Privacy Policy
Plain-language summary
We collect only what we need to run the Service. We don't sell your data, don't run ad trackers, and don't train AI on your photos. You can request a copy of your data, correct it, or delete it at any time by emailing [email protected].
This Privacy Policy describes how Brilliant Monkey, LLC, a Minnesota limited liability company ("Capsure," "we," "us," or "our"), collects, uses, discloses, and safeguards personal information in connection with the Capsure websites capsureapp.com, capsure.app, and dash.capsureapp.com, and any related applications, APIs, and services (the "Service").
1. Quick summary
- We collect the information you need to give us to create an account, pay for your event, receive media from your Guests, and support you.
- We do not sell your personal information and we do not share it for cross-context behavioral advertising or targeted advertising.
- We do not run third-party advertising pixels or analytics trackers on our sites.
- We use a small number of trusted sub-processors — listed in § 7 — to run our Service, including Stripe for payments, Cloudflare for security, and Amazon Web Services for email delivery and storage.
- You can request a copy of your data, correct it, delete it, or opt out of certain processing. See § 10.
- Contact us: [email protected].
2. Who is covered
This Policy covers:
- Hosts — people who register an account to receive media from their event Guests.
- Affiliates — people enrolled in our affiliate program.
- Guests — people who upload, view, or interact with event media without registering.
- Visitors — people who browse our marketing website.
If you are a Guest uploading to a Host's event, the Host also receives your uploaded Content and is responsible for how they use that Content. This Policy covers only Capsure's practices, not the Host's.
3. Categories of personal information we collect, sources, purposes, and retention
The table below is a consolidated notice under CCPA § 1798.100, MCDPA § 325O.05, and GDPR Arts. 13–14.
| Category | Examples | Source | Purpose | Legal basis (GDPR) | Retention |
|---|---|---|---|---|---|
| A. Identifiers | Name, email address, password hash, user ID (UUID), IP address, device identifiers, guest browser identifier | Directly from you; automatically from your device | Account creation and authentication; guest attribution; security; customer support | Performance of a contract (Art. 6(1)(b)); legitimate interests in security (Art. 6(1)(f)) | Account data: life of account + up to 90 days after deletion. Guest identifier: until you clear browser storage. Server logs: 30 days. |
| B. Customer records | Billing name, billing address (collected by Stripe, not stored by Capsure) | Directly from you via Stripe | Processing payments | Performance of contract | Not retained by Capsure (retained by Stripe per Stripe's policy) |
| C. Commercial information | Purchases, order history, affiliate commissions and payouts | Directly from you; from Stripe | Fulfilling orders; accounting; affiliate payouts | Performance of contract; legal obligation (tax) | 7 years for tax/audit records |
| D. Internet and network activity | Pages viewed, features used, error logs, crash traces, request metadata | Automatically | Security, performance monitoring, debugging | Legitimate interests | Sentry telemetry: 90 days. Access logs: 30 days |
| E. Geolocation (coarse) | Approximate location from IP address; EXIF GPS coordinates parsed from photos but not stored | Automatically / from file you upload | Security; statistics | Legitimate interests; consent for any future GPS-based feature | Not stored |
| F. Sensory information (audiovisual) | Photos and videos you upload (User Content) | Directly from you | Providing the Service (hosting, thumbnailing, delivering media) | Performance of contract | For the access window of the tier, plus up to 90 days of cold-storage retention before permanent deletion |
| G–H. Professional / Education | None collected. | ||||
| I. Inferences | Aggregated counts (photos uploaded, likes given) used to enforce plan limits | Derived | Plan-limit enforcement | Performance of contract | While account exists |
| J. Sensitive personal information | Account credentials (email + password) as a login combination only. We do not collect precise geolocation, racial/ethnic origin, health, or sexuality data. | — | Authentication only | Performance of contract | Life of account |
| K. Biometric information | None at this time. Future opt-in face-grouping feature would require separate consent. | — | Planned future feature | Consent (Art. 6(1)(a), Art. 9(2)(a)) | N/A today |
| L. Children's data | None knowingly collected from children under 13. | ||||
4. How we use personal information
In addition to the purposes in the table above, we may use personal information to:
- deliver, operate, maintain, and improve the Service;
- detect, investigate, and prevent fraud, abuse, and security incidents;
- enforce our Terms of Service and Acceptable Use Policy;
- respond to support requests, data-subject access requests, legal process, and regulator inquiries;
- send transactional messages (account verification, password reset, event notifications, payment receipts);
- send marketing emails — only if you opted in at signup or later (§ 11);
- comply with legal, accounting, and tax obligations; and
- establish, exercise, or defend legal claims.
We do not use your personal information or your Content to train generalized AI/ML models or to develop a product made available to third parties for their own use, except with your separate opt-in consent.
5. Photos, videos, and EXIF metadata
When you upload a photo or video, our upload service extracts the DateTimeOriginal timestamp from the file's EXIF metadata so that we can sort media on the event timeline. We parse but do not store other EXIF fields such as GPS coordinates, camera make/model, or serial numbers. Uploaded images are re-encoded and stripped of EXIF metadata except for orientation data required to render the image correctly. The original file as stored by Capsure therefore does not include GPS coordinates.
6. How we disclose personal information
We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. We disclose personal information only:
- To service providers / processors — vendors that host, secure, or support the Service (§ 7). They process your data on our instructions under written contracts that restrict their use.
- To Hosts — if you are a Guest uploading media to a Host's event, the Host receives your Content and any optional identifying information you provide.
- To Affiliates — aggregate attribution only (e.g., "a purchase linked to your referral code occurred"), not personally identifying Guest data.
- For legal reasons — to comply with subpoenas, court orders, or other legal process or to protect Capsure's rights or property.
- In a business transfer — if Capsure is involved in a merger, acquisition, financing, or sale of assets. We will notify you before personal information becomes subject to a different privacy policy.
- With your consent — for any other purpose disclosed at the point of collection.
Do we "sell" or "share" personal information? No. We do not sell personal information for money or other valuable consideration, and we do not "share" personal information for cross-context behavioral advertising. We honor the Global Privacy Control browser signal as an opt-out signal for any visitor who sends it.
7. Sub-processors
As of the Effective Date, the following sub-processors may process personal information on our behalf. A current version is maintained at capsureapp.com/legal/sub-processors.
| Sub-processor | Purpose | Data location |
|---|---|---|
| Stripe, Inc. | Payment processing; affiliate payouts via Stripe Connect | United States |
| Cloudflare, Inc. | DNS, content delivery, DDoS protection | Global edge network |
| Amazon Web Services, Inc. (SES, S3) | Transactional and bulk email delivery; object storage | United States |
| Functional Software, Inc. (Sentry) | Error and performance telemetry (migrating to self-hosted infrastructure) | United States |
8. International data transfers
Capsure is based in the United States and stores most data in the United States. If you access the Service from outside the United States, your personal information will be transferred to and processed in the United States. Where required, we rely on the European Commission's Standard Contractual Clauses (EU 2021/914) for transfers from the EEA, the UK International Data Transfer Addendum for transfers from the United Kingdom, and equivalent safeguards with each sub-processor. You may request a copy of our transfer safeguards by emailing [email protected].
9. Security
We take reasonable administrative, technical, and physical safeguards to protect personal information, including encryption of data in transit using TLS, access controls on our production systems, password hashing through Ory Kratos, network-level protection via Cloudflare, and separation of payment data to Stripe. No system is perfectly secure. If we become aware of a personal-data breach, we will notify affected individuals and applicable regulators in accordance with law.
10. Your privacy rights
Your rights depend on where you live. We do not discriminate against you for exercising a right. To exercise any right, email [email protected] or use the Your Privacy Choices link.
10.1 All users (wherever you live)
You may always request access to your personal information, request correction, request deletion of your account and associated data, opt out of marketing email, and ask us a question about this Policy. Hosts and Affiliates can self-serve at dash.capsureapp.com/settings/privacy.
10.2 California (CCPA/CPRA)
California residents have the right to know, request access to a portable copy, request deletion, request correction, opt out of sale or sharing (not applicable — we do not sell or share), limit use of sensitive personal information (not applicable — we do not use SPI beyond permitted purposes), and non-discrimination for exercising these rights. Response time: 45 days plus one 45-day extension on notice.
10.3 Minnesota (MCDPA, Minn. Stat. ch. 325O)
Minnesota residents have the right to confirm processing, access, delete, correct, obtain a portable copy, and opt out of targeted advertising and profiling (not applicable — we do none of these). Response time: 45 days.
10.4 Other U.S. states
Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other states with comprehensive privacy laws have substantially the same rights listed above. Response time is typically 45 days. Appeals: [email protected].
10.5 European Economic Area / United Kingdom (GDPR / UK GDPR)
If the GDPR or UK GDPR applies, you have the right to access, rectify, erase, or restrict processing; data portability; object to processing based on our legitimate interests; withdraw consent at any time; and lodge a complaint with a supervisory authority (e.g., the Irish DPC or UK ICO).
10.6 Canada (PIPEDA)
Canadian residents may request access, correction, or deletion of their personal information and may withdraw consent. Contact [email protected]. You may also complain to the Office of the Privacy Commissioner of Canada.
10.7 Global Privacy Control
We treat a valid Global Privacy Control signal (Sec-GPC: 1 HTTP header or navigator.globalPrivacyControl === true) as an opt-out of any sale, sharing, and targeted-advertising processing, for any jurisdiction where that signal is recognized.
11. Marketing communications
We send marketing email only if you opted in at signup or later. Every marketing email contains an unsubscribe link and honors one-click unsubscribe (RFC 8058). You can also manage your preferences at dash.capsureapp.com/settings/privacy or email [email protected]. Transactional messages are sent regardless of marketing preferences, because they are necessary to provide the Service.
12. Cookies and similar technologies
See the separate Cookie Policy for details.
13. Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided information to us, contact [email protected] and we will delete it promptly.
14. Do Not Track
Some browsers transmit a "Do Not Track" signal. There is no widely adopted standard for how to respond to it. We respect the Global Privacy Control signal instead (§ 10.7).
15. Changes to this Policy
We may update this Policy. If we make a material change, we will post the updated version at capsureapp.com/legal/privacy, update the Effective Date, and, for Hosts and Affiliates, send notice to your account email at least 14 days before the change takes effect.
16. Contact
Brilliant Monkey, LLC6597 Janero Bay South, Cottage Grove, MN 55016, USA
Privacy requests: [email protected]
Legal notices: [email protected]