🔥 Clipdraft

Legal

Privacy Policy

Effective date: April 9, 2025

ClipDraft (“we”, “us”, “our”) is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the choices you have.

1. Information We Collect

Account information. When you register, we collect your name, email address, and authentication details provided via Google Firebase Authentication.

Media files. You upload video recordings, screenshots, and images to the Service. These files are stored in Google Cloud Storage and processed to generate your demos.

Usage data. We collect information about how you interact with the Service — pages visited, features used, build history, credit purchases, and timestamps.

Payment information. Credit card and payment data is handled by Stripe. We do not store your full card number, CVV, or sensitive payment data on our servers.

Communications. If you contact us by email or support channels, we retain those communications to help resolve issues.

Technical data. We may collect IP addresses, browser type, device identifiers, and error logs for security and debugging purposes.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Service.
  • Process your media files through AI systems to generate demos.
  • Manage your account, credits, and transaction history.
  • Send transactional emails (build notifications, receipts, security alerts).
  • Detect, investigate, and prevent fraudulent or abusive activity.
  • Comply with legal obligations.
  • Respond to your support requests.

We do not sell your personal data or use your uploaded media files to train AI models.

3. Third-Party Services

We rely on the following third-party services which may process your data under their own privacy policies:

ProviderPurposePolicy
Google FirebaseAuthentication, Firestore databaseView →
Google Cloud StorageMedia file & output storageView →
Google Gemini AIFrame analysis, caption & script generationView →
Google Cloud TTSAI voice-over synthesisView →
Google Cloud RunVideo processing & build executionView →
StripePayment processingView →

4. Sharing & Disclosure

We do not sell, rent, or share your personal data with third parties for marketing purposes. We may share information only in these limited circumstances:

  • Service providers. Third parties listed above that process data on our behalf under strict data processing agreements.
  • Legal requirements. When required by law, court order, or government authority, or to protect our legal rights.
  • Business transfer. In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you via email or prominent notice before this occurs.
  • Safety. Where disclosure is necessary to protect the safety of any person or to prevent fraud or abuse.

5. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data — retained while your account is active and for up to 90 days after deletion.
  • Uploaded media files — retained for up to 30 days after a build completes, then deleted automatically.
  • Output files (demos) — retained for up to 90 days, then deleted. You are responsible for downloading your outputs.
  • Transaction records — retained for 7 years as required by financial regulations.

You can request deletion of your account and associated data by contacting us at privacy@clipdraft.io. Some data may be retained longer where required by law.

6. Security

We implement industry-standard security measures to protect your data, including:

  • TLS/HTTPS encryption for all data in transit.
  • Cryptographically signed session cookies.
  • Firebase Authentication with Google identity — we never store your password.
  • Role-based access controls on all API routes.
  • Cloud Storage access via time-limited signed URLs.

No method of transmission over the internet is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you as required by applicable law.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Request correction of inaccurate or incomplete data.
  • Deletion. Request deletion of your personal data (“right to be forgotten”).
  • Portability. Request a machine-readable export of your data.
  • Objection / Restriction. Object to or request restriction of certain processing activities.
  • Withdraw consent. Where processing is based on consent, withdraw it at any time.

California residents (CCPA). You have the right to know what personal information is collected and sold, to opt out of sale (we do not sell data), and to non-discrimination for exercising your rights.

EEA / UK residents (GDPR). Our lawful bases for processing are contract performance (providing the Service), legitimate interests (security, fraud prevention), and compliance with legal obligations. You have the right to lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact us at privacy@clipdraft.io. We will respond within 30 days.

8. Cookies & Tracking

We use the following types of cookies and similar technologies:

  • Essential cookies. Required for authentication and session management. Cannot be disabled without breaking core functionality.
  • Preference cookies. Store UI preferences such as dark/light mode.

We do not use third-party advertising cookies or cross-site tracking cookies. You can control cookies through your browser settings, but disabling essential cookies will prevent you from using the Service.

9. International Data Transfers

ClipDraft is operated from the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your home country.

By using the Service, you explicitly consent to the transfer of your information to the United States and to any other country where our service providers operate. Where required by law (e.g., GDPR), we rely on Standard Contractual Clauses or other approved transfer mechanisms for transfers of personal data from the EEA, UK, or Switzerland to the United States.

No liability for foreign law differences. ClipDraft is not liable for any differences in data protection standards between the United States and your jurisdiction. You assume any risk associated with accessing the Service from a jurisdiction with different data protection requirements.

10. Limitation of Liability for Data Incidents

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CLIPDRAFT SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM OR RELATED TO ANY UNAUTHORIZED ACCESS TO, USE OF, OR DISCLOSURE OF YOUR PERSONAL DATA, INCLUDING ANY DATA BREACH, CYBERATTACK, OR UNAUTHORIZED INTERCEPTION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Third-party service incidents. We are not responsible for data breaches, unauthorized disclosures, or privacy failures that occur at our third-party service providers (including Google Firebase, Google Cloud, or Stripe). Each provider operates under its own security and privacy program. Your recourse for incidents at those providers is governed by their terms of service.

User-caused exposure. We are not liable for any exposure of your personal data that results from your own actions, including sharing account credentials, using unsecured networks, or configuring your account in a way that makes data accessible to third parties.

OUR TOTAL CUMULATIVE LIABILITY TO YOU FOR ANY PRIVACY-RELATED CLAIMS SHALL NOT EXCEED THE GREATER OF (A) THE TOTAL AMOUNT YOU PAID TO US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR (B) US $10.

11. Dispute Resolution

Governing law. This Privacy Policy is governed by the laws of the State of California, United States, without regard to conflict-of-law principles.

Informal resolution first. Before filing any privacy-related claim, you agree to contact us at privacy@clipdraft.io and allow 30 days for us to attempt resolution.

Binding arbitration. Any unresolved dispute arising from this Privacy Policy shall be submitted to binding individual arbitration under the rules of the American Arbitration Association (AAA), conducted in English in San Francisco, California. You waive any right to a jury trial or to participate in a class action related to privacy claims against ClipDraft.

Regulatory bodies. Nothing in this section prevents you from filing a complaint with a data protection authority (e.g., your local EU supervisory authority or the California Privacy Protection Agency).

12. Children's Privacy

The Service is not directed to children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately at privacy@clipdraft.io and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice in the Service at least 14 days before the change takes effect. The “Effective date” at the top of this page indicates when the current version was last updated.

Your continued use of the Service after the effective date of an updated policy constitutes your acceptance of the changes.

14. Contact

For privacy-related questions, data requests, or concerns, contact us at:

privacy@clipdraft.io

Legal disclaimer: This document is provided as a starting point and does not constitute legal advice. Have this policy reviewed by a qualified attorney, particularly if you serve users in the EU, UK, or California.