Privacy Policy

Thank you for choosing SnapFigma. We are committed to protecting your privacy and ensuring that your personal information is handled securely and responsibly. This Privacy Policy explains how we collect, use, and safeguard your information when you use SnapFigma.

Last updated: February 2026

1. Information We Collect

When you sign in to SnapFigma using your Figma account, we collect the following information via Figma's OAuth 2.0 API:

  • Your Figma user ID
  • Your email address
  • Your display name (Figma handle)
  • Your Figma profile image URL

This information is used solely to create and identify your SnapFigma account. We also store the screenshots you capture using the SnapFigma Chrome extension, along with the source URL and title of the page they were captured from.

2. How We Use Your Data

The data we collect is used exclusively to:

  • Create and maintain your SnapFigma account
  • Associate your saved screenshots with your account
  • Authenticate your sessions securely

We do not sell, share, or use your data for advertising or any purpose beyond operating the SnapFigma service.

3. Authentication & Session Storage

SnapFigma authenticates users via Figma OAuth 2.0 with PKCE. We never store your Figma password or OAuth access token. After sign-in, a signed JWT (JSON Web Token) — containing only your internal SnapFigma user ID — is issued and stored locally in the Figma plugin's private storage (figma.root.setPluginData). This token is scoped to the SnapFigma plugin only and cannot be accessed by other plugins or third parties. You can revoke your session at any time by signing out, which clears the stored token.

4. Data Storage & Security

Your account data (Figma ID, email, display name) and screenshots are stored in a managed PostgreSQL database hosted on our backend (api.snapfigma.com). All communication between your device and our servers is encrypted over HTTPS. We follow security best practices to protect your data against unauthorized access.

SnapFigma does not currently hold formal security certifications (such as SOC 2 or ISO27001), but our infrastructure providers maintain their own compliance certifications. We actively monitor for and respond to security vulnerability reports submitted to info@snapfigma.com.

5. Third-Party Services

SnapFigma uses the following third-party services to operate:

  • Figma — for user authentication via OAuth 2.0
  • Google Chrome — for the browser extension used to capture screenshots
  • UploadThing / managed storage — for hosting uploaded screenshot images

We recommend reviewing the privacy policies of these services for details on their own data handling practices. We do not share your data with any other third parties.

6. Data Deletion

You may request deletion of your account and all associated data at any time by contacting us at info@snapfigma.com. We will process deletion requests within 30 days.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Any updates will be posted here with the updated effective date.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at info@snapfigma.com.