Legal

Privacy Policy

Effective date: April 12, 2025

Scripy ("we," "us," or "our") operates scripy.io. This Privacy Policy explains what information we collect, how we use it, and your rights in relation to it. By using Scripy you agree to the practices described in this policy.

1. Information We Collect

1.1 Information you provide

  • Account information: Name and email address collected when you sign up via Clerk.
  • Script content: Screenplay text and uploaded files (.fountain, .txt, PDF) that you submit for analysis.
  • Payment information: Billing details processed directly by Stripe. We never store your full card number or CVV.
  • Support communications: Any messages you send to us by email.

1.2 Information collected automatically

  • Usage data: Pages visited, features used, analysis counts, and session duration.
  • Device and browser data: IP address, browser type, operating system, and referrer URL.
  • Cookies and local storage: Session tokens and preference data necessary for the service to function. See Section 7.

1.3 Information from third parties

  • Clerk: Authentication provider. Supplies verified email address and user ID upon sign-in.
  • Stripe: Payment processor. Supplies subscription status, plan tier, and billing interval after a successful transaction.

2. How We Use Your Information

  • Provide, operate, and improve the Scripy service.
  • Process your scripts through AI models to generate breakdowns, coverage, shot lists, and schedules.
  • Manage your account, subscription, and billing.
  • Send transactional emails (e.g., subscription confirmation, billing receipts). We do not send marketing emails without your opt-in consent.
  • Detect, investigate, and prevent fraud, abuse, or security incidents.
  • Comply with legal obligations.
  • Aggregate and anonymise usage data for product analytics and performance monitoring.

We do not use your scripts or AI-generated outputs to train our models or any third-party models.

3. How We Share Your Information

We do not sell your personal information. We share data only in the following circumstances:

  • Service providers: Clerk (auth), Stripe (payments), Convex (database and real-time backend), Vercel (hosting), and AI API providers (script analysis). Each provider is contractually bound to use data only to perform services on our behalf.
  • Public share links: When you generate a share link for a breakdown, the breakdown data is accessible to anyone with that link. You control whether share links are created. You can revoke access by deleting the analysis.
  • Legal requirements: We may disclose information if required by law, court order, or to protect the rights, property, or safety of Scripy, its users, or the public.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the site.

4. Data Retention

We retain your account data and scripts for as long as your account is active. If you delete your account, we will delete your personal information and script content within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g., billing records, which are retained for 7 years).

Anonymised, aggregated usage data may be retained indefinitely as it cannot identify you.

5. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information.
  • Deletion: Request that we delete your personal information ("right to be forgotten").
  • Portability: Request your data in a structured, machine-readable format.
  • Objection / Restriction: Object to or request restriction of certain processing activities.
  • Withdraw consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, email us at privacy@scripy.io. We will respond within 30 days. We may need to verify your identity before processing your request.

If you are located in the European Economic Area or United Kingdom, you also have the right to lodge a complaint with your local data protection authority.

6. Security

We implement industry-standard security measures including TLS encryption for data in transit, encrypted storage for sensitive data at rest, access controls limited to authorised personnel, and regular security reviews. No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but we take reasonable precautions to protect your information.

If we become aware of a data breach that affects your personal information, we will notify you and the relevant authorities as required by applicable law.

7. Cookies

We use the following types of cookies and similar technologies:

  • Essential cookies: Required for authentication (Clerk session tokens) and core service functionality. These cannot be disabled without breaking the service.
  • Analytics cookies: Used to understand how users interact with the service (page views, feature usage). Data is aggregated and anonymised where possible.
  • Google Ads cookies: We use Google Ads (gtag.js) to measure the performance of our advertising campaigns. Google may use cookies to track conversions. You can opt out via Google's ad settings at adssettings.google.com.

Most browsers allow you to control cookies through their settings. Disabling certain cookies may affect service functionality.

8. Children's Privacy

Scripy is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us at privacy@scripy.io.

9. International Data Transfers

Scripy is operated from the United States. If you are accessing the service from outside the United States, your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date. We encourage you to review this policy periodically. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions, requests, or concerns, contact us at: privacy@scripy.io

© 2026 Scripy. All rights reserved.

Terms of ServiceBack to Scripy