Legal

Privacy Policy

๐Ÿ“… Last updated: April 14, 2026 ๐ŸŒ Applies to: magicshot.us Chrome Extension
Table of Contents
  1. Overview
  2. Data We Collect
  3. Data We Do NOT Collect
  4. Screenshots & Page Content
  5. How We Use Your Data
  6. Data Sharing
  7. Third-Party Services
  8. Data Retention
  9. Security
  10. Your Rights
  11. Children's Privacy
  12. Changes to This Policy
  13. Contact Us

1. Overview

MagicShot ("we", "us", "our") is a Chrome extension published at magicshot.us that captures screenshots of webpages and uses AI to generate documentation such as SOPs, step-by-step guides, explanations, and bug reports.

This Privacy Policy explains what personal data we collect when you use the MagicShot Chrome extension and web dashboard ("the Service"), how we use it, with whom we share it, and what rights you have over it.

By installing and using MagicShot, you agree to the practices described in this Privacy Policy. If you do not agree, please uninstall the extension and discontinue use of the Service.

Plain-language summary: We collect your email address (which you provide voluntarily) and the screenshots you choose to capture. We use this to generate your documentation and save it to your account. We do not track your browsing, sell your data, or collect anything in the background.

2. Data We Collect

Data TypeHow CollectedPurpose
Email address Voluntarily entered by you in the extension settings Account identification, document storage, credit tracking, dashboard access
Screenshots (images) Captured only when you explicitly click "Add Screenshot" AI processing to generate documentation; stored with your account
Page URL & title Read from the active tab at the moment of capture Naming and organizing saved documents
Generated documents Created by AI from your screenshots Stored in your account for dashboard access and re-download
Credit transactions Automatically when credits are added or used Credit balance tracking and billing history
Session tokens Automatically generated when accessing the dashboard Secure, passwordless dashboard login (valid 24 hours)

3. Data We Do NOT Collect

We are committed to minimal data collection. We do not collect:

Data TypeCollected?
Browsing history or visited URLs (except the current page at capture time)NOT COLLECTED
Background tab content or page monitoringNOT COLLECTED
Keystrokes, mouse movements, or user inputNOT COLLECTED
Passwords or authentication credentialsNOT COLLECTED
Health or medical informationNOT COLLECTED
Financial or payment card detailsNOT COLLECTED
Precise geolocation or GPS dataNOT COLLECTED
Personal communications (email, chat, messages)NOT COLLECTED
Device identifiers or advertising IDsNOT COLLECTED
Information from other websites or appsNOT COLLECTED

4. Screenshots & Page Content

When you click "Add Screenshot to Session", the extension captures an image of the currently visible portion of your active browser tab. This image is:

  • Compressed to a maximum of 1280px width (JPEG, 82% quality) before transmission
  • Transmitted over HTTPS to the MagicShot API server
  • Processed by OpenAI's GPT-4o Mini Vision API to generate your documentation
  • Stored in your account if you are signed in with an email address

Important: We only process screenshots when you explicitly click the capture button. MagicShot does not monitor pages in the background, does not capture content from tabs you're not actively viewing, and does not run continuously.

Sensitive content

If you capture screenshots that contain sensitive personal information (e.g., medical records, financial data, private messages), that content will be sent to OpenAI for AI processing and stored in your account. You are responsible for ensuring you have the right to capture and process such content. We recommend not capturing screens containing other people's personal data without their consent.

5. How We Use Your Data

We use the data we collect only for the following purposes:

  • Providing the Service โ€” Processing your screenshots with AI to generate the documentation you requested.
  • Account management โ€” Linking your documents and credits to your email address so you can access them across devices.
  • Export functionality โ€” Generating PDF and DOCX exports from your captured sessions.
  • Credit tracking โ€” Recording credit additions and usage to maintain your accurate balance.
  • Dashboard access โ€” Generating secure login tokens so you can access your documents via the web dashboard.
  • Service improvement โ€” Aggregate, anonymized usage patterns may be used to improve the Service.

We do not use your data to:

  • Serve advertising or build advertising profiles
  • Sell or rent data to third parties
  • Determine creditworthiness or eligibility for financial services
  • Profile users based on browsing behavior
  • Train AI models (your data is processed by OpenAI's API but not used to train OpenAI's models under their API terms)

6. Data Sharing

We do not sell, rent, or trade your personal data. We share data only in these limited circumstances:

  • With OpenAI โ€” Screenshots are sent to OpenAI's API for AI analysis. See Section 7 for details.
  • With Stripe โ€” Payment processing is handled by Stripe. We share only what is necessary to process your payment. See Section 7 for details.
  • For legal compliance โ€” If required by law, court order, or lawful government request.
  • In a business transfer โ€” If MagicShot is acquired or merges with another company, your data may be transferred. You will be notified in advance.

7. Third-Party Services

OpenAI

We use OpenAI's API to analyze screenshots and generate documentation. When you capture a screenshot, the image is sent to OpenAI's servers in the United States. OpenAI processes this data under their API Data Usage Policy โ€” data submitted via the API is not used to train OpenAI's models by default.

Stripe

Payment processing is handled by Stripe, Inc. When you purchase a subscription or credit pack, you are directed to Stripe's secure checkout. MagicShot never sees or stores your full card number, CVV, or complete billing address. Stripe's Privacy Policy governs data collected during payment.

Hosting Infrastructure

The MagicShot API server and database are hosted on Replit's cloud infrastructure. Data is stored in a PostgreSQL database within a secure, isolated environment. All communications are encrypted in transit via HTTPS/TLS.

8. Data Retention

We retain your data for as long as your account is active and as needed to provide the Service:

  • Email address โ€” Retained until you request account deletion.
  • Documents & screenshots โ€” Retained until you delete them from your dashboard or request account deletion.
  • Credit transaction records โ€” Retained for billing and dispute resolution purposes for up to 7 years, as required by financial regulations.
  • Session tokens โ€” Automatically expire after 24 hours.

You can delete individual documents at any time from your web dashboard. To delete your entire account and all associated data, contact us at the address in Section 13.

9. Security

We take reasonable technical and organizational measures to protect your data:

  • All data is transmitted over HTTPS/TLS encryption
  • Database access is restricted to authenticated server processes only
  • Dashboard access uses time-limited, one-time authentication tokens โ€” no passwords stored
  • The extension only communicates with the MagicShot API server (no third-party scripts loaded by the extension)
  • Screenshots are compressed before transmission to minimize data exposure

While we take security seriously, no system is 100% secure. If you suspect unauthorized access to your account, contact us immediately so we can revoke all active tokens.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access โ€” You can access all your stored documents via the web dashboard at any time.
  • Deletion โ€” You can delete individual documents from the dashboard, or request full account deletion by contacting us.
  • Correction โ€” If your email address changes, update it in the extension settings. Contact us to update other account details.
  • Portability โ€” You can download your documents as PDF or DOCX at any time from the dashboard or extension.
  • Objection / Restriction โ€” You may contact us to object to or restrict how we process your data. Note: restricting processing may limit Service functionality.
  • Withdrawal of consent โ€” You may stop using the Service and uninstall the extension at any time. This constitutes withdrawal of consent for future data processing.

To exercise any of these rights, contact us as described in Section 13. We will respond within 30 days.

11. Children's Privacy

MagicShot is not directed to children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately and we will delete the data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page.

We recommend reviewing this page periodically. Your continued use of MagicShot after changes are posted constitutes your acceptance of the updated policy.

For significant changes, we will provide notice via the Chrome Web Store listing or, where possible, via email to your registered address.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us through the Chrome Web Store support page for MagicShot:

magicshot.us on Chrome Web Store โ†’

For account deletion requests or data export requests, include your registered email address and a description of your request. We will respond within 30 days.

ยฉ 2026 magicshot.us ยท This privacy policy applies to the MagicShot Chrome extension and web dashboard. ยท Home ยท Help & Support