Chapel Screen

Login

Privacy Policy

Last updated: 10th June 2026

This Privacy Policy describes how NordStack Ltd ("the Company", "We", "Us", "Our") collects, uses and protects Your information when You use Chapel Screen ("the Service"), a real-time collaborative presentation platform accessible at chapelscreen.com. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Data We Collect

Account Data

When You create an account, We collect:

  • Email address
  • First name and last name (optional)
  • Password (stored as a one-way hash, if You choose to set one)

Content Data

When You use the Service, We store the content You create, including presentations, themes, channels, and any images uploaded as part of themes. This content is synced in real time between Your devices and any collaborators You have granted access to, and is persisted in Our database.

Video Content

Videos You add to presentations are not stored on Our servers. They are uploaded directly from Your browser to bunny.net (see Third-Party Processors below), where they are encoded and stored, and from where they are streamed to viewers. We store only a reference to the video, its title (derived from the uploaded file name), its size and duration, and which presentation it belongs to. Access to a video follows the access rules of the presentation that contains it, enforced through expiring signed URLs.

Collaboration Data

When You share presentations or join teams, We process the email addresses and names of the users involved to facilitate invitations, access grants, and team membership.

Session Data

We record how You logged in (magic link or password) and when Your session was created. Sessions expire after 30 days.

Local Storage

The Service uses IndexedDB in Your browser to store presentation data locally for offline access. This data remains on Your device and syncs with Our servers when a connection is available.

Cookies

We use a single cookie (beamer_session) to manage Your login session. It is httpOnly, cryptographically signed, and expires after 30 days. We do not use advertising or tracking cookies.

Analytics

We use Plausible Analytics, a privacy-friendly analytics service that does not use cookies, does not collect personal data, and does not track You across websites. Plausible collects only aggregate usage statistics such as page views and referral sources. All data is processed within the EU.

How We Use Your Data

We use Your data to:

  • Provide, maintain, and improve the Service
  • Authenticate You and manage Your sessions
  • Sync Your content in real time across devices and with collaborators
  • Send transactional emails (login links, password change notifications, invitations)
  • Facilitate team collaboration and content sharing

Real-Time Sync and Peer-to-Peer Connections

The Service uses WebSocket connections to sync Your content through Our servers. In some cases, WebRTC peer-to-peer connections may be established directly between Your browser and those of other collaborators. Data exchanged over these connections consists of document edits and is not routed through Our servers.

Third-Party Processors

We share data with the following third-party services only as necessary to operate the Service:

  • Plausible Analytics — aggregate, anonymous usage statistics
  • Email delivery provider — to send transactional emails (login links, notifications)
  • bunny.net (BUNNYWAY d.o.o., Slovenia, EU) — video hosting, encoding, and delivery. Videos You upload are stored and processed by bunny.net. When You or a viewer plays a video, the browser connects directly to bunny.net's content delivery network, which receives technical data such as the viewer's IP address as part of serving the stream. See the bunny.net privacy policy.

We do not sell Your personal data to any third party.

Data Retention

  • Account data is retained for as long as Your account exists.
  • Session data expires after 30 days.
  • Password revocation tokens expire after 24 hours.
  • Content data (presentations, themes, channels) is retained until You delete it or Your account is closed.
  • Video files are deleted from bunny.net when the presentation containing them is deleted. Incomplete uploads are deleted automatically within 48 hours.

Data Security

We take reasonable measures to protect Your data, including signed and httpOnly session cookies, one-way password hashing, and encrypted connections (HTTPS/WSS). However, no method of transmission over the Internet is 100% secure.

Your Rights (GDPR)

If You are in the European Economic Area or the United Kingdom, You have the right to:

  • Access the personal data We hold about You
  • Correct inaccurate personal data
  • Request deletion of Your personal data
  • Export Your personal data in a portable format
  • Object to or restrict the processing of Your personal data
  • Withdraw consent at any time

To exercise any of these rights, contact us at support@chapelscreen.com. We will respond within 30 days.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify You of material changes by posting the updated policy on this page with a revised date.

Contact Us

If You have any questions about this Privacy Policy, contact us by email: support@chapelscreen.com