Last updated: July 7, 2026
Silma ("we", "us", "our") is operated by Joonas Soininen, based in the United States. This policy describes how we collect, use, and protect your personal data when you use contentsnipe.com and related services. It applies to all users regardless of location. We are committed to complying with applicable privacy laws including the EU General Data Protection Regulation (GDPR) for users in the EU/EEA.
Account information: Email address, name, and profile image when you sign up via Google OAuth or email/password.
Content you submit: Instagram Reel and TikTok URLs you submit, video frames extracted from videos you upload for Pre-Check analysis, AI-generated analysis results, and content suggestions. Pre-Check normally extracts these frames in your browser and uploads only the frames. If your browser cannot decode a video's format (for example, HEVC/H.265 from some phones), we upload the full video so our servers can extract the frames, then delete that video immediately after processing.
Brand profile: Niche, target audience, content pillars, tone, differentiator, and any brand document (PDF or text) you upload voluntarily.
Chat messages: Conversations with our AI assistant (Silma) are stored to provide context across sessions.
Watchlist data: Competitor account handles you add to your watchlist and the associated content analysis results.
Connected Instagram account (optional): If you connect your Instagram professional account, we access, through Meta's Instagram Graph API, your profile, your list of posts, and per-post insights (reach, views, saves, shares, watch time, and total interactions). We store these insights to compute which of your content techniques perform best ("what works for you"). We never receive your Instagram password; access is granted by an Instagram authorization token that you can revoke at any time by disconnecting in the app.
Content history: Ideas you save, mark as posted, and outcome ratings you log.
Payment information: Processed securely by Stripe. We never store your card details.
Device identifier: A non-persistent device identifier generated in your browser to prevent multi-account abuse on the free tier. This identifier is not shared with third parties.
Usage data: Feature usage counts, submission timestamps, and error logs for service reliability.
We process your personal data under the following legal bases:
Where we rely on legitimate interest, you have the right to object. See Section 7 for how to exercise your rights.
We do not use your data to train AI models. Your content is sent to our AI provider solely to generate results for you.
We share data with the following categories of service providers only as necessary to operate the Service. All providers are contractually required to protect your data and process it only for the purposes we specify.
We do not sell your data to third parties.
We are based in the United States. If you are located in the EU/EEA or another jurisdiction with data transfer restrictions, your personal data will be transferred to and processed in the United States and potentially other countries. For EU/EEA users, we rely on appropriate transfer mechanisms such as the European Commission's Standard Contractual Clauses (SCCs) where required. By using the Service you acknowledge that your data may be processed in countries outside your own, including countries that may not provide the same level of data protection as your home country.
We retain your personal data for as long as your account is active or as needed to provide the Service:
If you are in the EU/EEA, you have the following rights regarding your personal data. To exercise any of these rights, contact us at support@contentsnipe.com. We will respond within 30 days.
You also have the right to lodge a complaint with the data protection authority in your country of residence. EU/EEA residents can find their national authority at edpb.europa.eu.
We use industry-standard security measures including encrypted connections (HTTPS/TLS), hashed API keys, signed access tokens, and encrypted session management. Stored data is encrypted at rest by our infrastructure providers. Access to personal data is restricted to systems and processes that require it to provide the Service.
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours as required by GDPR Article 33, and notify affected users without undue delay where required by Article 34.
We use essential cookies only — specifically an httpOnly session cookie for authentication. We do not use tracking or advertising cookies.
The Service is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.
We may update this policy from time to time. Material changes will be communicated via email. Continued use of the Service after changes constitutes acceptance.
For privacy-related inquiries or to exercise your rights: support@contentsnipe.com