether detections occurred (count only, no images)
• Application version, operating system, and crash reports
• Approximate region (country-level), derived from IP address

2.4 Cookies and similar technologies

Our website uses minimal cookies, primarily to keep you signed in and remember your preferences. We do not use third-party advertising cookies or trackers.

3. What we do NOT collect

• We do not perform facial recognition. Our detection counts people; it does not identify them.
• We do not store video. No webcam footage is saved by us, ever.
• We do not collect biometric identifiers. No facial templates, fingerprints, or voice prints.
• We do not sell your personal information. Not now, not ever.
• We do not show you advertisements in our products, and we do not allow advertisers to track you.
• We do not use passwords. Sign-in is via Google (OAuth) or a one-time code sent to your email — there are no passwords for us to store or for you to remember.

4. How we use your information

We use the information we collect to:

• Operate the detection service and deliver shield protection
• Manage your account, subscription, and billing
• Send service-related emails (sign-in codes, billing receipts, important updates)
• Improve the product through anonymous usage analysis
• Respond to support requests
• Comply with legal obligations

5. Third-party services

SurfShield uses a small number of trusted third-party services to operate. We share only the data necessary for each service to function.

5.1 Anthropic (AI detection)

Camera frames are sent to Anthropic's API for shoulder-surfer detection. Under Anthropic's standard API terms:

• Frames are never used to train Anthropic's AI models.
• Frames are retained in Anthropic's operational logs only briefly (up to 7 days by default) for abuse prevention and reliability, then automatically deleted.
• Frames are not used for facial recognition or biometric identification on Anthropic's side either.

For full details, see Anthropic's API data retention policy and privacy policy.

5.2 Stripe (payments)

Subscription payments are collected and processed by Stripe. We never see or store your full card number. Stripe also sends you payment receipts and renewal notifications.

5.3 Supabase (account database)

Your account email, subscription metadata, and license key are stored in Supabase, a managed PostgreSQL platform. Supabase also handles email delivery for one-time sign-in codes. Stored data is encrypted at rest and in transit.

5.4 Vercel (hosting)

Our website and detection API are hosted by Vercel. They process incoming requests on our behalf and may log basic request metadata (IP address, user agent) for operational purposes.

5.5 Future email service

We may add a dedicated transactional email service in the future for marketing or notification emails. If we do, we will update this policy and notify you of any change in data handling.

5.6 Google (sign-in)

If you choose to sign in with Google, Google handles authentication and shares your email address, name, profile picture, and Google account ID with us. Google does not see your activity inside SurfShield, and we do not share any product data back to Google. You can revoke SurfShield's access at any time from your Google account settings.

6. Data security

We use industry-standard security measures to protect your data:

• All traffic is encrypted with HTTPS/TLS
• Camera frames are transmitted securely over HTTPS to our detection API. SurfShield's own servers do not store frames; our AI provider's brief retention is described in §5.1.
• Account data is encrypted at rest in Supabase
• API keys and secrets are stored in encrypted environment variables, never in client-side code
• Sign-in uses Google OAuth or one-time codes — no passwords to leak or reuse

No system is perfectly secure. If we ever experience a data breach affecting your information, we will notify you promptly and as required by applicable law.

7. Your rights

You have rights over the personal information we hold about you. Depending on where you live, these may include:

7.1 General rights (everyone)

• Access — request a copy of the data we hold about you
• Correction — ask us to fix inaccurate data
• Deletion — ask us to delete your account and associated data
• Cancel anytime — cancel your subscription through the billing portal linked from your account page
• Unsubscribe — opt out of any non-essential emails through the link in those emails

7.2 California residents (CCPA)

If you reside in California, you have additional rights under the California Consumer Privacy Act:

• The right to know what categories of personal information we collect and how we use it
• The right to request deletion of personal information we hold about you
• The right to opt out of the "sale" or "sharing" of personal information (we don't sell or share)
• The right to non-discrimination for exercising any of these rights

7.3 European Economic Area and UK residents (GDPR)

If you reside in the EEA or UK, you have rights under GDPR/UK GDPR:

• Right of access, rectification, erasure, restriction, portability, and objection
• Right to withdraw consent at any time (where processing is based on consent)
• Right to lodge a complaint with your local data protection authority

For GDPR purposes, the data controller is SurfShield, contactable at the support email below. Where we transfer data outside the EEA/UK, we rely on appropriate safeguards including provider Data Processing Agreements and Standard Contractual Clauses.

7.4 How to exercise your rights

Email support@getsurfshield.com with your request. We will respond within 30 days (or sooner where required by law).

8. Children's privacy

SurfShield is not intended for users under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we'll delete it.

9. International data transfers

SurfShield's service providers (Anthropic, Stripe, Supabase, Vercel, Google) are primarily located in the United States. If you use our Service from outside the U.S., your information will be transferred to and processed in the U.S. and other jurisdictions where our providers operate. By using the Service, you consent to this transfer. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we'll notify you by email (if you have an account) and post the updated policy on our website with a new "Last updated" date. Continued use of the Service after changes means you accept the updated policy.

11. Contact us

For privacy questions, data requests, or anything else covered by this policy, reach out:

• Email: support@getsurfshield.com
• Web: getsurfshield.com/feedback