Privacy at a glance

Your saved content should stay useful without becoming someone else's feed.

This plain-English summary explains the main privacy choices behind Cache App. The full Privacy Policy below controls.

You choose what enters Cache: bookmarks, notes, collections, and connected-source records you ask us to handle.

We use your data to run the product, secure accounts, sync connected sources, process billing, and provide the features you request.

AI-assisted features may send relevant saved content and metadata to providers only to generate requested output.

We do not sell personal data, use your Cache content for ads, or train generalized AI models on data you submit.

Effective April 21, 2026. Third-party services you connect to Cache govern their own privacy practices unless their data is processed inside Cache.

Privacy Policy

This Privacy Policy explains how CachdApp, Inc. ("Cache," "we," "us," or "our") collects, uses, discloses, and otherwise processes personal data when you use Cache App, our websites, our browser extension, public shared collection pages, and related services where we act as a data controller.

This Privacy Policy also describes your privacy rights and choices, including how to contact us about your data.

1. Collection of Personal Data

Personal data you provide to us directly

Account and profile information: your name, email address, profile image, linked provider identifiers, and session data used to sign you in and keep you authenticated.
Library and content data: bookmarks, URLs, titles, captions, thumbnails, notes, collection names and descriptions, timestamps, and similar content you save, import, organize, share, or export through Cache.
Feedback and communications: messages you send us, feedback you submit in the product, and related context such as the page where you submitted that feedback.
Billing and subscription data: plan selection, billing interval, subscription status, Stripe customer and subscription identifiers, and related transaction metadata. Payment card details are processed by Stripe and are not stored directly by Cache.

Personal data we receive automatically

Device, browser, and connection information: IP address, browser type, user agent, device and operating system signals, time zone, and similar technical information.
Usage and log information: pages or features used, timestamps, request metadata, error logs, performance data, and troubleshooting information generated when you use the service.
Cookies and similar technologies: data used to maintain sessions, protect accounts, remember preferences, and understand product usage, including through analytics providers we use to help operate the service.

Personal data we collect from connected accounts and imports

Connected account records:when you link a provider account, we may receive the provider's account identifier, basic profile data, OAuth tokens, token expiry times, approved scopes, and other connection metadata needed to keep the integration working.
Imported source data: when you sync or import from supported sources, we may receive source-specific information such as external item IDs, URLs, titles, captions, thumbnails, filenames, mime types, timestamps, folder or playlist relationships, channel or account metadata, device identifiers, browser profile identifiers, and other metadata returned by the source or sent by the Cache browser extension.
Public collection sharing data: if you choose to create a public share link, we store a share ID and make the collection name, description, included items, and your account display name available on a read-only page to anyone with the link.

AI-assisted feature inputs

If you use AI-assisted features in Cache, such as section descriptions or smart collection suggestions, we may send relevant library item content, URLs, thumbnails, extracted text, and source metadata to our AI service providers so they can generate the requested output on our behalf.

2. Uses of Personal Data

We use personal data for the following purposes:

To provide, maintain, secure, and improve Cache and the features available through your account.
To create and administer your account, authenticate you, and keep your sessions active.
To connect third-party accounts, import or sync saved content, and keep your library up to date across supported sources.
To let you organize, search, annotate, export, and share your saved content, including through public collection links you intentionally enable.
To process subscriptions, billing, checkout, and other payment-related workflows.
To generate AI-assisted summaries, categorization, and organizational suggestions when you use those features.
To monitor service performance, troubleshoot issues, debug errors, and protect against fraud, abuse, unauthorized access, and security incidents.
To respond to feedback, support requests, legal demands, and other communications.
To enforce our Terms of Service and comply with applicable law, regulation, legal process, or governmental request.
To analyze aggregated or de-identified usage trends so we can understand how Cache is used and improve the product.

We do not sell personal data. We do not use personal data you submit to Cache to train generalized AI or machine learning models of our own.

3. How We Disclose Personal Data

We may disclose personal data to the following categories of recipients:

Service providers and infrastructure vendors: providers that help us host, operate, authenticate, secure, analyze, support, pay for, or power the service, such as hosting, database, authentication, analytics, payment, logging, and AI vendors.
Connected services at your direction: when you choose to link an account, sync a source, open a provider flow, or otherwise ask us to exchange data with a third-party service to complete your request.
Public recipients: if you enable a public collection share link, anyone with that link may view the content made available on that page. We ask search engines not to index those pages, but we cannot guarantee that a shared link stays private once you distribute it.
Legal, safety, and enforcement recipients: where reasonably necessary to comply with law, protect rights or safety, investigate misuse, collect amounts owed, or enforce our agreements.
Business transaction counterparties: in connection with a merger, acquisition, financing, asset sale, bankruptcy, or similar corporate event, subject to appropriate confidentiality and legal protections.

We do not sell personal data or disclose it for cross-context behavioral advertising.

4. Rights and Choices

Depending on where you live, you may have rights to access, know, correct, delete, port, restrict, or object to our processing of your personal data, subject to applicable law and certain exceptions.

You can manage some information directly in the product, including deleting saved items, notes, collections, and disabling public collection share links.
Deleting an imported item from Cache removes it from Cache only. It does not remove the original item from the third-party service where it was first saved.
You can stop future imports from a connected account by revoking Cache's access in the connected service's settings or by no longer using that integration.
You can control cookies and similar technologies through your browser or device settings, though some features may not work properly if you disable them.
To exercise privacy rights that are not available in the product, contact notices@cachd.app. We may need to verify your identity before acting on your request.

5. International Data Transfers

Cache and our service providers may process personal data in the United States and other countries where we or our providers operate. Those countries may not provide the same level of data protection as your home jurisdiction.

Where required by applicable law, we use contractual or other lawful safeguards intended to help protect personal data when it is transferred across borders.

6. Data Retention and Security

We retain personal data for as long as reasonably necessary to provide the service, maintain your account, complete the workflows you request, comply with legal, tax, accounting, and security obligations, resolve disputes, and enforce our agreements.

Account, session, and linked-provider records may remain active while your account is active and while the relevant connection is needed for the service to work.
Imported library items, notes, collections, and related metadata remain in Cache until you remove them, close your account, or we no longer need to retain them for a lawful business purpose.
Limited data may be retained longer where necessary for fraud prevention, abuse prevention, legal compliance, audit trails, or security investigations.

We use administrative, technical, and organizational safeguards designed to protect personal data, including access controls, authenticated service requests, secret management, monitoring, and logging. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Children's Privacy

Cache is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data to us, please contact notices@cachd.app so we can investigate and take appropriate action.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date at the top of this page and may provide additional notice when appropriate.

9. Contact Information

If you have questions, complaints, or requests about this Privacy Policy or our handling of personal data, contact CachdApp, Inc. at notices@cachd.app.

10. Legal Bases for Processing

If you are in a jurisdiction that requires a legal basis for processing personal data, such as the EEA, UK, or Switzerland, we generally rely on one or more of the following bases:

Contract: where processing is necessary to provide Cache, manage your account, perform imports, and deliver paid features you request.
Legitimate interests: where processing is necessary to secure, maintain, troubleshoot, improve, and defend the service, provided those interests are not overridden by your rights and interests.
Consent: where we ask for it, including for certain connected account permissions or other uses that require consent under applicable law.
Legal obligation: where processing is necessary to comply with legal requirements, lawful requests, or regulatory duties.

11. Additional Google User Data Disclosures

If you sign in with Google or connect Google Photos, the following additional disclosures apply.

Google basic profile data: we may access your Google account identifier, name, email address, and profile image through the Google sign-in scopes openid, email, and profile.
Google Photos Picker data: when you use Google Photos import, we request read-only access through the Google Photos Picker scope https://www.googleapis.com/auth/photospicker.mediaitems.readonly. This allows Cache to create picker sessions, display your selected items, and import the Google Photos items you choose.
Selected item metadata: for the items you choose to import, we may receive media item IDs, filenames, mime types, creation timestamps, thumbnail URLs, and Google-hosted base or preview URLs returned by Google for those selected items.
How we use Google user data: only to authenticate your account, maintain the linked connection, create and manage Google Photos Picker sessions, import the items you select, secure the service, and satisfy legal obligations.
What we store: linked Google account records, approved scopes, access and refresh tokens, token expiry data, and the imported Google Photos library records you ask us to save in Cache.
Our restrictions: we do not sell Google user data, we do not use Google user data for advertising, and we do not use Google user data to train generalized AI or machine learning models.
Revocation:you can revoke Cache's Google access at myaccount.google.com/permissions.

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements where applicable.