← Skipd

Privacy Policy

Last updated: April 2026

1. Who we are

The Hub HQ LTD [COMPANY NUMBER] is the data controller for personal data processed through the Skipd service, available at skipd.ai. Contact: legal@skipd.ai

2. What data we collect

We collect the following data: • Email address — authentication and transactional emails • Name and profile photo — from Google OAuth, for account personalisation • IP address — rate limiting and security (retained 30 days) • Monthly usage counters — Free/Pro quota management • YouTube URLs submitted — summary generation, not retained after processing • Free-text feedback — service improvement • Payment data — collected by Stripe; Skipd never stores card details • Video transcripts — sent to OpenAI for summary generation, not retained after processing

3. Legal basis for processing

• Authentication: performance of contract (Art. 6.1.b) • Rate limiting (IP): legitimate interests (Art. 6.1.f) • Feedback: consent (Art. 6.1.a) • Payment: performance of contract (Art. 6.1.b) • Analytics: legitimate interests (Art. 6.1.f)

4. Data retention

• Account data: until account deletion + 30 days • IP addresses: 30 rolling days • Usage counters: reset monthly, deleted on account closure • YouTube URLs: not retained after summary generation • Payment data: retained by Stripe per their legal obligations • Feedback: 2 years from submission

5. Sub-processors

We work with: Supabase (database, EU-West), OpenAI (summary generation, US), Vercel (hosting, US), Resend (email, US), Supadata (transcription, DPA under verification), Stripe (payments, US/Ireland), Google (OAuth & YouTube API, US). All transfers outside the EEA are governed by Standard Contractual Clauses (SCCs).

6. Your rights

Under the GDPR, you have the right to access, rectify, erase, port, object to, and restrict processing of your personal data. To exercise your rights: legal@skipd.ai — response within 30 days. You can delete your account from the account menu. Complaints: ICO (ico.org.uk) or CNIL (cnil.fr).

7. Cookies

Skipd uses only functional cookies (Supabase Auth session, theme preference). No advertising or tracking cookies without your consent. A cookie banner lets you manage your preferences.

8. Security

We apply encryption in transit (HTTPS/TLS), row-level security (RLS) on the database, restricted admin access, and prompt injection protection on the processing API.

9. Contact

The Hub HQ LTD [COMPANY NUMBER] Email: legal@skipd.ai Website: skipd.ai