Captorify

Trust

Captorify security

The security boundary between local free workflows and paid cloud features, how data is protected, how access is controlled, and how to report concerns.

Contact support

How Captorify is built

Captorify runs as a browser extension paired with an optional cloud service. The extension captures and edits screenshots in your browser, and the cloud service exists only to sync and share captures for users on a paid plan.

These two paths are deliberately separate. Free capture happens entirely in the browser, and the cloud is involved only when you choose to sync or share on Pro or Team.

Local versus cloud boundary

On the free tier the extension makes no network calls to any captorify.com endpoint. There is no telemetry, no analytics, and no error reporting, and a CI test on our public source keeps every captorify.com reference confined to the paid modules, so the free capture path cannot reach our servers.

If you only use the free extension, Captorify never receives data about you, your captures, or your browsing. Cloud storage applies only after you opt into Pro or Team sync.

  • Free captures are processed locally in your browser.
  • No data leaves your device on the free tier.
  • Cloud storage applies only to paid sync and sharing.

Encryption at rest

Captures synced on a paid plan are stored in our cloud storage and encrypted at rest with AES-256. This protects stored files on disk.

This is encryption at rest where Captorify holds the keys. Staff with production access, a leaked storage key, or a lawful order could in principle decrypt cloud captures, so anyone who wants stronger guarantees can stay on the local-only free tier.

  • Cloud captures are AES-256 encrypted at rest.
  • Captorify holds the encryption keys.
  • The local-only free tier never reaches our servers.

Access control

Cloud accounts sign in by magic link, and sessions are tracked with hashed tokens rather than stored passwords. A capture in the cloud is reachable only by its account owner and by share links that the owner creates.

Each share link can carry an optional password and an optional expiry, and it can be revoked at any time, so access to a shared capture stays in the owner's control.

  • Magic-link sign-in with hashed session tokens.
  • Share links support optional passwords and expiry.
  • Any share link can be revoked at any time.

Data retention

Cloud captures are kept until you delete them or close your account. If a paid subscription lapses, captures stay available to the owner for a 30-day grace window, then become inaccessible and are queued for deletion.

Deleted and expired captures are purged from active storage within 30 days. After the purge window, deleted captures are removed from active storage and not retained.

  • Cloud captures are kept until you delete them or close the account.
  • A 30-day grace window follows an unpaid lapse.
  • Purged from active storage within 30 days of deletion or expiry.

Reporting a concern

If you find a security issue or have a question about how data is handled, contact support and we will look into it. Please include the steps to reproduce and any affected URLs so we can act quickly.

For data export, correction, or deletion requests, the privacy contact on our privacy page is the fastest route.

Related

Features
Secure sharing Controlled screenshot sharing helps teams avoid permanent attachments when sensitive context is involved.
Redaction
More
Permissions Which permissions are optional or required, and how local free behavior differs from paid cloud behavior.
Privacy Support