Splyc LLC doing business as Splyc ("Splyc," "we," "our," or "us") provides software and services to capture, edit, manage, publish, and analyze short-form and related media that may connect to third-party platforms (such as Twitch, YouTube, and Kick). This Privacy Policy describes how we collect, use, disclose, and otherwise process personal information in connection with our websites, browser extension, APIs, and related offerings (collectively, the "Service"). It should be read together with our Terms of Service and Cookie Policy. If you do not agree with this Policy, do not use the Service. Your use of connected streaming or social platforms is also subject to their terms, developer policies, and community rules; our Terms of Service describe your responsibilities for content and intellectual property.
This Policy applies to visitors and registered users of the Service. Depending on how you use Splyc, we may process personal information about you, your account, your devices, and content you upload or generate. We act as a controller of personal information we decide how and why to process for our own business purposes (for example, account administration, security, and product analytics). Where we process information solely on behalf of an organization customer, that customer may be the controller—this Policy still describes our practices at a high level.
The Service is not intended for children under 13 (or higher age where required to consent in your jurisdiction). See Children below.
Ownership, license, and acceptable use of content you process through Splyc are governed primarily by the Terms of Service; this Policy focuses on personal information processing.
We collect categories of information that generally fall into the following groups:
We collect information directly from you (forms, uploads, extension, editor), automatically when you use the Service (logs, cookies, similar technologies), from connected platforms when you authorize access, from payment processors when you pay, and in limited cases from public sources or partners if you choose integrations they offer.
We use personal information for purposes including:
We do not sell your personal information as that term is commonly defined in U.S. state privacy laws, and we do not use your personal information for cross-context behavioral advertising unrelated to operating Splyc.
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on one or more of the following legal bases under applicable data protection law: performance of a contract with you (providing the Service); legitimate interests that are not overridden by your rights (for example securing the Service, improving reliability, and direct marketing to business users where appropriate); consent where we expressly ask for it (for example certain cookies or optional communications); and legal obligation (for example tax or regulatory recordkeeping where applicable).
You may have rights to access, rectify, erase, restrict, or object to certain processing, and to data portability, as well as the right to lodge a complaint with a supervisory authority. To exercise rights, contact privacy@splyc.app. We will respond within the timeframes required by law after verifying your request.
We and our partners use cookies, local storage, pixels, and similar technologies for session management, preferences, security, and analytics. We may use Vercel Web Analytics and OpenPanel on the marketing web app for aggregated traffic and product telemetry. When enabled, we may use DataFast(datafa.st) for lightweight, cookieless product analytics and SPA route visibility—see each vendor's privacy notice for how they process technical data. Details, categories, and your choices are described in our Cookie Policy. Where required, we obtain consent before non-essential cookies are set.
Splyc's AI-assisted features (clip assistant, floating agent, captioning, analysis, extension-side enrichment, and related tools) send prompts, transcript excerpts, metadata, and media snippets to model providers under our configuration. By default we use OpenAIAPIs (for example chat completions and speech-to-text / diarization models such as Whisper-class endpoints). We may configure alternate API base URLs or models for specific features; when we do, those providers' privacy terms apply in addition to this Policy.
OpenAI and similar vendors process content as a subprocessor to deliver responses. Their retention, logging, abuse monitoring, and whether inputs may be used to improve vendor models are governed by theirpolicies and our account settings with them—review OpenAI's Business Terms / API data policies for details. Outputs can be wrong or incomplete; you remain responsible for reviewing content before publication or reliance, consistent with our Terms. Do not submit payment card numbers, government ID numbers, or highly sensitive personal data in prompts unless a feature explicitly requires it and we provide separate notice.
Splyc-operated models. We do not train our own large general-purpose models on your stored User Content. Vendor subprocessors (such as OpenAI) apply their own retention, safety, and (where contractually permitted) improvement policies to API traffic—review their documentation if you need certainty for a given deployment or enterprise arrangement.
We use the categories of vendors below to run the Service. They process personal information on our instructions (as processors or subprocessors) except where they use data for their own legal, security, or billing purposes as described in their public notices. This list can change as we add or replace vendors; we will update this Policy or post a subprocessors page for material additions where required by law.
NEXT_PUBLIC_DATAFAST_WEBSITE_ID is set (cookieless SPA analytics). Each provider's policy governs data they process on our behalf or as an independent recipient.We disclose personal information in the following circumstances:
Paid subscriptions are processed by Stripe. Stripe collects and stores payment methods and processes charges according to its privacy notice, PCI obligations, and our Stripe Checkout / Customer Portal configuration. We receive Stripe customer identifiers, subscription status, invoice metadata, and related records needed to operate billing and support—not full payment card numbers on Splyc-controlled databases.
If we introduce or expand creator programs, revenue sharing, or similar features, we may process additional financial or identity-related data to meet tax, fraud-prevention, and payout obligations. We will provide collection-time notice and, where required, obtain consent or contracts (for example data processing agreements) before expanding uses beyond what this Policy describes.
We implement administrative, technical, and organizational measures designed to protect personal information, including encryption in transit (such as TLS for web and API traffic), encryption at rest for many stored secrets and credentials, access controls and least-privilege practices for personnel and systems, logging and monitoring, vulnerability management, and incident response procedures. When enabled, optional tooling such as Sentry and Logtail helps us detect and diagnose errors; those services may receive stack traces or request metadata subject to their privacy notices. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
If you believe your account or data has been compromised, contact security@splyc.app immediately.
We retain personal information for as long as your account is active, as needed to provide the Service, and as necessary to comply with legal obligations (for example tax, accounting, or regulatory retention), resolve disputes, and enforce agreements. When you delete your account or content where the product allows deletion, we delete or irreversibly anonymize information within a reasonable period unless a longer retention period is required by law or legitimate interests (for example security backups that roll off on a schedule).
Aggregated or de-identified information may be retained without time limit where it no longer identifies you.
Splyc is based in the United States. If you access the Service from other countries, your information may be transferred to the U.S. and other jurisdictions where we or our subprocessors operate. Where required, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission (and UK Addendum or Swiss adaptations as applicable), plus supplementary measures we assess as appropriate.
Depending on your location, you may request access to, correction of, or deletion of personal information we hold about you; object to or restrict certain processing; withdraw consent where processing was consent-based; or receive a portable copy of data you provided where technically feasible. You may disconnect third-party accounts in settings and revoke OAuth access at the platform. To exercise privacy rights, email privacy@splyc.app from the email address associated with your account; we may need to verify your identity before fulfilling requests.
If we deny a request where the law permits, we will explain why. You may appeal certain decisions where applicable law provides an appeal process.
Residents of certain U.S. states may have additional rights under local law (for example California, Colorado, Virginia, and others as they come into effect). Those rights can include access, deletion, correction, and opt-out of certain processing. We do not sell personal information or share it for cross-context behavioral advertising as defined in the CCPA/CPRA. We do not use sensitive personal information to infer characteristics, except as permitted to provide the Service you request.
Authorized agents may submit requests on your behalf where permitted; we may require proof of authorization. We will not discriminate against you for exercising privacy rights.
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact privacy@splyc.app and we will take appropriate steps to delete it. Some features may impose higher age limits (for example paid or program features); those limits will be stated in the product or supplemental terms.
We respond to notices of alleged copyright infringement in accordance with the U.S. Digital Millennium Copyright Act. See our DMCA / Copyright Policy or email dmca@splyc.app. It is our policy to terminate or restrict repeat infringers where appropriate, as described in our Terms of Service.
We may update this Privacy Policy from time to time. We will post the current version at splyc.app/legal/privacy and update the "Last Updated" date. If a change is material, we will provide additional notice (for example by email or in-product message) where required by law.
This Policy summarizes our practices in plain language and is not legal advice. Published product behavior and counsel review should be aligned before relying on this text in regulated contexts.