StepBinder Knowledge captured in real time

Privacy policy

Effective date: June 5, 2026 · Last updated: June 5, 2026

Short version

StepBinder has two parts with different privacy profiles: the App runs in your browser and keeps your documentation on your device; the marketing website is a normal site that collects limited information when you join the Preview waitlist or browse our pages.

1. Overview

StepBinder (“StepBinder,” “we,” “us,” or “our”) is operated by Stepbinder and provides browser-based software that helps teams turn screen capture into documentation such as knowledge-base articles, SOPs, and change-control packs.

This Privacy Policy is organized in three parts:

  • Part I — The StepBinder App: the browser-local documentation tool, including Private Preview builds.
  • Part II — The marketing website: our public site at stepbinder.com and related pages.
  • Part III — General provisions: rights, international transfers, and contact information that apply across both.

By using the App or the marketing website, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2. Scope

2.1 Definitions

  • App — the StepBinder web application you use to capture screens, edit steps, and export documents.
  • Marketing website (or Site) — our public marketing and informational pages, including the Preview waitlist.

2.2 Data controller

For applicable privacy laws, StepBinder is the data controller for personal information collected through the marketing website and for any waitlist or contact data we receive directly. The App’s documentation workflow, by design, does not send your captures or exports to StepBinder.

2.3 Not legal or medical advice

This policy describes our privacy practices. It is not legal advice, and it does not certify StepBinder for any specific regulatory framework. Organizations that handle personal, confidential, or regulated information remain responsible for their own compliance programs, policies, and downstream handling of exported files.

The App is local-first. In normal use, documentation you create — screenshots, annotations, notes, and exports — stays on your device. We do not operate a cloud repository of your documents, and we do not require a StepBinder account for core capture, editing, or export.

3.1 What we do not collect

When you use the App in its standard workflow, StepBinder does not:

  • upload your screen captures, session data, or exported documents to StepBinder servers;
  • run analytics, error reporting, or AI analysis on your document content;
  • sync your work to a vendor-operated document workspace.

Loading the App from our hosting provider delivers static application files over HTTPS, similar to downloading software. That delivery does not include the content of what you document.

3.2 What stays on your device

The App stores information locally in your browser and on storage you choose when saving or exporting files. Depending on your settings and usage, this may include:

  • screen captures and edited steps held in browser memory during an active session;
  • autosaved sessions, recent-session thumbnails, and settings stored in the browser’s IndexedDB;
  • preferences and feature flags in localStorage (for example, offline-mode status);
  • optional profile fields you enter in the App (such as author name or company logo); and
  • files you export or save — PDF, Word, HTML, or .stepbinder session files — to locations you select on your device or network.

Autosaved App data in IndexedDB is encrypted at rest using AES-256-GCM with keys bound to your browser on that device. Exported files are not encrypted by StepBinder unless your organization applies its own storage or device encryption.

3.3 Limited network activity

Even though your documentation stays local, the App may make limited network requests, including to:

  • download or update App files from our hosting provider;
  • load bundled example templates shipped with the App; and
  • support optional offline mode after an initial load.

These requests do not transmit your captures or finished documents as part of the core workflow. You can enable offline mode so ongoing work does not require an internet connection after the App has loaded.

3.4 Preview access

Private Preview builds may require an invite password before the App loads. When you sign in, we issue a short-lived session cookie so your browser can access the Preview. That cookie identifies an authenticated Preview session; it does not contain your documentation content.

3.5 Local storage and similar technologies

The App uses browser storage — including IndexedDB and localStorage — to save sessions and settings on your device. These are not website “cookies,” but they serve a similar persistence function. You can clear them at any time through your browser’s data settings, which will remove locally stored App sessions and preferences.

3.6 Your content and sensitive information

You control what appears on your screen and what you export. Screen captures may contain personal, confidential, or regulated information depending on your environment. StepBinder provides manual redaction tools, but does not automatically detect or remove sensitive data.

You are responsible for:

  • determining whether StepBinder is appropriate for your environment and policies;
  • reviewing captures before export;
  • using redaction where required; and
  • securing devices, exports, and shared files according to your organization’s rules.

If you export or email files outside the App, those actions are outside this policy and subject to the practices of the systems you use.

3.7 Data retention (App)

App documentation and autosaved sessions remain on your device until you delete them, clear browser storage, or remove App data for that browser profile. StepBinder does not hold copies on our servers because that content is not uploaded in normal use.

3.8 Security (App)

We deliver the App over HTTPS and encrypt autosaved data at rest in IndexedDB using AES-256-GCM. Because documentation lives on your device, your organization’s endpoint security — device login, disk encryption, MDM policies, and export controls — is an essential part of protecting sensitive information. You are responsible for using redaction tools where appropriate before export and for choosing secure destinations for exported files.

The marketing website at stepbinder.com works like a conventional site. When you browse it, submit the Preview waitlist, or contact us, StepBinder and our service providers may process limited personal information as described below.

Nothing you type into the App’s documentation workflow is sent to us through the marketing website.

4.1 Preview waitlist

If you request access to the StepBinder Preview, we collect the information you submit, which typically includes:

  • work email address;
  • company name;
  • job function or role (from a fixed list you select); and
  • technical metadata such as submission time and referring page URL.

Waitlist submissions may be processed through Formspree or another form provider we configure, and may also be forwarded to an internal webhook or inbox we operate.

Waitlist form contents are not sent to Google Analytics or similar analytics tools.

4.2 Analytics

We use Google Analytics on the marketing website to understand aggregate traffic — for example, page views, approximate geography, device type, and referral source. Google may set cookies or use similar technologies as described in Google’s Privacy Policy.

We do not use analytics in the App to track document content. You can limit analytics collection through browser settings, ad/tracking blockers, or Google’s opt-out tools where available.

4.3 Security checks (CAPTCHA)

We may use a CAPTCHA provider — such as Cloudflare Turnstile, hCaptcha, or Google reCAPTCHA — on the waitlist form to reduce spam and abuse. Those providers may collect device and interaction signals needed to perform the check. Their use is governed by their respective privacy policies.

4.4 Hosting and server logs

The marketing website is served through hosting and content-delivery providers (for example, Vercel). Like most websites, they may automatically log technical data when you visit — such as IP address, browser type, requested URL, timestamp, and HTTP status. We use these logs for security, reliability, and troubleshooting of the Site.

4.5 Contact and support email

If you email us at hello@stepbinder.com or otherwise contact us through the Site, we receive the information you choose to send (such as your name, email address, and message contents) so we can respond.

4.6 How we use website information

We use information collected through the marketing website to:

  • review Preview waitlist requests and send invitations;
  • respond to questions, support requests, and feedback;
  • monitor Site performance, security, and abuse prevention;
  • improve the marketing website; and
  • send service-related messages (for example, Preview invites).

We do not sell your personal information. We do not use waitlist data for cross-context behavioral advertising.

4.7 Cookies on the marketing website

The marketing website may set cookies including:

  • analytics cookies set by Google Analytics; and
  • session cookies used when Preview access to the App is gated behind a sign-in flow.

Most browsers let you block or delete cookies. Blocking cookies may affect Site analytics or Preview sign-in but does not change the local-only design of the App’s documentation workflow.

4.8 Data retention (marketing website)

  • Waitlist and contact records are kept as long as needed to manage Preview access and communicate with you, then deleted or anonymized when no longer needed unless law requires longer retention.
  • Analytics data is retained according to our analytics configuration and Google’s settings.
  • Server logs for the marketing website are kept for a limited period for security and operations, then rotated or deleted.

5.1 Your privacy rights and choices

Depending on where you live, you may have rights to access, correct, delete, or obtain a copy of personal information we hold about you; to object to or restrict certain processing; and to withdraw consent where processing is consent-based.

To exercise these rights, email hello@stepbinder.com. We may need to verify your request. We will respond within the timeframe required by applicable law.

Note about the App: because your documentation stays on your device, StepBinder generally cannot access, export, or delete App session content on your behalf. You can remove it by clearing browser storage on your device.

5.2 United States state privacy laws

Residents of California and certain other U.S. states may have additional rights, including the right to know categories of personal information collected, to request deletion, and to opt out of “sales” or “sharing” for cross-context behavioral advertising. StepBinder does not sell personal information or share it for cross-context behavioral advertising as those terms are commonly defined.

You may designate an authorized agent where your state law allows. We will not discriminate against you for exercising privacy rights.

5.3 Legal bases (EEA, UK, and Switzerland)

Where the GDPR or similar laws apply to marketing website data, we rely on the following bases:

  • Contract — to provide Preview access or respond to requests you submit.
  • Legitimate interests — to secure our services, understand Site usage, prevent fraud, and communicate about the Preview, balanced against your rights.
  • Consent — where required for optional cookies or marketing communications; you may withdraw consent at any time.
  • Legal obligation — where we must retain or disclose information to comply with law.

5.4 EEA / UK complaints

If you are in the EEA or UK and believe we have not addressed your concern, you may lodge a complaint with your local supervisory authority.

5.5 Marketing communications

You can opt out of non-essential promotional emails by using the unsubscribe link in a message or by contacting us. We may still send transactional or service messages related to Preview access.

5.6 International transfers

StepBinder is based in the United States. If you access the marketing website from outside the U.S., your information may be processed in the U.S. and other countries where our service providers operate. Those countries may have data-protection laws that differ from yours. Where required, we use appropriate safeguards such as standard contractual clauses for transfers of personal data.

5.7 Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where appropriate, provide additional notice on the marketing website. Continued use after changes become effective means you accept the updated policy.

5.8 Contact us

Questions about this Privacy Policy or our privacy practices:

Stepbinder
StepBinder
Email: hello@stepbinder.com
Web: https://www.stepbinder.com

See also: Terms of use