Privacy Policy

Last updated: 2026-05-26

1. What we collect

• Account data — email, hashed password, workspace name.
• Uploaded content — videos you upload, derived transcripts, AI-generated timelines, and final renders.
• Usage logs — pipeline timings, error reports, IP addresses on auth events.
• Billing data — handled by Stripe; we store only the Stripe customer ID and subscription state.

2. Where it lives

All persistent storage is in the EU (Hetzner Falkenstein for application data and Cloudflare R2 in WEUR for video objects). No customer data is transferred outside the EU/EEA without explicit consent.

3. How long we keep it

• Raw uploads: 7 days, then auto-deleted by Cloudflare R2 lifecycle.
• Intermediate proxies: 30 days, then auto-deleted.
• Final renders: retained until you delete the project or your account.
• Audit logs: 90 days.

4. Your rights (GDPR / CCPA)

You can:

• Export all data we hold — Settings → Data & Privacy → Export my data.
• Delete your account, which cascades to all uploads, projects, blocks, and renders.
• Object to processing for marketing emails — toggle in Settings.

5. Cookies

We use one essential cookie for authentication. Optional analytics cookies are only set after you accept the consent banner. We do not use third-party advertising cookies.

6. Sub-processors

• Cloudflare — R2 object storage, DNS, WAF.
• Stripe — payment processing.
• Hetzner — compute and database hosting (EU).
• Resend — transactional email delivery.
• Mistral, OpenAI, Deepgram — model inference for prompts and transcripts (no training).

7. Contact / data protection

Email [email protected] for any data request. We respond within 30 days as required by GDPR.