Privacy Policy

Last updated: April 22, 2026

1. What we collect

  • Account data: email address, full name (if provided), authentication tokens via Supabase.
  • Usage data: projects created, renders started, style extractions, chat messages, credit ledger entries.
  • Uploaded content: video, image, and audio files you upload, plus any reference URLs you paste.
  • Billing data: payment method details are collected and stored by Stripe; we only retain a customer ID, subscription status, and invoice history.
  • Technical data: IP address, user agent, device fingerprint (for fraud prevention on signup), timestamps.

2. Why we process it

  • Deliver the video-editing service (core functionality).
  • Manage subscriptions and usage-based limits.
  • Prevent abuse (rate-limits, fraud scoring at signup).
  • Improve the service (aggregated, anonymized analytics on render outcomes).
  • Legal obligation (tax records retained 7 years).

We do not train foundation models on your content. We do not sell your data. We do not share it with advertisers.

3. Sub-processors

Your data passes through:

  • Supabase — auth, database, file storage (Postgres + RLS).
  • Vercel — hosting for the web app and API routes.
  • DigitalOcean — droplet hosting the editorial pipeline.
  • Stripe — payment processing + subscription state.
  • ElevenLabs — speech-to-text for your audio. They do not retain your audio post-transcription.
  • Google Gemini — vision analysis on reference + b-roll frames. They do not retain your content under the Generative AI data handling terms we rely on.
  • Pexels — licensed stock footage source. We read their catalog; they don't receive your content.
  • Anthropic — Claude provides the direction + chat for edit decisions. Operated under Anthropic's enterprise data retention policy.

4. Retention

Finished renders, uploaded source material, and chat messages are retained for the lifetime of your account. Deleted when you delete your account (see §6) or when you remove individual items from the cockpit. Billing records are retained for 7 years per tax regulations.

5. Security

Data at rest is encrypted by our sub-processors. Traffic is HTTPS-only. Supabase Row-Level Security enforces per-user data isolation. Payment card numbers never touch our servers — Stripe Checkout handles that end-to-end.

6. Your rights (GDPR / CCPA)

  • Right of access: email us and we'll provide a copy of your data.
  • Right to deletion: use the "Delete account" option in /app settings, or email us. All data is deleted (some billing records retained per §4).
  • Right to correction: edit your profile in-app or email us.
  • Right to portability: we can export your data as JSON + your videos as MP4s.
  • Right to opt out of sale: we do not sell data, so there's nothing to opt out of.

7. Children

Clypmint is not intended for users under 18. If you believe a minor has created an account, email us and we will delete it.

8. Contact

parkernuttall99@gmail.com