Privacy Policy

1. Information We Collect

We collect the following types of information:

• Account information: When you create an account through our authentication provider (Clerk), Clerk manages your email address and password. Demosix stores the public handle and display name you choose, plus any profile image you upload.
• Content: Screen recordings and associated metadata (titles, descriptions, thumbnails, and transcoded video formats) that you upload to the Service.
• Usage data: Information about how you interact with the Service, including demos viewed, votes, follows, search queries, and navigation patterns.
• Device information: When using the desktop recorder, we may collect basic device information (operating system, app version) for error reporting and compatibility.
• Network information: We collect IP addresses for rate limiting and abuse prevention. IP addresses are hashed and are not stored in plain text.
• Analytics data: We collect anonymous, aggregated analytics data (page views, performance metrics) to monitor and improve the Service.

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve the Service
• Process, transcode, and deliver your screen recordings
• Send notifications about activity relevant to you (e.g., new demos from networks you follow)
• Enforce our Terms of Service, moderate content, and protect the safety of our users
• Monitor and analyze usage trends to improve user experience
• Prevent fraud, abuse, and unauthorized access through rate limiting and security measures
• Respond to legal requests and comply with applicable law (see Section 7)

3. Third-Party Services

We use the following third-party services to operate the platform:

• Clerk for authentication and user management
• Mux for video processing, hosting, and delivery
• Stripe for workspace billing, paid Network memberships, creator payout onboarding, payment processing, invoices, and tax/legal payment records
• Vercel for web hosting and file storage
• Vercel Analytics & Speed Insights for anonymous usage analytics and performance monitoring
• Sentry for error tracking and performance monitoring
• Neon for database hosting
• Upstash for rate limiting (processes hashed IP addresses)
• Ably for real-time notification delivery
• Inngest for background job processing
• Algolia for search functionality (when enabled)

Each of these services has its own privacy policy governing its handling of your data. We encourage you to review their respective privacy policies. We share only the minimum data necessary for each service to perform its function.

4. Screen Recordings and Third-Party Data

Screen recordings uploaded to Demosix may capture personal data, proprietary information, or other sensitive content belonging to individuals other than the person who made the recording. This may include names, email addresses, messages, documents, or other information visible on screen at the time of recording.

Demosix does not review, scan, or analyze the contents of your recordings for third-party personal data. You are solely responsible for ensuring that your recordings comply with all applicable privacy laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and any applicable state or federal wiretapping, eavesdropping, or consent laws. You must obtain all necessary consents from individuals whose data may appear in your recordings before uploading them to the Service.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS/SSL), secure authentication, and access controls. Private and paid Network content is protected through signed playback tokens and membership verification. Paid Networks may expose storefront metadata, member counts, prices, and free preview demos publicly while keeping member-only playback gated. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your account data for as long as your account is active. If you delete a demo, it enters a soft-delete state and is permanently removed (including deletion of the underlying video asset) after 7 days. If you delete your account, we enqueue an account purge immediately. The purge deletes your Clerk identity, Demosix profile data, owned workspaces, networks, demos, stored video assets, uploaded images, recorder sessions, and search index records. If you own a Stripe-billed workspace, the purge deletes the Stripe customer record first, which cancels active subscriptions and removes saved payment methods. If you have paid Network membership or creator payout records, Stripe and Demosix may retain the minimal billing, payout, invoice, tax, fraud-prevention, or dispute-resolution records required by law or payment-network rules.

Content from terminated or banned accounts is removed through the same account-purge workflow unless we are legally required to preserve it. Stripe and Demosix may retain invoices, payment records, dispute records, minimal billing identifiers, security logs, abuse records, and support records where necessary to comply with legal, tax, accounting, fraud-prevention, dispute-resolution, or Terms enforcement obligations. Some data may remain in database backups for up to 30 days, after which it is automatically purged.

7. Law Enforcement and Legal Requests

We may disclose your personal data to law enforcement agencies, regulatory authorities, or other third parties when we believe in good faith that disclosure is necessary to:

• Comply with a legal obligation, subpoena, court order, or other legal process
• Protect the safety, rights, or property of Demosix, our users, or the public
• Investigate, prevent, or take action regarding suspected illegal activities, fraud, or violations of our Terms of Service
• Respond to an emergency involving danger of death or serious physical injury

We will notify affected users of law enforcement requests for their data unless we are legally prohibited from doing so, or we reasonably believe that providing notice would pose a risk to safety or would be futile.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing of your data
• Request portability of your data in a machine-readable format
• Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, contact us at support@demosix.com. We will respond to your request within 30 days (or sooner if required by applicable law).

9. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

• Right to know: You have the right to request information about the categories and specific pieces of personal information we have collected about you.
• Right to delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to opt-out of sale: Demosix does not sell your personal information to third parties.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your rights under the CCPA, contact us at support@demosix.com.

10. International Data Transfers

The Service is operated from and data is stored and processed in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States.

11. Cookies

We use essential cookies for authentication and session management through Clerk. We also use analytics cookies through Vercel Analytics to collect anonymous, aggregated usage data. We do not use third-party advertising or tracking cookies. You can manage cookie preferences through your browser settings, though disabling essential cookies may prevent you from using certain features of the Service.

12. Children's Privacy

The Service is not intended for children under 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children under these ages. If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete that information as promptly as possible. If you believe a child has provided us with personal information, please contact us at support@demosix.com.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you through the Service or by other reasonable means. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy.

14. Contact

Demosix is a product of Sunny Systems LLC. For privacy-related questions, to exercise your rights, or for general inquiries, contact us at support@demosix.com.