One RecOne Rec
FeaturesHow it worksComparePricing
Sign inDownload

Privacy Policy

Last updated · March 27, 2026

Local-first · Minimal data collection · No data sales

Contents

  1. 01Overview
  2. 02Data We Collect
  3. 03Shared Videos
  4. 04Analytics
  5. 05AI Features & Local Processing
  6. 06Cookies & Local Storage
  7. 07Third-Party Services
  8. 08Data Retention
  9. 09Your Rights
  10. 10Children's Privacy
  11. 11Security
  12. 12Changes to This Policy

Overview

One Rec is a desktop screen recording application built by Damien Schneider. This policy explains what data we collect, why, and how we handle it across the desktop app and the website (onerec.app).

The short version: Your recordings stay on your device. We collect minimal data needed to run accounts, process payments, and improve the product. We never sell your data.

Data We Collect

Your recordings are yours. Screen recordings, audio, webcam footage, and edits are stored locally on your device. We never access, view, or store your content — unless you choose to share a video using our sharing feature.

When you create an account, we collect: - Email address — to authenticate your account - Name — to personalize your experience - Password (hashed) — to secure your account - Session data — including IP address and user agent for security purposes

When you subscribe to a paid plan, Stripe (our payment processor) collects: - Payment information — credit card details, billing address - Subscription status — plan tier, renewal dates

We do not store your payment card details. Stripe handles all payment data under their own privacy policy.

Shared Videos

When you use our video sharing feature, the following data is stored on our servers (powered by Convex): - Video file and optional thumbnail - Title and description you provide - Video metadata — duration, file size, format, resolution - Sharing settings — public/private, password protection, expiration date, download and embed permissions - View count

Shared videos are accessible via a unique link. You can delete shared videos at any time from your account page, and they will be permanently removed from our servers.

Analytics

We use PostHog (EU-hosted) for product analytics on both the website and the desktop app. PostHog helps us understand how features are used so we can improve the product.

On the desktop app, analytics are only active in production builds and collect: - Feature usage events (not recording content) - Error reports for crash diagnostics - Platform information (desktop)

On the website, we use PostHog server-side for error tracking.

PostHog is configured to: - Create person profiles only for identified (logged-in) users - Store data in the EU (eu.i.posthog.com) - Use localStorage for persistence (no tracking cookies on the desktop app)

You can opt out of analytics by using a browser extension that blocks PostHog, or by contacting us. We do not use analytics data to serve ads or sell to third parties.

AI Features & Local Processing

Core processing happens on your machine:

  • AI Captions — powered by OpenAI Whisper running locally. Audio is transcribed on your device and never sent to external servers.
  • Video Encoding — export and compression run natively using your system's hardware.
  • Cursor Tracking — cursor position data is captured and stored locally for smooth playback effects.

AI-powered features (YouTube title/description generation, thumbnail generation) send limited data to our servers for processing: - Video transcription text - Reference images you provide - Custom prompts you enter

These are processed and results are returned to you. We do not retain this data beyond the generation session.

Cookies & Local Storage

Website (onerec.app): - Authentication cookies — set by better-auth to maintain your login session. These are strictly necessary and cannot be disabled. - PostHog — may set cookies or use localStorage for analytics. You can manage these through our cookie consent banner.

Desktop app: - Uses localStorage for PostHog analytics persistence and app settings. - Uses encrypted local storage for authentication tokens. - Does not use browser cookies.

We do not use advertising cookies or tracking pixels from third-party ad networks.

Third-Party Services

We share data with the following services, each under their own privacy policies:

  • Convex — backend database hosting your account data and shared videos (convex.dev/privacy)
  • Stripe — payment processing for subscriptions (stripe.com/privacy)
  • PostHog — product analytics, EU-hosted (posthog.com/privacy)
  • Fontshare / Google Fonts — font delivery on the website (may log IP addresses)

We do not sell, rent, or trade your personal data to any third party.

Data Retention

  • Account data is retained as long as your account is active.
  • Shared videos are retained until you delete them or they reach their expiration date.
  • Session data is retained for the duration of the session and cleaned up after expiry.
  • Analytics data is retained according to PostHog's data retention policies.

When you delete your account, your personal data (name, email, sessions) is permanently removed. Shared videos associated with your account should be deleted before account deletion.

Your Rights

Depending on your location, you may have the following rights:

  • Access — request a copy of the personal data we hold about you
  • Correction — update inaccurate personal data via your account page
  • Deletion — delete your account and associated data from the account page
  • Portability — request your data in a portable format
  • Objection — object to processing of your data for analytics
  • Withdraw consent — withdraw consent for non-essential data processing at any time

For EU/EEA residents (GDPR): Our legal bases for processing are: contract performance (account and service delivery), legitimate interest (analytics and product improvement), and consent (non-essential cookies).

For California residents (CCPA): We do not sell personal information. You have the right to know what data we collect, request deletion, and not be discriminated against for exercising your rights.

To exercise any of these rights, contact us through the support page.

Children's Privacy

One Rec is not directed at children under 13. We do not knowingly collect personal information from children under 13 (COPPA) or under 16 (GDPR). If you believe a child has provided us with personal data, please contact us through the support page and we will delete it.

Security

We take reasonable measures to protect your data:

  • Passwords are hashed before storage
  • Authentication tokens are encrypted on the desktop app
  • Plan cache data is HMAC-signed to prevent tampering
  • All data in transit uses HTTPS/TLS encryption
  • Payment data is handled entirely by Stripe (PCI-DSS compliant)

No system is perfectly secure. If you discover a security vulnerability, please contact us through the support page.

Changes to This Policy

If we make material changes to this policy, we will update this page and the "Last updated" date. For significant changes, we may notify you via email or in-app notification.

For any questions, contact Damien Schneider through the support page.

Start recording better videos today with One Rec.

Product

  • Features
  • Pricing
  • Download
  • Integrations
  • Changelog

Compare

  • All Comparisons
  • One Rec vs Loom
  • One Rec vs Screen Studio
  • One Rec vs Cap

Resources

  • Blog
  • Use Cases
  • Documentation
  • Wall of Love

Company

  • About
  • Community
  • Support

© 2026 One Rec. All rights reserved.

Terms of ServicePrivacy Policy