Privacy Policy

Last updated: April 2026

SharePane (sharepane.com) is an EU-hosted, real-time screen-sharing and collaboration service.

Data Controller

SharePane is the controller for account data and service metadata.

Data We Collect

• Account information: display name, email, hashed password.
• Session metadata: room IDs, participant names, timestamps, configuration, audit log.
• Recordings (only when enabled): audio and video streams captured while recording is active.
• Security data: IP address, User-Agent, rate-limit buckets, active sessions.

Legal Basis

• Performance of a contract (GDPR Art. 6(1)(b)) for account and room features.
• Legitimate interests (GDPR Art. 6(1)(f)) for security and abuse prevention.
• Consent (GDPR Art. 6(1)(a)) for optional features such as session recording.

Data Retention

Account data is kept while your account is active. Audit logs and rate-limit records are retained for a limited window and then purged. Recordings are deleted after the configured retention period. Deleted accounts are permanently removed after a 30-day grace period.

Your Rights

Under the GDPR you have the right to access, rectify, export, or delete your personal data.

• Access and export via the /api/account/export endpoint.
• Deletion via DELETE /api/account.
• Rectification from your profile page.

Sub-processors

We use a small number of EU-based sub-processors:

• OVH (France) — hosting and infrastructure.
• OVH SMTP (France) — transactional email.
• Google LLC — only if you sign in with Google.

International Transfers

All primary data processing takes place within the European Union.

Security

Passwords are hashed with a modern KDF. Traffic is protected with TLS 1.2+.

Cookies and Local Storage

We use only strictly necessary storage: an auth token, your locale, and your theme.

Contact

Questions, requests, or complaints: privacy@sharepane.com.