Skippr | AI Agents That See, Speak, and Act

Company: Skippr Ltd. ("Skippr", "we", "us", "our")

Registered office: 99 Milton Keynes Business Centre, Foxhunter Drive, Linford Wood, Milton Keynes, Buckinghamshire MK14 6GD, England

Email: privacy@skippr.ai | DPO: dpo@skippr.ai

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use:

Our websites (e.g., skippr.ai, skippr.com) and any page that links to this Policy;
Our Mentor product (Chrome browser extension and web-based screen sharing via skippr.ai);
Our Specialist product (multimodal AI agent deployed via live video call, session link, SDK, website embed, or in-product module);
Our waitlist, community spaces, and support channels; and
Other services that reference this Policy (together, the "Services").

If you do not agree with this Policy, please do not use the Services.

Quick Summary (At-a-glance)

Two products. Mentor is our on-demand page/application analysis tool, available via Chrome extension or web-based screen sharing on skippr.ai. Specialist is our multimodal AI agent that runs live demo, onboarding, upsell, and support sessions.
Two user models. You may use the Services as a Direct User (for your own purposes) or as a Client deploying Specialist to your own customers and prospects ("End Users").
Website vs. product roles. For the website/app, Skippr is the Controller. For Mentor analyses and Specialist sessions deployed to End Users, you (or your organization) are the Controller; Skippr acts as your Processor (DPA available on request).
Mentor: captures stored for your project. When you run an analysis (via extension or screen share), Mentor captures screenshots and/or screen-shared content, saved to your project for reports and history. You control sharing and export.
Specialist: sessions may be recorded. Specialist sessions may include video, audio, screen capture, and transcript recordings. Session analytics and Derived Output are stored in your workspace.
Client obligations. If you deploy Specialist to End Users, you must inform them that the session is conducted by an AI, may be recorded, and that they can request data deletion via privacy@skippr.ai or through your own privacy process.
LLM use without direct identifiers. We may use trusted AI Processing Services. We do not include account emails or similar direct identifiers in those requests.
Cookies (website only). Non-essential cookies/analytics run only with consent where required.
No sale; limited sharing. We do not sell personal information. Website advertising tools, if used, may be considered "sharing" in some US states; we provide an opt-out and honor Global Privacy Control (GPC) where required.
Your rights & deletion. You (and End Users) can request permanent deletion by email; in-product "delete" is archive only.

Definitions
Information We Collect
How We Use Information
Legal Bases (EU/UK)
When We Share Information
Cookies and Similar Technologies (Web)
Retention
Security
International Transfers
Children
Your Privacy Rights
End User Privacy Rights
Do-Not-Track & Global Privacy Control
California Notice (CPRA/CCPA)
Mentor Privacy Disclosures
Specialist Privacy Disclosures
Client Obligations When Deploying Specialist to End Users
Updates
Governing Law
Contact
Access/Deletion Requests
Roles & Your Responsibilities (Controller/Processor)

1) Definitions

Mentor: Skippr's product for on-demand analysis of web pages and applications, available via (a) the Chrome browser extension and (b) the skippr.ai website using browser-based screen sharing.
Specialist: Skippr's multimodal AI agent that conducts live sessions (demos, onboarding, upsells, implementation, support) via video call, session link, SDK, embed, or in-product module.
Direct User: An individual or organization using Mentor or Specialist for their own internal purposes.
Client: An organization that deploys Specialist to interact with its own End Users.
End User: A third party (e.g., a Client's customer, prospect, or user) who participates in a Specialist session deployed by a Client.
Customer Content: Content you provide to the Services (prompts, uploads, chats, Knowledge Base materials, configuration).
Captured Content (Mentor): Content that Mentor captures during an analysis — whether via the Chrome extension (current-tab screenshot, DOM fragments, URL/title/metadata) or via skippr.ai screen sharing (shared screen content, visual captures of the shared application or page, and associated metadata).
Session Data: All content captured, generated, or processed during a Mentor or Specialist interactive session, including: screen recordings and periodic screenshots, voice recordings and audio, transcripts, participant inputs and responses, interaction analytics, and metadata. Session Data for Specialist sessions may additionally include video recordings of participants, qualification scores, and follow-up actions triggered.
Knowledge Base and Workspace Data: Product documentation, FAQs, scripts, pricing information, objection-handling guides, branding assets, agent configurations, and any other content uploaded by a Client or Direct User to their Specialist workspace for use in building, configuring, and operating agents.
Derived Output: Reports, analytics, session summaries, qualification scores, and recommendations produced by the Services from your inputs, Captured Content, or Session Data.
AI Processing Services: Third-party services used to power analysis, Specialist's conversational/visual capabilities, and Derived Output generation.
Voice Data: Audio input captured during Mentor or Specialist sessions. Voice Data is processed in real-time for speech-to-text and text-to-speech functionality. Voice recordings are also retained as part of Session Data (session recordings) per your workspace settings.

2) Information We Collect

a) Information you provide

Account details (name, work email, company, hashed password if you create one), workspace/project names, content you upload, support requests, and community contributions. Prompts, comments, and project chats you create to review and improve your application. Knowledge Base and workspace data you upload for Specialist (product docs, FAQs, scripts, pricing, branding assets, agent configurations, objection-handling guides, and any other content used to build and operate your agents). Specialist configuration (integration settings, follow-up rules, CRM mappings, recording preferences, disclosure text).

b) Information collected automatically (website/app)

Log data (IP address, device/browser info, pages viewed, timestamps) and cookie-based analytics/functional data as described in Section 6.

c) Mentor data (user-initiated only)

Mentor captures data only when you actively initiate a session or analysis. The data collected depends on which mode you use:

Chrome Extension Mode: When you run a full analysis of a page, the extension may capture:

Screenshot of the current tab and selected DOM fragments needed to assess UX/product issues;
Page URL, title, and technical metadata;
Your prompts/instructions and project context.

The extension does not monitor in the background, read other tabs, or collect browsing history.

Web Screen Share Mode (skippr.ai): When you initiate a Mentor session on skippr.ai and grant screen sharing permission, Mentor may capture:

Visual content from the screen, window, or tab you choose to share;
Screen recordings and periodic screenshots of the shared view during the session;
Page or application metadata visible within the shared content;
Your prompts/instructions and project context.

Mentor only sees content from the source you select via your browser's screen sharing prompt. It does not access anything outside the shared view. Screen sharing stops immediately when you end the session or revoke sharing permission.

Voice recording (both modes): When you use Mentor's voice features, your voice is recorded during the session. Voice recordings are:

Processed in real-time for speech-to-text (to understand your input) and text-to-speech (to deliver Mentor's responses);
Stored as part of your Session Data (session recording) in your project workspace.

Session recordings stored for your project: Mentor session recordings — including screen captures and voice recordings — are saved to your project workspace. They are used to generate your UX/product review (Derived Output), for session analytics, and to improve the Mentor agent's performance. You control whether to share or export session recordings outside your workspace.

d) Specialist session data

When a Specialist session takes place (whether you are a Direct User or a Client's End User), Specialist may collect and process:

Video and audio recordings of the session (including participant voice and, where screen sharing is active, visual content on screen);
Real-time screen captures of the product interface being demonstrated or navigated;
Transcripts of the conversation (generated via speech-to-text);
Participant inputs (text chat messages, selections, form responses during the session);
Session metadata (timestamps, duration, language, connection quality, participant identifiers such as name and email if provided);
Behavioral analytics generated during the session (qualification scores, engagement metrics, drop-off points, intent signals, interaction patterns);
Follow-up actions triggered (emails sent, meetings booked, CRM records created/updated).

Voice Data (Specialist): Audio input is processed in real-time for speech-to-text and text-to-speech. Voice recordings are retained as part of Session Data (session recordings) per your workspace settings.

Knowledge Base and workspace data: Specialist references Knowledge Base materials and agent configurations during sessions. All content you upload to your workspace (including Knowledge Base materials, branding assets, agent configurations, and other reference data) is stored in your workspace, used to operate your agents, and is not shared with other customers. You may edit and delete agents and workspace content through in-product controls at any time. For permanent deletion including backup erasure, email privacy@skippr.ai.

e) End User data (when Specialist is deployed by a Client)

When a Client deploys Specialist, we process End User personal data on the Client's behalf as their Processor. This may include:

End User name and email (if provided or collected during the session);
Voice and video of the End User during the session;
End User inputs, questions, and responses;
Behavioral data and qualification scores generated about the End User;
Follow-up data (emails sent to End User, meetings booked).

We process End User data solely on the Client's instructions and for the purposes of providing the Specialist service to the Client.

f) Diagnostics/monitoring

We collect limited telemetry (feature usage events, error rates, performance metrics) to monitor reliability and address bugs. This is not background browsing or session history.

3) How We Use Information

Provide and improve the Services. Create and secure accounts, deliver reports, operate projects/collaboration, conduct Specialist sessions, provide support, and improve features.
Mentor: analysis, reporting, and agent improvement. Session recordings (screen captures and voice) and Captured Content are used to generate your UX/product review and Derived Output, provide session analytics, and improve the Mentor agent's accuracy and performance. Advanced analysis uses our servers and AI Processing Services.
Specialist: sessions, analytics, client improvement, and follow-up. Session Data (including screen and voice recordings, transcripts, and analytics) is used to: power real-time conversational AI and visual understanding; generate session analytics and Derived Output; enable Clients to review session recordings, improve session quality, and follow up with participants; and improve the Specialist agent's accuracy and performance. Knowledge Base materials are retrieved during sessions to inform responses. Follow-up actions (emails, meeting bookings, CRM updates) are triggered as configured by you.
Communications. Service and security notices; with your consent where required, product updates and marketing. We do not use End User contact details for Skippr's own marketing.
Security and compliance. Detect and prevent fraud/abuse, meet legal obligations, and enforce terms.

LLM/AI clarity: For both Mentor analyses and Specialist sessions, we transmit only the content and prompts necessary for the task, plus minimal technical context (e.g., language, anonymized workspace ID). We do not include account emails or similar direct identifiers in AI requests. Our contracts restrict AI processors from using your content for model training or advertising.

4) Legal Bases (EU/UK)

We rely on:

Contract (to provide core services you request);
Legitimate interests (to secure and improve services, deliver analyses and sessions you request as controller);
Consent (marketing emails; non-essential website cookies/analytics where required);
Legal obligations (tax/accounting, responding to lawful requests).

Where we store captures or Session Data in your workspace, our legal basis is performance of a contract and/or our legitimate interests, balanced with your controls and rights.

For End User data processed on behalf of Clients, the Client determines the legal basis as Controller. Skippr processes such data as Processor on the Client's instructions.

5) When We Share Information

We do not sell personal information. We share information only with:

Service providers / sub-processors (categories): cloud hosting, storage/backup, security and monitoring, analytics (web), payment processing, customer support, product/design tooling, AI Processing Services (for Mentor analysis and Specialist sessions), and — where configured by the Client — CRM platforms, calendar services, and email delivery services.
Third-party integrations configured by you: When you (as Direct User or Client) configure Specialist to send data to CRM systems (e.g., Salesforce, HubSpot), calendar tools (e.g., Calendly), email platforms, or other services, we transmit data to those systems on your behalf and per your instructions. Those systems' own privacy policies apply.
Corporate events: In M&A/financing scenarios we will continue to protect data as described here.
Legal: Compliance with law, safety and rights protection; fraud/abuse prevention; responding to lawful requests.
At your direction: When you integrate or export to services you choose.

If our websites use advertising or remarketing tools, that may be "sharing" for cross-context behavioral advertising in certain US states. You can opt out via our "Do Not Sell or Share My Personal Information" link and via GPC signals where applicable.

We maintain a current list of sub-processor categories and can provide details upon request.

6) Cookies and Similar Technologies (Web)

Essential cookies operate the site (auth, security, load balancing).
Non-essential (analytics, A/B testing, advertising) run only with your consent where required.
You can manage or withdraw consent at any time via "Cookie Settings".

Cookies do not apply to Mentor extension storage or Specialist sessions; those are covered in their respective sections.

7) Retention

We keep personal information only as long as needed for the purposes described or as required by law.

Account/workspace data: Until you delete your account or we no longer need it to provide the Services.
Mentor: Session recordings (screen captures, voice recordings), project chats, prompts, derived analyses, and Captured Content (screenshots, DOM fragments, screen-shared content): 12 months by default (workspace-configurable) or until we process your permanent deletion request.
Specialist: Session recordings (video, audio, screen, transcripts), analytics, and Derived Output: 12 months by default (workspace-configurable) or until we process your permanent deletion request.
Knowledge Base and workspace data (agent configurations, branding assets, other uploaded content): Retained until you delete them through in-product controls or your account is terminated. You may edit and delete agents and Knowledge Base materials at any time within the product. For permanent deletion (including erasure from backups), email privacy@skippr.ai.
End User Session Data (both products): Retained per the Client's workspace settings (default 12 months) or until permanent deletion is requested by the Client or the End User (via either privacy@skippr.ai or the Client directly).
Follow-up records (emails, CRM entries): Retained per workspace settings. Note that copies transmitted to third-party systems (CRM, email platforms) are subject to those systems' retention policies.
Support tickets: Approximately 3 years after resolution.
Billing/transaction records: 7 years (legal requirement).
Website cookies/analytics: Per tool settings and your consent choices.

Archive vs. permanent deletion: In-product "Delete" currently archives items and removes them from normal views; it does not immediately erase underlying data. To request permanent deletion, follow Section 21. Once approved, we erase data from active systems within 30 days, and from encrypted backups on the next scheduled rotation (typically within 35 additional days). Where data was sent to approved processors, we instruct them to delete corresponding copies within 30 days, subject to their technical and legal limits.

8) Security

We use reasonable and appropriate safeguards, including encryption in transit/at rest (where applicable), role-based access controls with MFA for staff, secure development practices, logging/monitoring, vulnerability management, and an incident response process.

Session recordings and transcripts are encrypted at rest. Access to Session Data is restricted to authorized workspace members based on their role.

9) International Transfers

We operate from the United Kingdom with cloud infrastructure in the EEA and United States. Where required, we use recognized transfer mechanisms (e.g., adequacy decisions, standard contractual clauses with UK addendum, or other appropriate safeguards).

10) Children

The Services are not directed to children under 13 and both Mentor and Specialist are intended for professional/business use. We do not knowingly collect personal information from children. If we learn we have, we will delete it.

Clients deploying Specialist must not knowingly direct sessions at children under 13 (or the applicable age of consent in relevant jurisdictions).

11) Your Privacy Rights (Direct Users and Clients)

Depending on your location, you may have rights to access, correct, delete (including permanent deletion of captures, Session Data, and project artifacts by request), restrict or object, withdraw consent, or data portability. You may also opt out of marketing at any time.

EU/UK: You may lodge a complaint with your local supervisory authority.
US states with privacy laws: You may have rights to know, delete, correct, and to opt out of targeted advertising ("sharing"). We honor GPC signals where required.
Canada: You may access/correct your data and ask about cross-border processing and safeguards.

Contact privacy@skippr.ai to exercise your rights. We verify requests and respond within required timeframes.

12) End User Privacy Rights

If you are an End User who has participated in a Specialist or Mentor session deployed or conducted by a Client or another organization, you have the following rights. You may exercise these rights through either of two paths:

Contact Skippr directly at privacy@skippr.ai; or
Contact the Client (the organization that deployed or conducted the session) through their own privacy or data subject request process.

Skippr will honor requests received through either path.

a) Right to Know

You may request information about what personal data was collected during your session, how it was used, and with whom it was shared.

b) Right to Access

You may request a copy of the personal data collected about you during a Specialist session, including session recordings, transcripts, and analytics.

c) Right to Deletion

You may request permanent deletion of your Session Data (recordings, transcripts, analytics, and any Derived Output relating to you) by emailing privacy@skippr.ai. Include:

Your name and email (as used during the session);
The approximate date and context of the session;
The name of the company/product whose session you participated in (if known).

We will identify the relevant Client workspace, verify your identity, notify the Client, and process the deletion. Erasure from active systems is typically completed within 30 days of approval; backups are overwritten on the next scheduled rotation (typically within 35 additional days).

d) Right to Correction

You may request correction of inaccurate personal data.

e) Right to Object

Where processing is based on legitimate interests, you may object.

f) Complaint

EU/UK End Users may lodge a complaint with their local supervisory authority. US End Users have rights under applicable state privacy laws.

Important: Where a session was deployed by a Client, the Client is the data Controller for your data. Skippr processes your data as the Client's Processor. You may contact either the Client or Skippr directly — both paths are valid. Skippr will independently honor deletion requests received at privacy@skippr.ai regardless of which path you use.

13) Do-Not-Track & Global Privacy Control

We currently do not respond to legacy DNT signals (no industry standard). Where required by law, we honor GPC or other recognized universal opt-out signals for "sale"/"sharing" or targeted advertising.

14) California Notice (CPRA/CCPA)

We do not sell personal information. Where our websites use advertising/remarketing tools, that may be "sharing"; opt out via the "Do Not Sell or Share" link or through GPC signals.
You have rights to know, delete, correct, and to non-discrimination.
We do not sell/share minors' personal information (under 16).
Categories collected depend on your use: Identifiers (e.g., email), Internet/Network Activity (site analytics), Commercial Info (purchases), Inferences (product interest), User Content you choose to analyze (Mentor), and Audio/Visual Information (Mentor and Specialist session recordings, including screen captures and voice recordings). See Section 7 for retention.

15) Mentor Privacy Disclosures

a) Chrome Extension Mode

Requested permissions: activeTab (access only the tab you invoke when you run a full analysis), scripting (inject analysis helpers on demand), storage (save extension preferences locally), identity (workspace sign-in), sidePanel (in-product UI).

In-product capture notice: "Skippr will capture screenshots and DOM fragments of this page and may record your voice during the session. Captures and recordings are saved to your project for reports, analytics, and to improve the service. Content may include personal data visible on the page. You control whether to share or export captures outside your workspace. Learn more: skippr.ai/privacy."

Operation statement: The extension does not run in the background, read other tabs, or collect browsing history.

b) Web Screen Share Mode (skippr.ai)

How it works: When you initiate a Mentor session on skippr.ai, your browser prompts you to select a screen, window, or tab to share. Skippr receives only the visual content of the source you select.

Browser permission: Screen sharing requires your explicit browser-level consent via the native screen sharing prompt. You may end sharing at any time by clicking "Stop sharing" in your browser or closing the Mentor session.

Pre-session notice: "Skippr Mentor will view and capture content from the screen, window, or tab you choose to share, and may record your voice during the session. Screen captures and voice recordings are saved to your project for reports, analytics, and to improve the service. Content may include personal data visible on screen. You control whether to share or export captures outside your workspace. Learn more: skippr.ai/privacy."

What Mentor does NOT do in web mode: Mentor does not access screens, windows, or tabs you have not selected for sharing. It does not install software on your device, run in the background, or retain access after you end the session.

c) How Mentor Recordings Are Used

Session recordings (screen captures and voice recordings) from both modes are used for:

Generating your report: Producing UX/product reviews, analysis, and Derived Output;
Session analytics: Understanding interaction patterns and session quality;
Agent improvement: Improving the Mentor agent's accuracy, conversational quality, and analytical capabilities;
Project history: Enabling you to review and reference past sessions within your workspace.

d) Deletion of Mentor Session Data

You may request permanent deletion of Mentor session recordings and associated data at any time. If you are a Direct User, contact privacy@skippr.ai directly. If your session was conducted on behalf of or deployed by a Client, you may contact either privacy@skippr.ai or the Client directly.

16) Specialist Privacy Disclosures

a) What Specialist Collects During a Session

Video and audio of all participants (when recording is enabled);
Real-time screen captures of the product interface;
Full transcript of the conversation;
Participant-provided information (name, email, text inputs, responses to questions);
Behavioral analytics (engagement patterns, qualification scores, intent signals);
Follow-up actions (emails, calendar bookings, CRM updates).

b) How Sessions Are Recorded

Specialist records sessions by default. The recording includes video, audio, screen captures, and transcript. Recordings are stored in the Client's or Direct User's workspace and subject to workspace retention settings.

Clients may configure recording behavior (e.g., disable recording, adjust what is captured) in their workspace settings.

c) AI Disclosure

Specialist is an AI agent. It identifies itself as AI at the start of sessions. It is not a human.

d) Multi-Language Processing

Specialist operates in multiple languages. Session content may be processed, transcribed, and stored in any language used during the session.

e) How Recordings Are Used

Session recordings (screen, voice, video, transcript) are used for:

Generating Derived Output: Session summaries, analytics, qualification scores, and follow-up recommendations;
Client review and improvement: Clients can review recordings to improve session quality, refine Knowledge Base materials, train their teams, and follow up with session participants;
Agent improvement: Skippr uses session recordings and analytics to improve the Specialist agent's accuracy, conversational quality, and performance;
Follow-up actions: Triggering configured actions such as emails, calendar bookings, and CRM updates.

f) Client Access to Session Recordings

Clients who deploy Specialist have access to session recordings, transcripts, and analytics within their workspace. Clients may use this data to review session quality, identify areas for improvement, adjust Specialist's configuration and Knowledge Base, and conduct follow-ups with End Users — all subject to their obligations as data Controller (see Section 17).

17) Client Obligations When Deploying Specialist to End Users

If you are a Client deploying Specialist to interact with your End Users, you are the data Controller for all End User personal data processed during those sessions. You must:

a) Provide Adequate Disclosure and Obtain End User Approval

Before or at the start of each session, ensure End Users are clearly informed that:

They are interacting with an AI agent, not a human;
The session may be recorded (video, audio, screen, transcript);
Session data will be processed by Skippr (as your processor), stored, and used for analytics, follow-up communications, and improving the AI agent's performance;
They may request access to or deletion of their data by contacting privacy@skippr.ai or through your own data subject request process;
A link to the applicable privacy policy is available.

End User policy approval is required. Before an End User can participate in a session, you must ensure they have reviewed and accepted the applicable Skippr policies (Terms of Service and Privacy Policy) related to the product they are using. This applies to all deployment methods (SDK, meeting link, embed, in-product module). You may satisfy this through either:

Skippr's built-in consent mechanism: A configurable consent prompt (e.g., checkbox, banner, or interstitial) displayed to the End User before the session begins. You must ensure this is enabled and the End User affirmatively accepts before proceeding; or
Your own channel: Collect the End User's acceptance through your own onboarding flow, terms page, or other mechanism before directing them to a Specialist session. You are responsible for maintaining records of acceptance.

The obligation to verify End User approval rests with you as Controller.

b) Establish a Lawful Basis

You are responsible for determining and maintaining a lawful basis for processing End User data through Specialist, including for recording, analytics, and automated follow-ups.

c) Handle Data Subject Requests

If End Users contact you directly with data subject requests (access, correction, deletion, objection), you are responsible for fulfilling them. Skippr will provide reasonable technical assistance.

If End Users contact Skippr directly at privacy@skippr.ai, we will notify you and assist in fulfilling the request.

d) Do Not Target Minors

You must not knowingly deploy Specialist sessions directed at individuals under 13 (or the applicable age of consent).

18) Updates

We may update this Policy. The "Effective Date" will change and, for material updates, we will provide reasonable notice.

19) Governing Law

This Policy is governed by the laws of England and Wales, with exclusive jurisdiction of its courts.

20) Contact

Data Protection Officer: dpo@skippr.ai

General privacy inquiries: privacy@skippr.ai

Postal: Skippr Ltd., address above.

21) Access/Deletion Requests

For Direct Users and Clients

Submit privacy requests by emailing privacy@skippr.ai from the email on your account. Include:

Request type: access, correction, permanent deletion (erasure), portability, restriction, or objection;
Scope: account, workspace, project(s), capture ID(s), session ID(s) (if known), relevant dates/URLs;
Authority: if acting for an organization, your role (e.g., workspace admin) and authorization if required.

For End Users

Submit privacy requests by emailing privacy@skippr.ai. Include:

Your name and email (as used during the session);
Request type: access, correction, permanent deletion, objection;
Session context: approximate date, the company/product whose session you participated in (if known);
Any additional identifying information that may help us locate your data.

Verification

We may verify identity and (for workspace requests) administrative authority. For End User requests, we may need to confirm identity with the relevant Client.

What We Delete

For approved permanent deletion requests, we erase specified captures (screenshots, DOM fragments, screen-shared content), Session Data (recordings, transcripts, analytics), Derived Output, project artifacts, and related metadata from active systems and instruct sub-processors to delete corresponding data. We retain data we must keep by law (e.g., billing records, security logs) for the required period only.

Note for End Users: Deletion of Session Data from Skippr's systems does not affect copies that may have been transmitted to third-party systems (e.g., CRM, email platforms) by the Client. You should contact the Client directly to request deletion from those systems.

Timelines

We respond within legal timeframes (generally 30 days). Erasure from active systems is typically completed within 30 days of approval; backups are overwritten on the next scheduled rotation (typically within 35 additional days).

Limitations

We may decline or limit a request where identity/authority cannot be verified, where it would adversely affect others' rights, or where retention is legally required. If denied, we explain why and how to appeal if applicable.

22) Roles & Your Responsibilities (Controller/Processor)

Scenario	Controller	Skippr's Role
Website/app usage	Skippr	Controller
Mentor analyses (Direct User)	You / your organization	Processor
Specialist sessions — Direct User (own use)	Skippr (account/service data); You (Customer Content)	Controller / Processor
Specialist sessions — deployed to End Users (Client)	You / your organization	Processor
End User data in Client-deployed sessions	Client is Controller	Skippr is Processor

Your responsibilities as Controller (Mentor): You determine whether to store, share, export, or request deletion of captured screenshots/DOM and are responsible for ensuring a lawful basis for processing the content you analyze.

Your responsibilities as Controller (Specialist — Client): You determine the lawful basis for processing End User data, ensure adequate disclosures are made, handle (or cooperate with Skippr to handle) End User data subject requests, and configure session recording and data routing in compliance with applicable law.

DPA: A Data Processing Addendum is available on request: privacy@skippr.ai.

Avoid capturing secrets or sensitive data unless lawful to do so, and request deletion promptly if captured in error.

Company: Skippr Ltd. ("Skippr", "we", "us", "our")

Registered office: 99 Milton Keynes Business Centre, Foxhunter Drive, Linford Wood, Milton Keynes, Buckinghamshire MK14 6GD, England

Email: privacy@skippr.ai | DPO: dpo@skippr.ai

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use:

Our websites (e.g., skippr.ai, skippr.com) and any page that links to this Policy;
Our Mentor product (Chrome browser extension and web-based screen sharing via skippr.ai);
Our Specialist product (multimodal AI agent deployed via live video call, session link, SDK, website embed, or in-product module);
Our waitlist, community spaces, and support channels; and
Other services that reference this Policy (together, the "Services").

If you do not agree with this Policy, please do not use the Services.

Quick Summary (At-a-glance)

Two products. Mentor is our on-demand page/application analysis tool, available via Chrome extension or web-based screen sharing on skippr.ai. Specialist is our multimodal AI agent that runs live demo, onboarding, upsell, and support sessions.
Two user models. You may use the Services as a Direct User (for your own purposes) or as a Client deploying Specialist to your own customers and prospects ("End Users").
Website vs. product roles. For the website/app, Skippr is the Controller. For Mentor analyses and Specialist sessions deployed to End Users, you (or your organization) are the Controller; Skippr acts as your Processor (DPA available on request).
Mentor: captures stored for your project. When you run an analysis (via extension or screen share), Mentor captures screenshots and/or screen-shared content, saved to your project for reports and history. You control sharing and export.
Specialist: sessions may be recorded. Specialist sessions may include video, audio, screen capture, and transcript recordings. Session analytics and Derived Output are stored in your workspace.
Client obligations. If you deploy Specialist to End Users, you must inform them that the session is conducted by an AI, may be recorded, and that they can request data deletion via privacy@skippr.ai or through your own privacy process.
LLM use without direct identifiers. We may use trusted AI Processing Services. We do not include account emails or similar direct identifiers in those requests.
Cookies (website only). Non-essential cookies/analytics run only with consent where required.
No sale; limited sharing. We do not sell personal information. Website advertising tools, if used, may be considered "sharing" in some US states; we provide an opt-out and honor Global Privacy Control (GPC) where required.
Your rights & deletion. You (and End Users) can request permanent deletion by email; in-product "delete" is archive only.

Definitions
Information We Collect
How We Use Information
Legal Bases (EU/UK)
When We Share Information
Cookies and Similar Technologies (Web)
Retention
Security
International Transfers
Children
Your Privacy Rights
End User Privacy Rights
Do-Not-Track & Global Privacy Control
California Notice (CPRA/CCPA)
Mentor Privacy Disclosures
Specialist Privacy Disclosures
Client Obligations When Deploying Specialist to End Users
Updates
Governing Law
Contact
Access/Deletion Requests
Roles & Your Responsibilities (Controller/Processor)

1) Definitions

Mentor: Skippr's product for on-demand analysis of web pages and applications, available via (a) the Chrome browser extension and (b) the skippr.ai website using browser-based screen sharing.
Specialist: Skippr's multimodal AI agent that conducts live sessions (demos, onboarding, upsells, implementation, support) via video call, session link, SDK, embed, or in-product module.
Direct User: An individual or organization using Mentor or Specialist for their own internal purposes.
Client: An organization that deploys Specialist to interact with its own End Users.
End User: A third party (e.g., a Client's customer, prospect, or user) who participates in a Specialist session deployed by a Client.
Customer Content: Content you provide to the Services (prompts, uploads, chats, Knowledge Base materials, configuration).
Captured Content (Mentor): Content that Mentor captures during an analysis — whether via the Chrome extension (current-tab screenshot, DOM fragments, URL/title/metadata) or via skippr.ai screen sharing (shared screen content, visual captures of the shared application or page, and associated metadata).
Session Data: All content captured, generated, or processed during a Mentor or Specialist interactive session, including: screen recordings and periodic screenshots, voice recordings and audio, transcripts, participant inputs and responses, interaction analytics, and metadata. Session Data for Specialist sessions may additionally include video recordings of participants, qualification scores, and follow-up actions triggered.
Knowledge Base and Workspace Data: Product documentation, FAQs, scripts, pricing information, objection-handling guides, branding assets, agent configurations, and any other content uploaded by a Client or Direct User to their Specialist workspace for use in building, configuring, and operating agents.
Derived Output: Reports, analytics, session summaries, qualification scores, and recommendations produced by the Services from your inputs, Captured Content, or Session Data.
AI Processing Services: Third-party services used to power analysis, Specialist's conversational/visual capabilities, and Derived Output generation.
Voice Data: Audio input captured during Mentor or Specialist sessions. Voice Data is processed in real-time for speech-to-text and text-to-speech functionality. Voice recordings are also retained as part of Session Data (session recordings) per your workspace settings.

2) Information We Collect

a) Information you provide

b) Information collected automatically (website/app)

Log data (IP address, device/browser info, pages viewed, timestamps) and cookie-based analytics/functional data as described in Section 6.

c) Mentor data (user-initiated only)

Mentor captures data only when you actively initiate a session or analysis. The data collected depends on which mode you use:

Chrome Extension Mode: When you run a full analysis of a page, the extension may capture:

Screenshot of the current tab and selected DOM fragments needed to assess UX/product issues;
Page URL, title, and technical metadata;
Your prompts/instructions and project context.

The extension does not monitor in the background, read other tabs, or collect browsing history.

Web Screen Share Mode (skippr.ai): When you initiate a Mentor session on skippr.ai and grant screen sharing permission, Mentor may capture:

Visual content from the screen, window, or tab you choose to share;
Screen recordings and periodic screenshots of the shared view during the session;
Page or application metadata visible within the shared content;
Your prompts/instructions and project context.

Voice recording (both modes): When you use Mentor's voice features, your voice is recorded during the session. Voice recordings are:

Processed in real-time for speech-to-text (to understand your input) and text-to-speech (to deliver Mentor's responses);
Stored as part of your Session Data (session recording) in your project workspace.

d) Specialist session data

When a Specialist session takes place (whether you are a Direct User or a Client's End User), Specialist may collect and process:

Video and audio recordings of the session (including participant voice and, where screen sharing is active, visual content on screen);
Real-time screen captures of the product interface being demonstrated or navigated;
Transcripts of the conversation (generated via speech-to-text);
Participant inputs (text chat messages, selections, form responses during the session);
Session metadata (timestamps, duration, language, connection quality, participant identifiers such as name and email if provided);
Behavioral analytics generated during the session (qualification scores, engagement metrics, drop-off points, intent signals, interaction patterns);
Follow-up actions triggered (emails sent, meetings booked, CRM records created/updated).

e) End User data (when Specialist is deployed by a Client)

When a Client deploys Specialist, we process End User personal data on the Client's behalf as their Processor. This may include:

End User name and email (if provided or collected during the session);
Voice and video of the End User during the session;
End User inputs, questions, and responses;
Behavioral data and qualification scores generated about the End User;
Follow-up data (emails sent to End User, meetings booked).

We process End User data solely on the Client's instructions and for the purposes of providing the Specialist service to the Client.

f) Diagnostics/monitoring

We collect limited telemetry (feature usage events, error rates, performance metrics) to monitor reliability and address bugs. This is not background browsing or session history.

3) How We Use Information

Provide and improve the Services. Create and secure accounts, deliver reports, operate projects/collaboration, conduct Specialist sessions, provide support, and improve features.
Mentor: analysis, reporting, and agent improvement. Session recordings (screen captures and voice) and Captured Content are used to generate your UX/product review and Derived Output, provide session analytics, and improve the Mentor agent's accuracy and performance. Advanced analysis uses our servers and AI Processing Services.
Specialist: sessions, analytics, client improvement, and follow-up. Session Data (including screen and voice recordings, transcripts, and analytics) is used to: power real-time conversational AI and visual understanding; generate session analytics and Derived Output; enable Clients to review session recordings, improve session quality, and follow up with participants; and improve the Specialist agent's accuracy and performance. Knowledge Base materials are retrieved during sessions to inform responses. Follow-up actions (emails, meeting bookings, CRM updates) are triggered as configured by you.
Communications. Service and security notices; with your consent where required, product updates and marketing. We do not use End User contact details for Skippr's own marketing.
Security and compliance. Detect and prevent fraud/abuse, meet legal obligations, and enforce terms.

4) Legal Bases (EU/UK)

We rely on:

Contract (to provide core services you request);
Legitimate interests (to secure and improve services, deliver analyses and sessions you request as controller);
Consent (marketing emails; non-essential website cookies/analytics where required);
Legal obligations (tax/accounting, responding to lawful requests).

Where we store captures or Session Data in your workspace, our legal basis is performance of a contract and/or our legitimate interests, balanced with your controls and rights.

For End User data processed on behalf of Clients, the Client determines the legal basis as Controller. Skippr processes such data as Processor on the Client's instructions.

5) When We Share Information

We do not sell personal information. We share information only with:

Service providers / sub-processors (categories): cloud hosting, storage/backup, security and monitoring, analytics (web), payment processing, customer support, product/design tooling, AI Processing Services (for Mentor analysis and Specialist sessions), and — where configured by the Client — CRM platforms, calendar services, and email delivery services.
Third-party integrations configured by you: When you (as Direct User or Client) configure Specialist to send data to CRM systems (e.g., Salesforce, HubSpot), calendar tools (e.g., Calendly), email platforms, or other services, we transmit data to those systems on your behalf and per your instructions. Those systems' own privacy policies apply.
Corporate events: In M&A/financing scenarios we will continue to protect data as described here.
Legal: Compliance with law, safety and rights protection; fraud/abuse prevention; responding to lawful requests.
At your direction: When you integrate or export to services you choose.

We maintain a current list of sub-processor categories and can provide details upon request.

6) Cookies and Similar Technologies (Web)

Essential cookies operate the site (auth, security, load balancing).
Non-essential (analytics, A/B testing, advertising) run only with your consent where required.
You can manage or withdraw consent at any time via "Cookie Settings".

Cookies do not apply to Mentor extension storage or Specialist sessions; those are covered in their respective sections.

7) Retention

We keep personal information only as long as needed for the purposes described or as required by law.

Account/workspace data: Until you delete your account or we no longer need it to provide the Services.
Mentor: Session recordings (screen captures, voice recordings), project chats, prompts, derived analyses, and Captured Content (screenshots, DOM fragments, screen-shared content): 12 months by default (workspace-configurable) or until we process your permanent deletion request.
Specialist: Session recordings (video, audio, screen, transcripts), analytics, and Derived Output: 12 months by default (workspace-configurable) or until we process your permanent deletion request.
Knowledge Base and workspace data (agent configurations, branding assets, other uploaded content): Retained until you delete them through in-product controls or your account is terminated. You may edit and delete agents and Knowledge Base materials at any time within the product. For permanent deletion (including erasure from backups), email privacy@skippr.ai.
End User Session Data (both products): Retained per the Client's workspace settings (default 12 months) or until permanent deletion is requested by the Client or the End User (via either privacy@skippr.ai or the Client directly).
Follow-up records (emails, CRM entries): Retained per workspace settings. Note that copies transmitted to third-party systems (CRM, email platforms) are subject to those systems' retention policies.
Support tickets: Approximately 3 years after resolution.
Billing/transaction records: 7 years (legal requirement).
Website cookies/analytics: Per tool settings and your consent choices.

8) Security

Session recordings and transcripts are encrypted at rest. Access to Session Data is restricted to authorized workspace members based on their role.

9) International Transfers

10) Children

Clients deploying Specialist must not knowingly direct sessions at children under 13 (or the applicable age of consent in relevant jurisdictions).

11) Your Privacy Rights (Direct Users and Clients)

EU/UK: You may lodge a complaint with your local supervisory authority.
US states with privacy laws: You may have rights to know, delete, correct, and to opt out of targeted advertising ("sharing"). We honor GPC signals where required.
Canada: You may access/correct your data and ask about cross-border processing and safeguards.

Contact privacy@skippr.ai to exercise your rights. We verify requests and respond within required timeframes.

12) End User Privacy Rights

Contact Skippr directly at privacy@skippr.ai; or
Contact the Client (the organization that deployed or conducted the session) through their own privacy or data subject request process.

Skippr will honor requests received through either path.

a) Right to Know

You may request information about what personal data was collected during your session, how it was used, and with whom it was shared.

b) Right to Access

You may request a copy of the personal data collected about you during a Specialist session, including session recordings, transcripts, and analytics.

c) Right to Deletion

You may request permanent deletion of your Session Data (recordings, transcripts, analytics, and any Derived Output relating to you) by emailing privacy@skippr.ai. Include:

Your name and email (as used during the session);
The approximate date and context of the session;
The name of the company/product whose session you participated in (if known).

d) Right to Correction

You may request correction of inaccurate personal data.

e) Right to Object

Where processing is based on legitimate interests, you may object.

f) Complaint

EU/UK End Users may lodge a complaint with their local supervisory authority. US End Users have rights under applicable state privacy laws.

13) Do-Not-Track & Global Privacy Control

14) California Notice (CPRA/CCPA)

We do not sell personal information. Where our websites use advertising/remarketing tools, that may be "sharing"; opt out via the "Do Not Sell or Share" link or through GPC signals.
You have rights to know, delete, correct, and to non-discrimination.
We do not sell/share minors' personal information (under 16).
Categories collected depend on your use: Identifiers (e.g., email), Internet/Network Activity (site analytics), Commercial Info (purchases), Inferences (product interest), User Content you choose to analyze (Mentor), and Audio/Visual Information (Mentor and Specialist session recordings, including screen captures and voice recordings). See Section 7 for retention.

15) Mentor Privacy Disclosures

a) Chrome Extension Mode

Operation statement: The extension does not run in the background, read other tabs, or collect browsing history.

b) Web Screen Share Mode (skippr.ai)

c) How Mentor Recordings Are Used

Session recordings (screen captures and voice recordings) from both modes are used for:

Generating your report: Producing UX/product reviews, analysis, and Derived Output;
Session analytics: Understanding interaction patterns and session quality;
Agent improvement: Improving the Mentor agent's accuracy, conversational quality, and analytical capabilities;
Project history: Enabling you to review and reference past sessions within your workspace.

d) Deletion of Mentor Session Data

16) Specialist Privacy Disclosures

a) What Specialist Collects During a Session

Video and audio of all participants (when recording is enabled);
Real-time screen captures of the product interface;
Full transcript of the conversation;
Participant-provided information (name, email, text inputs, responses to questions);
Behavioral analytics (engagement patterns, qualification scores, intent signals);
Follow-up actions (emails, calendar bookings, CRM updates).

b) How Sessions Are Recorded

Clients may configure recording behavior (e.g., disable recording, adjust what is captured) in their workspace settings.

c) AI Disclosure

Specialist is an AI agent. It identifies itself as AI at the start of sessions. It is not a human.

d) Multi-Language Processing

Specialist operates in multiple languages. Session content may be processed, transcribed, and stored in any language used during the session.

e) How Recordings Are Used

Session recordings (screen, voice, video, transcript) are used for:

Generating Derived Output: Session summaries, analytics, qualification scores, and follow-up recommendations;
Client review and improvement: Clients can review recordings to improve session quality, refine Knowledge Base materials, train their teams, and follow up with session participants;
Agent improvement: Skippr uses session recordings and analytics to improve the Specialist agent's accuracy, conversational quality, and performance;
Follow-up actions: Triggering configured actions such as emails, calendar bookings, and CRM updates.

f) Client Access to Session Recordings

17) Client Obligations When Deploying Specialist to End Users

If you are a Client deploying Specialist to interact with your End Users, you are the data Controller for all End User personal data processed during those sessions. You must:

a) Provide Adequate Disclosure and Obtain End User Approval

Before or at the start of each session, ensure End Users are clearly informed that:

They are interacting with an AI agent, not a human;
The session may be recorded (video, audio, screen, transcript);
Session data will be processed by Skippr (as your processor), stored, and used for analytics, follow-up communications, and improving the AI agent's performance;
They may request access to or deletion of their data by contacting privacy@skippr.ai or through your own data subject request process;
A link to the applicable privacy policy is available.

Skippr's built-in consent mechanism: A configurable consent prompt (e.g., checkbox, banner, or interstitial) displayed to the End User before the session begins. You must ensure this is enabled and the End User affirmatively accepts before proceeding; or
Your own channel: Collect the End User's acceptance through your own onboarding flow, terms page, or other mechanism before directing them to a Specialist session. You are responsible for maintaining records of acceptance.

The obligation to verify End User approval rests with you as Controller.

b) Establish a Lawful Basis

You are responsible for determining and maintaining a lawful basis for processing End User data through Specialist, including for recording, analytics, and automated follow-ups.

c) Handle Data Subject Requests

If End Users contact you directly with data subject requests (access, correction, deletion, objection), you are responsible for fulfilling them. Skippr will provide reasonable technical assistance.

If End Users contact Skippr directly at privacy@skippr.ai, we will notify you and assist in fulfilling the request.

d) Do Not Target Minors

You must not knowingly deploy Specialist sessions directed at individuals under 13 (or the applicable age of consent).

18) Updates

We may update this Policy. The "Effective Date" will change and, for material updates, we will provide reasonable notice.

19) Governing Law

This Policy is governed by the laws of England and Wales, with exclusive jurisdiction of its courts.

20) Contact

Data Protection Officer: dpo@skippr.ai

General privacy inquiries: privacy@skippr.ai

Postal: Skippr Ltd., address above.

21) Access/Deletion Requests

For Direct Users and Clients

Submit privacy requests by emailing privacy@skippr.ai from the email on your account. Include:

Request type: access, correction, permanent deletion (erasure), portability, restriction, or objection;
Scope: account, workspace, project(s), capture ID(s), session ID(s) (if known), relevant dates/URLs;
Authority: if acting for an organization, your role (e.g., workspace admin) and authorization if required.

For End Users

Submit privacy requests by emailing privacy@skippr.ai. Include:

Your name and email (as used during the session);
Request type: access, correction, permanent deletion, objection;
Session context: approximate date, the company/product whose session you participated in (if known);
Any additional identifying information that may help us locate your data.

Verification

We may verify identity and (for workspace requests) administrative authority. For End User requests, we may need to confirm identity with the relevant Client.

What We Delete

Timelines

Limitations

22) Roles & Your Responsibilities (Controller/Processor)

Scenario	Controller	Skippr's Role
Website/app usage	Skippr	Controller
Mentor analyses (Direct User)	You / your organization	Processor
Specialist sessions — Direct User (own use)	Skippr (account/service data); You (Customer Content)	Controller / Processor
Specialist sessions — deployed to End Users (Client)	You / your organization	Processor
End User data in Client-deployed sessions	Client is Controller	Skippr is Processor

DPA: A Data Processing Addendum is available on request: privacy@skippr.ai.

Avoid capturing secrets or sensitive data unless lawful to do so, and request deletion promptly if captured in error.

Privacy Policy

Quick Summary (At-a-glance)

Table of Contents

1) Definitions

2) Information We Collect

a) Information you provide

b) Information collected automatically (website/app)

c) Mentor data (user-initiated only)

d) Specialist session data

e) End User data (when Specialist is deployed by a Client)

f) Diagnostics/monitoring

3) How We Use Information

4) Legal Bases (EU/UK)

5) When We Share Information

6) Cookies and Similar Technologies (Web)

7) Retention

8) Security

9) International Transfers

10) Children

11) Your Privacy Rights (Direct Users and Clients)

12) End User Privacy Rights

a) Right to Know

b) Right to Access

c) Right to Deletion

d) Right to Correction

e) Right to Object

f) Complaint

13) Do-Not-Track & Global Privacy Control

14) California Notice (CPRA/CCPA)

15) Mentor Privacy Disclosures

a) Chrome Extension Mode

b) Web Screen Share Mode (skippr.ai)

c) How Mentor Recordings Are Used

d) Deletion of Mentor Session Data

16) Specialist Privacy Disclosures

a) What Specialist Collects During a Session

b) How Sessions Are Recorded

c) AI Disclosure

d) Multi-Language Processing

e) How Recordings Are Used

f) Client Access to Session Recordings

17) Client Obligations When Deploying Specialist to End Users

a) Provide Adequate Disclosure and Obtain End User Approval

b) Establish a Lawful Basis

c) Handle Data Subject Requests

d) Do Not Target Minors

18) Updates

19) Governing Law

20) Contact

21) Access/Deletion Requests

For Direct Users and Clients

For End Users

Verification

What We Delete

Timelines

Limitations

22) Roles & Your Responsibilities (Controller/Processor)

Privacy Policy

Quick Summary (At-a-glance)

Table of Contents

1) Definitions

2) Information We Collect

a) Information you provide

b) Information collected automatically (website/app)

c) Mentor data (user-initiated only)

d) Specialist session data

e) End User data (when Specialist is deployed by a Client)

f) Diagnostics/monitoring

3) How We Use Information

4) Legal Bases (EU/UK)

5) When We Share Information

6) Cookies and Similar Technologies (Web)

7) Retention

8) Security

9) International Transfers

10) Children

11) Your Privacy Rights (Direct Users and Clients)

12) End User Privacy Rights

a) Right to Know

b) Right to Access