Privacy Policy

AI FILMS Studio (Wyoming, USA) gathers account, billing, telemetry, and creative-content data to run its subscription and influencer platform. We process that data on the lawful bases of contract, legitimate interest, or consent. EU/UK users get full GDPR rights; U.S. users get CCPA/CPRA and other state rights. Card data is handled exclusively by Stripe, a PCI-DSS–certified processor. Children under 13 are barred from signup to comply with COPPA. Our cancellation flow follows the FTC's 2024 "Click-to-Cancel" rule.

1. Who We Are
2. Scope
3. Definitions
4. What Data We Collect
5. Legal Bases & Purposes
6. Model-Specific Disclosures
7. Cookies & Similar Tech
8. Marketing
9. Sharing & Processors
10. International Transfers
11. User Rights
12. Data Retention
13. Children's Privacy
14. Security
15. Changes
16. Contact

1. Who We Are

• Controller: AI FILMS Studio, LLC

Email: help@studio.aifilms.ai

2. Scope

Applies to:

Public website, Studio web-app, iOS/Android/desktop clients
All subscription tiers & influencer accounts
Marketing emails, referral links, and support tickets

Not covered: external sites we merely link to.

3. Definitions

Terms such as "Personal Data," "Processing," "Controller," "User," and "Visitor" follow GDPR Art. 4 definitions.

4. What Data We Collect

Category	Examples	Source
Account	name, email, username, password hash	user-supplied
Payment	last-4 digits, card type, Stripe customer ID	Stripe webhooks
Usage / Telemetry	IP, device, clicks, generation logs	automatic
AI Creations	prompts, uploads, rendered output	user
Cookies / Pixels	session ID, analytics UID	browser

We do not intentionally collect special-category data; if you upload it, you do so voluntarily.

5. Legal Bases & Purposes

Purpose	Legal Basis (GDPR Art 6)	Details
Provide & bill the service	Contract (b)	create account, process subscriptions
Fraud & security logging	Legit. interest (f)	protect users & platform
Marketing newsletters	Consent (a)	opt-in; can unsubscribe any time
Analytics & product improvement	Legit. interest (f)	aggregated stats; feature R&D

6. Model-Specific Disclosures

Midjourney Prompt Parameters – Prompts containing disallowed flags (listed in the generator UI) are rejected; any failures for that reason are not refunded.

7. Cookies & Similar Tech

We use functional cookies and analytics cookies (Google Analytics, Hotjar). EU/UK visitors see a consent banner that blocks analytics until opt-in.

You can disable cookies in your browser; some features may break.

8. Marketing

We may send product updates and referral promotions. Opt out via profile settings or the unsubscribe link. We do not sell personal data to third-party advertisers.

10. International Transfers

Data is stored in the U.S. and may be transferred internationally. For EU/UK data we rely on Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework.

11. User Rights

Region	Core Rights
EU/UK (GDPR)	access, rectification, erasure, restriction, portability, objection, automated-decision review
California (CCPA/CPRA)	know, delete, correct, opt-out of "sharing," limit sensitive data
Other U.S. States (CO, VA, CT etc.)	similar opt-out + appeal rights

Request via help@studio.aifilms.ai or in-app form; we respond within 30 days (extendable to 60 days for complex cases).

12. Data Retention

Account data: active + 6 years for tax/audit
Usage logs: 24 months then aggregated
AI creations: until user deletes or 180 days post-account closure

13. Children's Privacy

Service not directed to under-13s; we block age-restricted features for users under 18. COPPA compliance: no collection of under-13 personal info.

14. Security

Controls: TLS 1.3, AES-256 at rest, RBAC, annual pen-tests, 24/7 monitoring.

We notify users and regulators within 72 hours of a data breach (GDPR Art 33).

15. Changes

We may update this Policy; material changes are announced via email/banner. Continued use = acceptance.

16. Contact

Email: help@studio.aifilms.ai

EU Representative: to be appointed – this Policy will be updated when available.

Data-Protection Officer: Not required at current scale; will appoint if thresholds in GDPR Art 37 are met.

Privacy Policy

Table of Contents

1. Who We Are2. Scope3. Definitions4. What Data We Collect5. Legal Bases & Purposes6. Model-Specific Disclosures7. Cookies & Similar Tech8. Marketing9. Sharing & Processors10. International Transfers11. User Rights12. Data Retention13. Children's Privacy14. Security15. Changes16. Contact

1. Who We Are

• Controller: AI FILMS Studio, LLC

Email: help@studio.aifilms.ai

2. Scope

Applies to:

Public website, Studio web-app, iOS/Android/desktop clientsAll subscription tiers & influencer accountsMarketing emails, referral links, and support tickets

Not covered: external sites we merely link to.

3. Definitions

Terms such as "Personal Data," "Processing," "Controller," "User," and "Visitor" follow GDPR Art. 4 definitions.

4. What Data We Collect

We do not intentionally collect special-category data; if you upload it, you do so voluntarily.

5. Legal Bases & Purposes

6. Model-Specific Disclosures

Midjourney Prompt Parameters – Prompts containing disallowed flags (listed in the generator UI) are rejected; any failures for that reason are not refunded.

7. Cookies & Similar Tech

We use functional cookies and analytics cookies (Google Analytics, Hotjar). EU/UK visitors see a consent banner that blocks analytics until opt-in.

You can disable cookies in your browser; some features may break.

8. Marketing

We may send product updates and referral promotions. Opt out via profile settings or the unsubscribe link. We do not sell personal data to third-party advertisers.

9. Sharing & Processors

• Stripe – payment processing (PCI DSS compliant)• AWS / GCP – cloud hosting• OpenAI / Anthropic / Stability – AI inference APIs• Analytics – Google Analytics, Hotjar

All vendors sign Data-Processing Agreements and receive only data essential to their function.

10. International Transfers

Data is stored in the U.S. and may be transferred internationally. For EU/UK data we rely on Standard Contractual Clauses and, where applicable, the EU-U.S. Data Privacy Framework.

11. User Rights

Request via help@studio.aifilms.ai or in-app form; we respond within 30 days (extendable to 60 days for complex cases).

12. Data Retention

Account data: active + 6 years for tax/auditUsage logs: 24 months then aggregatedAI creations: until user deletes or 180 days post-account closure

13. Children's Privacy

Service not directed to under-13s; we block age-restricted features for users under 18. COPPA compliance: no collection of under-13 personal info.

14. Security

Controls: TLS 1.3, AES-256 at rest, RBAC, annual pen-tests, 24/7 monitoring.

We notify users and regulators within 72 hours of a data breach (GDPR Art 33).

15. Changes

We may update this Policy; material changes are announced via email/banner. Continued use = acceptance.

16. Contact

Email: help@studio.aifilms.ai

EU Representative: to be appointed – this Policy will be updated when available.

Data-Protection Officer: Not required at current scale; will appoint if thresholds in GDPR Art 37 are met.

Public website, Studio web-app, iOS/Android/desktop clients
All subscription tiers & influencer accounts
Marketing emails, referral links, and support tickets

• Stripe – payment processing (PCI DSS compliant)
• AWS / GCP – cloud hosting
• OpenAI / Anthropic / Stability – AI inference APIs
• Analytics – Google Analytics, Hotjar

Account data: active + 6 years for tax/audit
Usage logs: 24 months then aggregated
AI creations: until user deletes or 180 days post-account closure