Data Handling
ScreenCraft is built with a privacy-first approach. We only store what's necessary to provide reliable service and give you full control over your data.
Overview
When you use ScreenCraft to capture screenshots or generate PDFs, data flows through our systems in a controlled manner. We've designed our infrastructure to minimize data retention while maintaining the reliability and debugging capabilities you need.
Our core principles:
- Minimal data collection: We only store what's essential for service operation
- Configurable retention: You control how long your data is kept
- No-store option: For maximum privacy, bypass storage entirely
- Transparent practices: Full visibility into what we collect and why
Data We Store
Here's a complete breakdown of what data we store and for how long:
| Data | Stored | Retention | Purpose |
|---|---|---|---|
| Target URL | Yes | 7-90 days | Debugging & usage tracking |
| URL Domain | Yes | Indefinite | Aggregated statistics |
| Auth Headers | NO | - | Never stored |
| Cookies | NO | - | Never stored |
| HTML Content | NO | - | Never stored |
| Screenshot File | Yes | 1h-30d | Download availability |
| PDF File | Yes | 1h-30d | Download availability |
What We DON'T Store
We explicitly do not store sensitive data that could compromise your security or the security of the pages you capture:
- Authentication tokens passed in headers are never logged or stored
- Session cookies you provide for authenticated captures are discarded after use
- Raw HTML content from captured pages is not persisted after rendering
- Request credentials and sensitive query parameters are stripped from logs
Retention by Plan
Data retention periods vary based on your subscription plan. Higher tiers get extended retention for files and metadata:
| Plan | File Retention | Metadata Retention |
|---|---|---|
| FREE | 1 hour | 7 days |
| PRO | 24 hours | 30 days |
| BUSINESS | 7 days | 90 days |
| ENTERPRISE | 30 days | 1 year |
Note: File retention refers to how long screenshots and PDFs remain downloadable. Metadata includes request logs, target URLs, and usage data for your dashboard.
No-Store Mode
For maximum privacy, use the noStore option. When enabled, ScreenCraft returns the
screenshot or PDF directly in the response without persisting anything to storage.
curl -X POST https://api.screencraftapi.com/v1/screenshots \
-H "Authorization: Bearer YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com", "noStore": true}'
With noStore: true:
- The screenshot/PDF is returned directly as binary data
- No file is saved to our CDN
- No download URL is generated
- Only basic request metadata is logged (for rate limiting)
- Nothing is visible in your dashboard history
Important: With no-store mode, you must handle the binary response immediately. There's no way to retrieve the file later since nothing is persisted.
Deleting Your Data
You have full control over your data and can delete it at any time.
Delete Individual Screenshots
Use the DELETE endpoint to remove a specific screenshot and its metadata:
curl -X DELETE https://api.screencraftapi.com/v1/screenshots/scr_abc123def456 \
-H "Authorization: Bearer YOUR_KEY"{
"success": true,
"message": "Screenshot deleted successfully"
}Account Deletion
When you delete your account, we permanently remove:
- All stored screenshots and PDFs
- All request history and metadata
- API keys and authentication data
- Billing information and invoices
- Usage statistics and logs
To delete your account, go to Dashboard → Settings → Delete Account.
Immediate Deletion Request
For urgent data deletion requests or GDPR/CCPA requests, contact us directly:
- Email: [email protected]
- Include your account email and the specific data you want deleted
- We process requests within 48 hours
Security Measures
We take security seriously at every layer. Here's a summary of how we protect your data:
| Layer | Protection |
|---|---|
| In Transit | TLS 1.3 encryption for all API requests |
| At Rest | AES-256 encryption for stored files |
| Access Control | API keys with scoped permissions |
| Infrastructure | SOC 2 compliant cloud providers |
| Monitoring | Real-time threat detection and alerting |
For complete details on our security practices, certifications, and compliance, see our Security page.
Questions?
If you have questions about how we handle your data:
- Email: [email protected]
- Check our Privacy Policy for legal details
- Review our Terms of Service