ClaraCam legal

Privacy Policy

1. Who we are

ClaraCam is made by Streamfog Inc., a company incorporated in the United States ("we", "us"). This policy covers the ClaraCam desktop apps for macOS and Windows, our sign-in and billing services, and this website. For anything privacy-related, write tokev@claracam.com.

2. Your video stays on your machine

ClaraCam is a live, on-device pipeline. Frames from your physical camera are processed by machine-learning models running on your own computer and handed to the virtual camera your meeting app reads. In particular:

3. What we collect, and why

Account information

You sign in with a Google or Microsoft account through Firebase Authentication. We receive and store the email address, display name, and a unique user ID from that sign-in. We use these to identify your account, sync your settings between machines, and manage your trial and subscription.

Settings

So your look follows you between machines, we sync your ClaraCam settings to your account: your look preset and adjustment values, quality and tone preferences, and the identifier of your selected camera. Settings contain no video or images.

First-party usage telemetry

ClaraCam sends limited metadata to our own telemetry service when the preview or virtual camera reaches a stable operating state. This lets us measure whether setup succeeds, understand which product features are used, and spot reliability problems. The analytics record may include whether the output was retouched or passed through and why, whether it came from the preview or virtual camera, the platform and app version, output resolution and frame rate, coarse ranges for retouch settings, a random installation identifier, and your Firebase user ID when you are signed in. On macOS, virtual-camera usage may also include a normalized consumer category such as Zoom, Teams, browser, OBS, or unknown; Windows currently reports the consumer as unknown.

The request may contain additional technical metadata used to validate and operate telemetry, such as OS/build/runtime information and one-way hashes of camera or app identifiers. We do not send video frames, images, audio, meeting titles or content, contact lists, filenames, or advertising identifiers. This is first-party product analytics stored in our Google Cloud project; it is not used for advertising or tracking across other companies' apps or websites.

Website and app journey analytics

We use PostHog to record a small set of product events, such as viewing or clicking a download, opening the app, completing sign-in, and completing camera setup. PostHog stores a first-party analytics cookie onclaracam.com. When you later sign in throughauth.claracam.com, that browser journey is associated with your Firebase user ID so we can understand whether downloads lead to successful setup. The desktop app uses a random installation identifier for the same purpose. We do not use this information for advertising or tracking your activity on other companies' services.

Download and lifecycle email

If you ask us to email a desktop download link, we send your email address and the message details to Loops, our email delivery provider. We also use Loops for limited account messages such as trial reminders. Starting a trial updates the delivery workflow so we do not keep sending an irrelevant download reminder.

Trial and subscription status

We store when your free trial started and ends, your subscription status and plan, and — once you subscribe — your Stripe customer ID. This is how the app knows your account is active.

Payments

Payments are processed by Stripe, Inc. Your card details go directly to Stripe; we never receive or store your card number. Stripe receives your email address to create your customer record and acts under its own privacy policy (stripe.com/privacy).

Server logs and update checks

Like any online service, our sign-in and billing endpoints and our update servers keep standard, short-lived request logs (IP address, request time, app version and platform for update checks). The apps periodically check for updates; an update check transmits no personal data beyond that standard request metadata.

What we deliberately don't collect

4. Where your data lives

Account, settings, and subscription data are stored in Google Firebase (Cloud Firestore and Firebase Authentication) in the United States (us-central1). Downloads and update files are served from Google Cloud Storage. PostHog processes product-analytics events and Loops processes lifecycle email on our behalf. These providers act as our data processors. If you are in the EU/EEA, UK, or Switzerland, your data may be transferred to and processed in the United States; our processors rely on recognized transfer mechanisms such as the EU Standard Contractual Clauses and the EU–US Data Privacy Framework.

5. Sharing

We share personal data only with the processors named above (Google, Stripe, PostHog, and Loops) and only to run and understand the service. We do not sell or rent personal data, share it for advertising, or maintain data "partnerships". We may disclose data if the law genuinely requires it, or as part of a corporate transaction (in which case this policy continues to apply to your data).

6. Retention

We keep your account data for as long as your account exists. If you ask us to delete your account, we delete your account, settings, and subscription records. Usage telemetry is retained while needed for product analytics and reliability; a verified deletion request also covers telemetry linked to your user ID. Stripe retains billing records for as long as tax and accounting law requires. Server request logs are retained briefly for security and debugging and then discarded.

7. Your rights

Depending on where you live (including under the GDPR and the California Consumer Privacy Act), you have the right to access, correct, export, and delete your personal data, to object to or restrict certain processing, and to complain to your local supervisory authority. We honor these requests for everyone, not just where the law requires it. Because we don't sell personal data or share it for advertising, there is nothing to opt out of under the CCPA's "sale or sharing" provisions, and we never discriminate against you for exercising your rights.

To exercise any right — including full account deletion — emailkev@claracam.com from the address on your account. We respond within 30 days.

8. Security

All traffic between the apps, this site, and our services is encrypted in transit (TLS). Your account data is protected by per-user access rules — each account can read and write only its own record; subscription status can be written only by our servers. App updates are cryptographically signed and verified before installation on both platforms.

9. Children

ClaraCam is a professional tool and is not directed at children under 16. We do not knowingly collect data from children; if you believe a child has created an account, contact us and we will delete it.

10. Changes

If we change this policy, we will post the new version here and update the date at the top. If a change meaningfully affects what we collect, we will say so plainly rather than bury it.

11. Contact

Streamfog Inc. ·kev@claracam.com