Limited launch·Lifetime $199 one-time
Legal

Privacy Policy

Last updated May 15, 2026

This Policy explains what data Yapless collects, how we use it, who we share it with, and your rights. It applies to the Yapless web app, the Yapless Mac app, and the share pages viewers see when you publish a recording.

1. What we collect

Account data

  • Email address, display name, and (optionally) an avatar image you upload.
  • A hashed password if you sign up with email/password; OAuth identity if you use Google.
  • Email verification status, account creation time, and sign-in timestamps.

Recordings and screenshots

  • Screen video, microphone audio, system audio, and cursor telemetry captured by the Mac app when you initiate a recording.
  • Screenshots you polish through the editor, including the raw image you captured and the composed PNG we generate.

Voice clones

  • An audio sample you record during voice-clone enrollment, plus consent timestamps proving you authorized the clone.

Billing

  • Stripe Customer ID, subscription status, plan, and invoice IDs. We never see your card details — Stripe handles payment data directly.

Usage analytics

  • Aggregate product events (e.g., "recording started", "voice clone enrolled") via PostHog, used to understand feature adoption. No recording content or transcripts are sent to PostHog.

2. How we use it

  • To provide the Service. Recordings flow through the cleanup → compose → publish pipeline. Without storing them we can't render the polished result or serve a share page.
  • To bill you. Stripe data drives access control and invoicing.
  • To improve the Service. Aggregate usage analytics inform what we build next. We never use Your Content to train models.
  • To communicate with you. Service emails (welcome, receipts, account changes) and — if you opt in — occasional product updates.

3. Who we share it with

We use the following third-party processors. Each receives only the data necessary to perform its role:

  • Stack0 (object storage on AWS S3) — stores screen recordings, voice samples, avatars, and the composed final videos.
  • Anthropic Claude — receives transcripts to identify filler words and stumble points and to suggest a title. Anthropic does not train on API inputs.
  • ElevenLabs — receives your voice enrollment sample to create an Instant Voice Clone, and receives short cleanup-target sentences to synthesize in that voice.
  • Stripe — handles all payment processing and stores card data on its own systems.
  • PostHog — aggregate product analytics.
  • Vercel — hosts the marketing site and dashboard.

We don't sell your data. We don't share Your Content with advertisers. We only disclose data in response to legal process where required by law, and we'll notify you unless prohibited from doing so.

4. Where data is stored

Recordings, voice samples, and avatars are stored in AWS S3 (us-east-1 by default). Account and billing data are stored in our database operated by Yapless. Backups are encrypted at rest.

5. Retention

  • Recordings and screenshots are kept until you delete them, or until your account is closed.
  • Voice clones persist until you delete them from the dashboard, at which point we also delete the underlying ElevenLabs voice and the enrollment sample from Stack0.
  • Account data is kept while your account is active and for up to 30 days after deletion (for recovery + abuse-investigation purposes), then purged.
  • Invoices are kept for 7 years to comply with tax-and-records obligations.

6. Your rights

Regardless of where you live, you can:

  • Access and download your data from the dashboard at any time;
  • Delete your account, voice clone, or any recording;
  • Correct inaccurate account data (name, email) from the dashboard;
  • Object to or restrict processing — email privacy@getyapless.com and we'll honor reasonable requests.

Residents of the EU/UK (GDPR) and California (CCPA) have additional statutory rights. We treat all users to the same standard — the rights above apply globally.

7. Security

We use TLS in transit, AES-256 encryption at rest for stored files, and short-lived session tokens. Voice clones are gated behind a consent log so unauthorized cloning can be audited and reversed. If you suspect a security issue, email security@getyapless.com — we'll respond within one business day.

8. Children

Yapless isn't directed at children under 13. If we learn we collected data from a child under 13 without parental consent, we'll delete it.

9. Changes to this Policy

Material changes are announced by email or in-app notice at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.

10. Contact

Privacy questions or requests: privacy@getyapless.com.