Privacy Policy

1. Information We Collect

When you use Reloop Studio ("the Service"), we collect the following categories of information:

• Account data — name, email address, and authentication credentials (passwords are hashed and stored by our authentication provider, never in plain text).
• Content you provide — videos you upload (including demos, screen captures, or camera clips), scripts, voice selections, and other inputs submitted to generate a video.
• Billing data — partial payment method details and transaction metadata (full card numbers are handled exclusively by our payment processor; we never see or store them).
• Usage & device data — IP address, browser/device type, pages visited, feature interactions, and error reports collected to operate and improve the Service.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our video generation services
• Process payments, manage your subscription, and prevent fraud or abuse
• Send transactional emails such as video completion, billing, and security notifications
• Diagnose errors, monitor service health, and improve generation quality
• Respond to support requests and communicate about the Service
• Comply with legal, tax, and regulatory obligations

We do not use your uploaded content, scripts, or generated videos to train our own AI models or any third-party AI model.

3. Data Storage & Security

Your data is stored on our cloud infrastructure (Supabase) protected by row-level security, encryption in transit (TLS), and encryption at rest. Access to production systems is restricted to authorised personnel, multi-factor authentication is enforced, and access is logged. While we take industry-standard precautions, no system is perfectly secure — you are responsible for keeping your account credentials confidential and for notifying us promptly if you suspect unauthorised access.

4. Your Uploaded Content

Videos, scripts, and any other files you upload are used solely to generate your requested videos. Intermediate raw assets produced during generation (temporary audio chunks, avatar fragments) are automatically deleted after a successful render. Final videos remain in your account library until you delete them or your account is closed. You may delete any video at any time from the dashboard.

5. Third-Party Service Providers (Sub-Processors)

To operate the Service, we integrate the following providers. Each operates under its own privacy policy and data-processing agreement, and we share only the minimum data necessary for them to perform their function:

• Supabase — authentication, database, and object storage.
• Fal.ai — AI inference (avatar generation, text-to-speech, speech-to-text).
• Shotstack — video compositing and rendering.
• Dodo Payments — subscription billing and one-time credit purchases. Dodo Payments acts as the Merchant of Record for transactions, which means they — not us — handle card processing, tax collection, and chargebacks.
• PostHog — product analytics and error monitoring (events, session metadata, anonymised usage patterns). We use PostHog to diagnose issues and improve the product; we do not sell this data.

We do not sell, rent, or otherwise disclose your personal data to third parties for their own marketing purposes.

6. Data Retention

• Account data — retained for as long as your account is active, plus up to 30 days after account deletion to complete closure and satisfy legal obligations.
• Generated videos — retained in your library until you delete them or your account is closed.
• Raw intermediate assets (temporary audio/avatar chunks) — deleted automatically shortly after each successful generation.
• Billing records — retained for the period required by applicable tax and accounting law (typically 6–7 years), even after account deletion.
• Analytics & error logs — retained for up to 12 months in aggregated or pseudonymised form.

7. International Data Transfers

Our service providers may process data in jurisdictions outside your country of residence, including the United States and the European Union. Where required, these transfers are governed by appropriate safeguards (such as Standard Contractual Clauses) under the applicable data-protection law.

8. Cookies & Similar Technologies

We use strictly necessary cookies to maintain your authenticated session and remember your product preferences. We also use first-party analytics (via PostHog) to understand aggregate usage and diagnose errors. We do not use third-party advertising or cross-site tracking cookies.

9. Your Rights

Depending on your jurisdiction you may have the right to access, correct, export, or delete your personal data, to object to or restrict certain processing, and to withdraw consent. You can exercise most of these rights directly from your dashboard settings, or by writing to us at inlabproducts@gmail.com. Deletion requests are honoured within 30 days (subject to legal retention obligations noted above).

10. Children's Privacy

Reloop Studio is not directed to children under 18. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us data, please contact us and we will delete it.

11. Changes to This Policy

We may update this policy from time to time. When we do, we will update the date at the top of this page, and for material changes we will also notify registered users by email. Continued use of Reloop Studio after any changes constitutes acceptance of the revised policy.

12. Contact

If you have any questions about this Privacy Policy, please contact us at inlabproducts@gmail.com.