GetHighlights

Privacy Policy

Last updated: February 12, 2026 (Version 2026-02-12)

1. Introduction

GetHighlights ("we," "us," or "our") provides an AI-powered video highlight detection platform for action sports. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our iOS app and web application (collectively, the "Service").

We are committed to protecting your privacy. Our architecture is designed to minimize data collection — video processing happens on your device, and we only transmit lightweight proxy videos for AI analysis.

2. Data We Collect

2.1 Account Information

  • Email address (used for authentication via magic links)
  • Display name (optional)
  • Avatar image (optional)
  • Selected sport preference

2.2 Project and Clip Data

  • Project metadata (title, sport, status, export settings)
  • Source video metadata (filename, duration, resolution — not the original video file)
  • AI-detected clip timestamps, categories, confidence scores, and descriptions
  • User adjustments to clips (ratings, exclusions, boundary edits)

2.3 Video Data

  • Proxy videos: Low-resolution (720p) versions of your videos, temporarily uploaded for AI analysis. These are stored in our secure cloud storage.
  • Original videos: Never leave your device. All processing happens locally.
  • Exported videos: If you export highlights, the exported file is stored temporarily in cloud storage for download.

2.4 Subscription Data

  • Subscription status and plan type (synced via RevenueCat)
  • We do not store payment card details — all payments are processed by Apple (App Store) or the respective platform

3. How We Use Your Data

  • Authentication: To verify your identity and manage your account
  • AI Video Analysis: Proxy videos are sent to Google Gemini for highlight detection (see Section 5)
  • Service Delivery: To store your projects, clips, and export settings
  • Subscription Management: To verify your subscription status and grant access to features

We do not use your data for advertising, profiling, or selling to third parties. We do not use analytics or tracking tools.

4. Legal Basis for Processing (GDPR)

We process your data under the following legal bases:

  • Consent: AI processing of your video data requires your explicit consent, which you can withdraw at any time
  • Contract: Account management and service delivery are necessary to fulfill our agreement with you
  • Legitimate Interest: Security measures and abuse prevention

5. Third-Party Data Processors

We share data with the following third-party services, each acting as a data processor:

ServiceData SharedPurpose
Supabase (AWS)Account data, projects, clips, video filesDatabase, authentication, and file storage
RevenueCatUser ID, subscription statusCross-platform subscription management
Google GeminiProxy video files (720p, temporary)AI highlight detection and subject analysis

AI Processing Disclosure: When you analyze a video, a low-resolution proxy is sent to Google Gemini via their Generative AI API. Google processes the video to detect highlight moments. The proxy video is deleted from Google's servers after processing. Your original full-resolution video never leaves your device. This processing requires your explicit consent.

6. Data Retention

  • Account data: Retained for the lifetime of your account
  • Projects and clips: Retained for the lifetime of your account
  • Proxy videos: Stored until you delete the project or your account
  • Exported videos: Stored until you delete the project or your account
  • Deleted accounts: All data is permanently deleted immediately upon account deletion
  • Audit logs: Anonymized compliance records are retained indefinitely

7. Your Rights

Under GDPR and CPRA, you have the following rights:

  • Right of Access: Download all your data in JSON format from your account settings
  • Right to Deletion: Delete your account and all associated data from your account settings
  • Right to Data Portability: Export your data in a machine-readable format (JSON)
  • Right to Withdraw Consent: Withdraw AI processing consent at any time from your account settings. This will prevent future video analysis but will not delete existing clips.
  • Right to Rectification: Update your profile information at any time
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

You can exercise these rights directly through the Privacy & Data section in your account settings, or by contacting us at privacy@gethighlights.com.

8. Data Security

We implement the following security measures:

  • Row-Level Security (RLS) on all database tables — users can only access their own data
  • All data is encrypted in transit (TLS) and at rest
  • Authentication uses secure, passwordless magic links
  • No tracking cookies, analytics scripts, or third-party advertising
  • Storage access is controlled by per-user folder isolation

9. International Data Transfers

Your data may be processed in the United States through our service providers (Supabase, Google, RevenueCat). These transfers are protected by appropriate safeguards including Standard Contractual Clauses (SCCs) as required by GDPR.

10. Children's Privacy

Our Service is not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date and, for significant changes, through an in-app notification requiring re-acceptance.

12. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at:

Email: privacy@gethighlights.com