Privacy Policy

1. Information We Collect

We collect information to provide better services to all our users. The types of information we collect include:

• Account Information: When you register, we collect your name, email address, password hash, and preferences.
• Billing Data: Paid plan transactions are handled directly and securely through Paystack. We do not store your raw credit card numbers or banking credentials on our servers. We only store transaction references, status, and subscription tier records.
• Media & Content: We ingest and process the long-form video files and YouTube URLs you submit to generate short-form clips. We also store transcripts, captions, and rendering settings.
• Log Data & Cookies: We record usage metrics, requests, client IP addresses, browser information, and use secure cookies (`__Host-`/`__Secure-`) to authenticate sessions.

2. How We Use Your Information

We use the collected information for the following purposes:

• To provide, operate, maintain, and improve our video processing pipeline.
• To process payments and manage subscriptions.
• To contact you regarding account updates, transactional notices, security alerts, and support requests.
• To enforce our terms, prevent fraud or abuse, and maintain overall platform security.

3. Information Sharing and Disclosure

We do not sell or lease your personal information to third parties. We share your information only in the following limited circumstances:

• Service Providers: We share data with third-party service providers who assist us in operating our platform, specifically:
  • Paystack for billing and subscription processing.
  • AWS (Amazon Web Services) for secure file hosting and storage.
  • AI Model Providers (e.g., OpenAI, Whisper APIs, Deepgram) to transcribe and analyze transcripts. Only transcripts or media files required for parsing are sent to these APIs.
• Legal Compliance: We may disclose information if required to do so by law, court order, or government request.

4. Security of Your Data

ArchonFlow employs robust, industry-standard security measures to safeguard your personal data and uploaded content. This includes:

• Hashing passwords using bcrypt.
• Session security utilizing RS256 JWT tokens transmitted over secure, httpOnly cookies.
• Comprehensive rate limiting, input validation, and object-level ownership authorization guards.
• Structured audit logging and regular component security scanning (Trivy scans).

5. Data Retention & Deletion

We retain your account profile information for as long as your account is active. Media files, transcripts, and generated vertical clips are retained temporarily on our servers and Amazon S3. Inactive or orphaned video/clip directories are periodically cleaned up by our database-aware background cleanup task. You can initiate account deletion at any time, which permanently removes all database records and associated media assets.

6. Your Rights

Depending on your location, you may have specific data rights, including:

• The right to access and receive a copy of your personal data.
• The right to rectify inaccurate or incomplete information.
• The right to request deletion of your data.
• The right to object to or restrict certain processing activities.

To exercise any of these rights, please contact us at [email protected].

7. Cookies Policy

We use cookies solely for operational and authentication purposes. These are secure, session-based cookies that allow our backend to authenticate your requests. We do not use third-party tracking or advertising cookies.

8. Contact Information

If you have any questions or concerns about this Privacy Policy, please contact Joshua Okai Mensah via LinkedIn or at [email protected].