Privacy Policy

What we collect

When you use klunk, the following data is created:

• The video file you upload. Stored on our server temporarily so the pipeline can read it.
• The output bundle: screenshots extracted from your video, video clips, prose walkthroughs, and a master report. Also temporary.
• Job metadata: a randomly-generated job ID, file size, original filename, timestamps, the number of bugs found, and basic status flags (queued / processing / completed / failed). Stored in a small SQLite database on the same server.
• Standard server logs: IP address, user-agent, request paths. Standard web server stuff, used only to diagnose problems.

We do not collect your name, email, account, payment info, or anything else identifying — there are no accounts on klunk right now.

How long we keep it

Your uploaded video is deleted within 6 hours of upload. The output bundle (screenshots, clips, markdown) is deleted on the same schedule. If our server is running low on disk space, both get deleted sooner.

Job metadata (the SQLite row — job ID, status, bug count, timestamps) is kept longer for service-level monitoring and to power the /jobs index page. We may purge old metadata rows periodically.

Standard web server logs are retained for up to 30 days for debugging and security purposes, then rotated out.

Who we share it with

To deliver the service we use a small set of third parties:

• Google Gemini API (Google LLC) — the video is sent to Gemini for analysis. According to Google's API terms, content sent via the paid Gemini API is not used to train Google's models.
• Cloudflare R2 (Cloudflare, Inc.) — your upload transits through Cloudflare's edge during the multipart upload, then is pulled to our server. The R2 staging object is deleted as soon as we have the file.
• Cloudflare — our DNS, CDN, and reverse proxy. Cloudflare sees the metadata of requests (IPs, paths, headers) per their privacy policy.
• Hetzner Online GmbH — our physical hosting provider. The box your video lives on (briefly) is physically in their data center.

We do not share your data with advertisers, data brokers, analytics providers, or anyone else. We don't run any tracking pixels or third-party analytics.

Cookies and tracking

We don't use tracking cookies, marketing cookies, or third-party analytics. The site doesn't need to set any cookies to function. If your browser shows a Cloudflare anti-bot cookie, that's a CDN-level thing not under our control.

Your rights

Because klunk doesn't have user accounts and deletes your data within hours, most data-protection rights (access, correction, deletion) are effectively automatic. If you want us to delete a specific job before its 6-hour expiry, or have any other privacy question, email [email protected] with the job ID and we'll handle it within 72 hours.

Security

Uploads go over HTTPS. The server is behind Cloudflare with TLS termination and a firewall. The SQLite database lives only on the server, not in any cloud DB. We do not use the data for any purpose other than producing your report.

No system is perfectly secure, and klunk is built by a small team (currently one person). If you discover a security issue, please email [email protected] — we'll respond fast and credit you if you'd like.

Children

klunk is intended for software developers and product teams. It is not designed for, or directed at, children under 16. We don't knowingly accept uploads from children.

International users

klunk's servers are currently located in Germany (Hetzner Falkenstein). By using the service from outside the EU you consent to your data being processed in the EU and (briefly, via Gemini) in Google's processing regions.

Changes to this policy

If we change this policy we'll update the date at the top. For any meaningful change to data handling, we'll also note it on the home page or About page so you actually see it.

Contact

Email [email protected]. We don't have a legal team — you're talking to a real person.