Privacy Policy

Last updated: January 2026

1. Information We Collect

We collect the following information when you use PIPPA:

  • Account information: Name, email address, and password (hashed)
  • Content: Projects, characters, screenplays, and generated media you create
  • Usage data: Feature usage counts, generation counts, and associated costs
  • Technical data: Browser type, device information, IP address, and page URLs
  • Payment information: Processed securely through Stripe — we do not store card details
  • Feedback: Any feedback, bug reports, or feature requests you submit

2. How We Use Your Information

  • To provide and maintain the Service
  • To process your content through AI generation services
  • To manage your account and subscription
  • To enforce usage limits and prevent abuse
  • To send transactional emails (password resets, billing)
  • To improve the Service based on usage patterns and feedback
  • To respond to support requests

3. Third-Party Services

We use the following third-party services to operate PIPPA. Your data may be shared with these providers as necessary to deliver the Service:

  • OpenAI — Text generation, vision analysis, and audio transcription
  • FAL.ai — Image generation and audio processing
  • Luma Labs — Video generation
  • Stripe — Payment processing
  • Resend — Transactional email delivery
  • Vercel — Application hosting and analytics
  • Cloudflare R2 — Media file storage
  • Upstash — Rate limiting and caching

Each of these providers has their own privacy policies governing how they handle data. We encourage you to review their policies.

4. Cookies

We use cookies strictly for authentication (session tokens). We do not use advertising or tracking cookies. Vercel Analytics collects anonymous usage data without cookies.

5. Data Storage & Security

Your data is stored in a PostgreSQL database hosted in the United States. Media files are stored in Cloudflare R2. We use industry-standard security measures including encrypted connections (TLS), hashed passwords (bcrypt), and secure authentication tokens.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data and content within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records).

During the alpha period, data retention policies may change. We will notify users of any material changes.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Delete your account and associated data
  • Export your project data
  • Object to certain data processing activities

To exercise any of these rights, contact us at privacy@gopippa.ai.

8. Children's Privacy

PIPPA is not intended for children under 13. We do not knowingly collect information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that data.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting a notice in the Service or sending an email. Your continued use after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this privacy policy, please contact us at privacy@gopippa.ai.