What is the best AI screenwriting tool for writers' rooms in 2026?

Laper is built for writers' rooms. It combines real-time CRDT collaboration (multiple writers editing the same screenplay simultaneously, character-level conflict-free merge), full-script AI context that reads your entire screenplay (200K+ tokens) to judge character arcs and foreshadowing across every page, and a one-click AI generation suite that produces character bios, relationship graphs, casting posters, film posters, character portraits, props, scene stills and storyboards directly from your script.

How does Laper's AI screenwriting tool work?

Laper's AI reads your entire screenplay as context (200K+ tokens), not just the surrounding paragraph. From that whole-script understanding, Laper generates production assets on demand: character bios derived from how each character actually behaves across scenes, a relationship graph wired across the full script, casting and film posters, character portraits, props references, scene stills, and shot-level storyboards. Real-time CRDT collaboration lets a writers' room work together on the same screenplay without merge conflicts.

Yes, Laper has a free Junior tier — the full editor with AI credits and no credit card required. Paid plans (Senior $20/month, Master $100/month) unlock higher AI quotas, advanced features and team seats for writers' rooms.

What makes Laper different from other screenwriting tools?

Three things. (1) Real-time CRDT collaboration — multiple writers edit the same screenplay simultaneously with character-level conflict-free merge, unlike Final Draft (local file) or WriterDuet (cloud session). (2) Full-script AI context — Laper's AI reads your entire screenplay (200K+ tokens), so character arcs, foreshadowing and beat continuity are judged across every page, not just the surrounding 2-8K tokens. (3) One-click AI generation suite — character bios, relationship graphs, casting and film posters, character portraits, props, scene stills and storyboards, all derived from the script itself.

Can I use Laper for TV scripts?

Yes, Laper supports both film screenplays and TV scripts. It handles multi-episode projects, series bibles, and character arcs across seasons. Because the AI sees the full script as context, it tracks character development and recurring beats across episodes coherently.

Privacy Policy

Last Updated: May 10, 2026

At Laper, we believe privacy is a fundamental right, not a feature. This Privacy Policy explains in detail how Laper, Inc. ("Laper", "we", "us", "our") collects, uses, retains, discloses, and protects personal information when you use our screenplay collaboration platform, including our website at laper.ai, our desktop and mobile applications, our application programming interfaces, our artificial intelligence assistance features, and any other product or service we provide (collectively, the "Service").

This Policy is designed to satisfy the substantive and disclosure requirements of the European Union General Data Protection Regulation (Regulation EU 2016/679, the "GDPR"), the United Kingdom GDPR and the Data Protection Act 2018, the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, "CCPA/CPRA"), other United States state privacy laws including those of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and Montana, the Canadian Personal Information Protection and Electronic Documents Act, the Personal Information Protection Law of the People's Republic of China (the "PIPL"), the Cybersecurity Law and Data Security Law of the People's Republic of China, and Brazil's Lei Geral de Proteção de Dados.

Where the requirements of two or more jurisdictions apply to the same processing activity, we apply the standard most protective of the data subject.

1. Information We Collect

We collect information in three categories: (a) information you provide directly to us, (b) information we collect automatically when you use the Service, and (c) information we receive from third parties.

1.1 Information You Provide

When you create an account, use features, or interact with our support channels, we collect:

Account Information. Name, email address, password (stored in salted hashed form), profile photograph, display name, language preference, time zone.
Project Content. Screenplays, characters, scenes, locations, beats, treatments, dialogue, storyboards, comments, version history, attachments you upload, and the metadata associated with each (timestamps, authorship attributions, edit logs).
Collaboration Data. Names and email addresses of collaborators you invite, role assignments, comment histories, and access logs.
Communication Data. Messages, attachments, screenshots, and feedback you submit through our support channels, community forums, or feedback widgets.
Payment Information. Billing name and address, payment method details (handled directly by our payment processors and not stored on Laper systems beyond a tokenized reference), transaction history, and tax identification numbers where required.
Verification Information. Documents and metadata submitted in connection with account verification, age verification, or enterprise procurement processes.

1.2 Information We Collect Automatically

When you interact with the Service, we collect certain information through standard internet-based technologies:

Usage Data. Features accessed, time spent within views, sequence of actions, content created or edited (in metadata form, not in content form for analytics purposes), interaction patterns, error encounters, and search queries within the application.
Device Information. Internet Protocol address, browser type and version, operating system, device model and identifier, screen resolution, language preferences, and time zone.
Network and Performance Data. Latency, packet loss, request and response sizes, and identifiers needed for routing real-time collaboration messages.
Cookies and Similar Technologies. First-party and third-party cookies, web beacons, pixel tags, and local storage entries as described in Section 8 below.

1.3 Information from Third Parties

We may receive information about you from third parties in limited and lawful circumstances:

Authentication Providers. If you sign in using a third-party authentication service (such as Google, Apple, or GitHub OAuth), we receive a unique identifier, email address, and limited profile information you authorize.
Payment Processors. Stripe, Inc. and other payment providers transmit transaction status, fraud screening results, and tokenized payment instruments.
Service Providers. Hosting, analytics, communication, and security service providers may transmit information about how you interact with our infrastructure.
Public Sources and Compliance Databases. We may consult sanctions lists, public business registers, and similar lawful sources to perform compliance screening required by export-control and anti-money-laundering law.

2. Categories of Personal Information Under CCPA/CPRA

For California residents, the following table classifies the categories of personal information we have collected over the preceding twelve months pursuant to California Civil Code Section 1798.140:

Identifiers. Name, email, account identifier, internet protocol address.
Customer Records Categories (Cal. Civ. Code § 1798.80(e)). Name, address, telephone number, billing information.
Commercial Information. Subscription history, products and services purchased.
Internet or Electronic Network Activity. Browsing history within the Service, interaction logs.
Geolocation Data. Coarse geolocation derived from internet protocol address; we do not collect precise geolocation.
Audio, Electronic, Visual Information. Profile photographs you upload; any images, audio, or video included in project attachments.
Professional or Employment-Related Information. Job title and organization for users who supply it during enterprise onboarding.
Inferences. Derived signals such as activity level used to personalize the Service to the individual user.

Sensitive Personal Information. We do not knowingly collect sensitive personal information as defined in California Civil Code Section 1798.140(ae). If you choose to include such information in screenplay content, it is processed only for the operational purpose of providing the Service and is not used to infer characteristics about you.

Sale or Sharing. Laper does not sell personal information for monetary consideration. Laper does not "share" personal information for cross-context behavioral advertising. We respect the Global Privacy Control browser signal.

3. Legal Bases for Processing Under the GDPR and UK GDPR

For users in the European Union, European Economic Area, and United Kingdom, we process personal information on the following legal bases enumerated in Article 6(1) of the GDPR and UK GDPR:

Contract Performance (Article 6(1)(b)). Processing necessary to provide the Service you have requested, including account management, real-time collaboration, billing, and customer support.
Legitimate Interests (Article 6(1)(f)). Processing for our legitimate interests in operating, securing, and improving the Service, preventing fraud and abuse, and developing new features. We have conducted balancing assessments and concluded these interests are not overridden by your rights and freedoms.
Legal Obligation (Article 6(1)(c)). Processing required to comply with tax, accounting, sanctions, and other regulatory obligations applicable to us.
Consent (Article 6(1)(a)). Processing for which we have requested and received your specific, informed, and freely given consent, such as for non-essential cookies, marketing communications, and certain optional features.

For the processing of special categories of personal data (Article 9 of the GDPR), we rely on your explicit consent or such other lawful condition as applies, and only where strictly necessary.

You have the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

4. How We Use Your Information

We use personal information for the following purposes:

4.1 Service Delivery and Core Operations

Providing Features. Hosting, transmitting, and rendering your projects; enabling real-time collaborative editing across devices and authorized collaborators; processing artificial intelligence assistance requests; managing assets and version history.
Account Management. Creating, authenticating, securing, and maintaining your account; processing subscription changes; handling password resets and identity recovery.
Customer Communication. Sending service announcements, security alerts, billing notices, and replies to your support inquiries through email or in-application messages.

4.2 Quality, Performance, and Reliability

Diagnostics. Identifying and resolving bugs, performance regressions, and reliability incidents.
Capacity Planning. Monitoring infrastructure utilization and planning capacity to maintain service-level commitments.
Feature Improvement. Analyzing usage patterns in aggregate to inform product decisions; conducting on-platform research and surveys where you opt in.

4.3 Trust, Safety, and Compliance

Fraud and Abuse Prevention. Detecting and preventing unauthorized account access, payment fraud, sanctions list matches, and abusive use of artificial intelligence generation features.
Legal Compliance. Meeting our obligations under tax, accounting, anti-money-laundering, export control, copyright (including responding to lawful Digital Millennium Copyright Act notices), and content regulation regimes.
Enforcement. Investigating and addressing violations of our Terms of Service, Acceptable Use Policy, and Community Guidelines.
Protection of Rights. Asserting, exercising, or defending legal claims, and protecting the safety of users and the public.

4.4 Marketing and Communications

Transactional Communications. Billing receipts, security notices, and service updates, which you cannot opt out of for so long as you maintain an account.
Promotional Communications. Newsletters, product announcements, and educational content, sent only with your opt-in consent and from which you can unsubscribe at any time.

We do not engage in solely automated decision-making producing legal or similarly significant effects on individuals.

5. How We Protect Your Information

5.1 Technical Safeguards

Encryption in Transit. All data transmitted between your device and our infrastructure is encrypted using Transport Layer Security version 1.3 with modern cipher suites.
Encryption at Rest. Production data stores apply AES-256 encryption to data at rest.
Access Controls. Production access requires multi-factor authentication; privileged access is auditable, time-bound, and limited on the principle of least privilege.
Network Security. Web application firewall, distributed denial-of-service mitigation, intrusion detection, and continuous vulnerability scanning.
Secret Management. Credentials and keys are stored in hardware-backed key management services and rotated on regular schedules.

5.2 Organizational Safeguards

Personnel Training. All Laper employees and contractors with access to personal information complete privacy and security training upon onboarding and annually thereafter.
Vendor Diligence. Third-party processors are subject to written data processing agreements meeting the requirements of Article 28 of the GDPR and analogous laws.
Incident Response. We maintain a documented incident response plan with tested runbooks; security incidents are tracked in a centralized incident management system.

5.3 Data Storage and Retention

Primary Infrastructure. Our primary production servers are operated by major cloud providers in geographies appropriate to the user populations served. Backups are stored with geographic redundancy.
Retention Period. We retain personal information for so long as your account is active and for thirty (30) days after account closure to permit recovery, after which production data is purged. Backup copies are purged in the regular backup-cycle rotation, with maximum retention of ninety (90) days.
Legal Hold. Where required by law, regulation, or in connection with active litigation or dispute, we may retain certain information for longer periods.

5.4 Breach Notification

If we become aware of a personal data breach likely to result in a risk to the rights and freedoms of data subjects, we will notify the competent supervisory authority within seventy-two (72) hours as required by Article 33 of the GDPR and, where the breach is likely to result in a high risk, we will notify affected individuals without undue delay as required by Article 34. Analogous notification timelines apply under the laws of California, the United Kingdom, the People's Republic of China, and other jurisdictions.

6. Information Sharing and Disclosure

We do not sell your personal information. We share information only in the following limited circumstances:

6.1 With Your Consent or Direction

Collaboration Features. When you invite collaborators to a project, the information necessary to support the collaboration is shared with those individuals on your direction.
Public Sharing. When you publish a project to our community sharing space or share via a public link, information you designate as public becomes accessible to other Service users and, where applicable, to indexers.
Third-Party Integrations. When you connect optional external services (for example, cloud storage providers), information is exchanged with those services pursuant to the integration you have authorized.

6.2 Service Providers and Processors

We engage trusted third parties to perform services on our behalf. These processors are contractually bound to use personal information only as needed to perform the services and to apply protections at least as strict as ours:

Payment Processing. Stripe, Inc. and other payment providers process subscription payments and apply independent fraud-prevention measures.
Hosting and Infrastructure. Cloud computing providers host our application servers, databases, and storage.
Email Delivery. Transactional and marketing email delivery providers route communications to your registered address.
Customer Support. Help-desk and ticketing platforms enable us to track and resolve your inquiries.
Analytics. Privacy-preserving analytics providers process aggregated usage data; we do not provide directly identifying information for analytics purposes.
Security Tooling. Vulnerability scanners, web application firewall providers, and security incident detection services process selected metadata.

6.3 Legal and Regulatory Disclosures

We may disclose personal information when we believe in good faith that disclosure is necessary to:

Comply with a legal obligation, court order, subpoena, or other valid governmental request
Enforce our Terms of Service, including investigation of potential violations
Detect, prevent, or address fraud, security, or technical issues
Protect the rights, property, or safety of Laper, our users, or the public

We commit to scrutinize the legal validity and proportionality of any government request and to limit any disclosure to that which is strictly required. Where permitted by law, we will notify affected users of compelled disclosures.

6.4 Business Transfers

If Laper undergoes a merger, acquisition, asset sale, reorganization, or similar transaction, personal information may be transferred to the successor entity. We will notify users of any change in ownership or use of personal information through this Policy and prominent notice in the Service.

7. Cross-Border Data Transfers

Laper operates globally. To provide the Service, we may transfer personal information across borders, including to countries that have not been recognized as providing an adequate level of data protection by your home jurisdiction. We rely on the following lawful mechanisms:

7.1 European Union and European Economic Area Transfers

For transfers from the European Union or European Economic Area to third countries:

Adequacy Decisions where the European Commission has determined the destination country provides adequate protection.
Standard Contractual Clauses (Commission Implementing Decision EU 2021/914) supplemented by transfer impact assessments and additional measures responsive to the Schrems II judgment.
Binding Corporate Rules where applicable.
Derogations under Article 49 of the GDPR for occasional and limited transfers where strictly necessary.

7.2 United Kingdom Transfers

For transfers from the United Kingdom, we rely on the UK Information Commissioner's Office International Data Transfer Agreement, the UK Addendum to the Standard Contractual Clauses, or applicable adequacy regulations.

7.3 Transfers from the People's Republic of China

For transfers from the People's Republic of China to overseas recipients, we rely on the lawful mechanisms in Articles 38–40 of the Personal Information Protection Law, which may include:

Security assessment by the Cyberspace Administration of China where thresholds for important data or large-volume processing are met
Personal information protection certification by a specialized institution
Standard contract for cross-border transfer filed with the Cyberspace Administration of China
Other lawful conditions established by laws or administrative regulations

We obtain separate consent for cross-border transfers as required by Article 39 of the Personal Information Protection Law.

8. Cookies and Similar Technologies

8.1 Categories of Cookies

We use cookies and analogous local storage technologies for the following purposes:

Strictly Necessary Cookies. Required for the Service to function (authentication tokens, security tokens, load-balancing markers). These cannot be disabled without breaking essential functionality.
Preference Cookies. Remember settings such as language, theme, and interface preferences.
Analytics Cookies. Help us understand aggregate usage to improve the Service. Set only with your consent in jurisdictions where consent is required.
Functional Cookies. Support enhanced features such as remembered drafts and recent project lists.

We do not use cookies for third-party behavioral advertising and do not participate in advertising networks.

8.2 Managing Cookies

You can manage cookie preferences through:

In-Application Cookie Banner. Available on first visit in jurisdictions where consent is required (European Union, European Economic Area, United Kingdom, certain United States states with cookie-implicating laws, and the People's Republic of China). Adjust preferences at any time through laper.ai/legal/cookie-preferences.
Browser Controls. Most browsers allow you to block or delete cookies through their privacy settings. Note that disabling strictly necessary cookies will prevent the Service from functioning.
Global Privacy Control. We honor the Global Privacy Control browser signal as a valid opt-out request under the California Privacy Rights Act.

9. Children's Privacy

The Service is not directed to children below the applicable minimum age threshold, which is:

Thirteen (13) years in the United States (consistent with the Children's Online Privacy Protection Act) and most jurisdictions
Sixteen (16) years in the European Union and European Economic Area, except in Member States that have legislated a lower threshold pursuant to Article 8 of the GDPR
Fourteen (14) years in the People's Republic of China for autonomous use; users between eight and fourteen require verifiable guardian consent

We do not knowingly collect personal information from children below the applicable threshold. If you believe we have collected personal information from a child without lawful consent, please contact [email protected] immediately, and we will delete such information promptly.

10. Artificial Intelligence and Machine Learning

10.1 How We Use Artificial Intelligence

The Service incorporates artificial intelligence assistance for purposes such as:

Content Suggestions. Generating suggested dialogue, scene descriptions, character beats, and structural analysis in response to your prompts and project context
Pattern Recognition. Identifying screenplay structural patterns to provide writing assistance
Asset Generation. Producing storyboard images, character portraits, scene stills, and other visual assets in response to your specifications

10.2 What We Do Not Do

No Training on Your Content. We do not use your projects, screenplays, prompts, or other private content to train, fine-tune, or otherwise develop public-facing generative artificial intelligence models. Where transient processing by third-party model providers is required to fulfill your request, we contractually prohibit such providers from using your data for model training.
No Selling Your Content. We do not license, sell, or share your project content with third parties for their independent use.
No Hidden Inferences. We do not derive sensitive attributes such as race, ethnicity, religion, health status, or sexual orientation from your project content.

10.3 Your Control

Opt-Out. You may disable artificial intelligence features in your account settings; the Service remains usable for all non-AI workflows.
Output Labeling. Artificial intelligence generated suggestions are clearly designated within the user interface so you can distinguish them from your own work.
Right to Explanation. Where required by Article 22 of the GDPR or Article 24 of the Personal Information Protection Law, you may request information about the logic involved in any automated decision and may contest the outcome.

11. Your Privacy Rights

The rights available to you depend on your jurisdiction. The Service supports the exercise of all rights described below at no cost to you, on the same terms as we provide the Service to other users.

11.1 Rights for European Union, European Economic Area, and United Kingdom Residents

Pursuant to Articles 15 through 22 of the GDPR and the UK GDPR:

Right of Access (Article 15). Obtain confirmation of whether we process your personal information and, if so, a copy of that information along with metadata.
Right to Rectification (Article 16). Have inaccurate personal information corrected and incomplete information completed.
Right to Erasure (Article 17). Have your personal information deleted where the legal grounds for processing no longer apply.
Right to Restriction of Processing (Article 18). Limit how we process your personal information in specified circumstances.
Right to Data Portability (Article 20). Receive your personal information in a structured, commonly used, and machine-readable format and transmit it to another controller where technically feasible.
Right to Object (Article 21). Object to processing based on legitimate interests or for direct marketing.
Rights Related to Automated Decision-Making (Article 22). Avoid being subject to solely automated decisions that produce legal or similarly significant effects.
Right to Lodge a Complaint. File a complaint with the supervisory authority of your habitual residence, place of work, or place of alleged infringement.

11.2 Rights for California Residents (CCPA / CPRA)

Pursuant to the California Consumer Privacy Act as amended by the California Privacy Rights Act:

Right to Know. Receive disclosure of the categories and specific pieces of personal information collected, sources, business or commercial purposes, and recipients.
Right to Delete. Request deletion of personal information collected from you, subject to enumerated exceptions.
Right to Correct. Request correction of inaccurate personal information.
Right to Opt-Out of Sale or Sharing. We do not sell or share for cross-context behavioral advertising; however, this right is honored where applicable.
Right to Limit Use of Sensitive Personal Information. Direct us to limit use to purposes necessary to provide goods and services.
Right to Non-Discrimination. Receive the same Service and pricing whether or not you exercise your rights.
Right to Designate an Authorized Agent. Authorize another person to make requests on your behalf in compliance with verification requirements.

11.3 Rights for Other United States States

Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws have analogous rights of access, correction, deletion, portability, and opt-out, exercisable on the same terms as set forth herein.

11.4 Rights for Residents of the People's Republic of China

Pursuant to Articles 44 through 50 of the Personal Information Protection Law:

Right to Know and Decide. Be informed about the processing of your personal information and decide on its handling.
Right of Access and Copy. Access and obtain a copy of your personal information.
Right to Transfer. Have your personal information transferred to another personal information handler upon request, where technically feasible.
Right to Correct or Supplement. Have inaccurate or incomplete information corrected or completed.
Right to Delete. Have your personal information deleted in the circumstances enumerated in Article 47.
Right to Withdraw Consent. Withdraw consent where processing is based on consent, without affecting prior lawful processing.
Right to Explanation of Rules. Receive an explanation of our processing rules.
Right to Request Cessation of Use. Request that we cease processing or restrict scope where you believe processing is unlawful.

11.5 How to Exercise Your Rights

To exercise any of the above rights:

Email. Send a request to [email protected] from the email address associated with your account, or include sufficient information for us to verify your identity if requesting from a different address.
In-Application. Use the Settings → Privacy → Data Rights section of your account, where many requests can be self-served.
Postal Mail. Send written requests to the address listed in Section 14.

We will respond to verified requests within thirty (30) days under the GDPR and UK GDPR (extendable by sixty additional days for complex requests, with notice), forty-five (45) days under the CCPA / CPRA (extendable by forty-five additional days with notice), and fifteen (15) working days under the Personal Information Protection Law. We do not charge a fee for exercising your rights, unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act and explain why.

You may designate an authorized agent to submit requests on your behalf where permitted by applicable law; we require reasonable verification of the agent's authority.

12. Changes to This Policy

We may update this Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Changes will be:

Posted Here. The updated Policy will be published at laper.ai/legal/privacy-policy with a revised "Last Updated" date.
Notified for Material Changes. For changes that materially affect your rights or obligations, we will provide notice through email to your registered address or a prominent in-application notice at least thirty (30) days before the effective date.
Effective Date. Changes are effective on the date specified in the updated Policy; continued use of the Service after that date constitutes acceptance.

We maintain a public changelog at laper.ai/legal/privacy-changelog documenting amendments and their effective dates.

13. Region-Specific Notices

13.1 European Union Representative

Pursuant to Article 27 of the GDPR, our representative in the European Union for matters arising under the GDPR is available upon request to [email protected].

13.2 United Kingdom Representative

Pursuant to Article 27 of the UK GDPR, our representative in the United Kingdom for matters arising under the UK GDPR is available upon request to [email protected].

13.3 Personal Information Protection Law Representative

Pursuant to Article 53 of the Personal Information Protection Law of the People's Republic of China, our representative for users in the People's Republic of China is available upon request to [email protected]. Our contact information has been or will be filed with the competent department where required.

13.4 Brazil (LGPD)

For users in Brazil, our Data Protection Officer (Encarregado) under the Lei Geral de Proteção de Dados is available at [email protected]. Brazilian users have rights of access, correction, anonymization or deletion, portability, information about sharing, and withdrawal of consent, as set forth in Article 18 of the LGPD.

14. Contact Us

For questions, requests, or concerns regarding this Policy or our data practices:

Email (General Privacy Inquiries). [email protected]
Email (Data Protection Officer). [email protected]
Email (Security Reports). [email protected]
Postal Mail. Laper, Inc., Attn: Privacy Office, 251 Little Falls Drive, Wilmington, Delaware 19808, United States of America
EU Representative. Available upon request pursuant to Article 27 of the GDPR
UK Representative. Available upon request pursuant to Article 27 of the UK GDPR
PIPL Representative in the People's Republic of China. Available upon request pursuant to Article 53 of the Personal Information Protection Law

Your trust is the foundation of everything we build. By using Laper, you confirm that you have read and understood this Privacy Policy. If you disagree with any provision, please discontinue use of the Service and contact us to delete your account.