Privacy Policy

We use the information we collect for the following purposes:

• To provide, operate, and maintain the AI video and image generation Services
• To process your content (photos, prompts) through third-party AI models to generate videos and images
• To process requests through selected AI processing providers in our generation pipeline
• To process face data contained in uploaded photos or images, with your in-app consent, solely to generate the video or image you request
• To manage your account, credits balance, and subscription
• To send transactional notifications (generation complete, credit usage, etc.)
• To improve, optimize, and develop new features for the App
• To analyze anonymized usage patterns and app performance
• To measure advertising campaign effectiveness and attribution
• To detect, prevent, and address fraud, abuse, or technical issues
• To comply with applicable legal obligations
• To respond to your support requests and communications

How Your Content Is Processed: When you use the App to generate videos or images, your uploaded photos and text prompts are sent to third-party AI model providers for processing through our generation pipeline.

Data Storage: Your uploaded content and generated outputs are stored securely in our cloud infrastructure, including Supabase-hosted storage. We retain this data to provide you with access to your generation history and to enable re-downloads.

No AI Training: We do not use your photos, prompts, or generated content to train any AI models. Your content is used solely for the purpose of fulfilling your generation requests.

Facial & Biometric Data: If you upload a photo or image containing a face, the face data visible in that content is processed only to create the AI video or image you request. This may include detecting, aligning, tracking, mapping, and transforming facial regions, features, and geometry that appear in the uploaded content so the generation pipeline can render the requested output.

Consent for Face Data Processing: We obtain your consent in the App before processing uploaded photos or images that contain faces. If you do not consent to this processing, do not upload content containing faces.

No Identification or Face Templates: We do not use face data for identity verification, authentication, surveillance, or marketing. We do not extract, store, or create biometric identifiers, faceprints, templates, or vectors for the purpose of identifying a person, and we do not use face data to train AI models.

Face Data Sharing, Storage, and Retention: Face data contained in uploaded photos or images is shared only with service providers needed to operate the generation request, including Supabase for cloud storage and AI processing providers including Fal.ai and downstream model providers for inference. Face data is stored only as part of the source image you upload and any generated output saved to your account; we do not maintain a separate facial recognition or biometric database. Face data is retained under the same schedule as your uploaded content and generated outputs described in Sections 5, 6, and 7. If you are a resident of a jurisdiction with biometric data protection laws such as Illinois, Texas, or Washington, please review your rights before uploading photos containing faces.

Third-Party AI Provider Terms: Content sent to third-party AI providers is subject to their respective data processing policies. We select providers that commit to not training on user-submitted content, but we encourage you to review their individual privacy policies.

We implement industry-standard security measures to protect your data, including:

• Encryption of all data in transit using TLS/SSL
• Encryption of data at rest in our cloud storage
• Row-level security policies on all database records
• Strict access controls and authentication for internal systems
• Regular security reviews of our infrastructure

Your content (photos, prompts, generated videos) is stored securely and is never shared with third parties for marketing or advertising purposes. Certain non-content data (such as device identifiers and usage data) may be shared with advertising and analytics partners as described in Section 6. No method of electronic storage or transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

If your uploaded content contains a face, that face data remains embedded only within the uploaded media and any generated output stored in our cloud infrastructure. We do not keep a separate repository of biometric templates or face identifiers.

We do not sell, rent, or trade your personal information to third parties. We share data only with the following categories of service providers, solely to operate the Services:

• Supabase: Database hosting and anonymous user authentication
• AI Processing Providers (including Fal.ai and downstream model providers): Processing your content for video and image generation
• RevenueCat: Subscription management and purchase validation (we do not directly handle payment card details)
• Advertising & Attribution Partners: We use third-party advertising measurement and mobile attribution services to understand how users discover and interact with the App. These partners may collect device identifiers, anonymous user IDs, and product interaction data for advertising measurement and campaign attribution purposes
• OneSignal: Push notification delivery and engagement tracking
• Sentry: Error tracking and crash reporting

Face data contained in uploaded photos or images is not sold and is not shared with our advertising or analytics partners. It is shared only with the service providers that help us store your content and process the AI generation request.

We may also disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, safety, or property of TFP Labs, our users, or the public.

We retain your personal information and content for as long as your account is active or as needed to provide the Services. Specifically:

• Account data: Retained until you delete your account or request deletion.
• Generated content: Stored until you delete it or your account is terminated.
• Face data in uploaded content: Retained only as part of the photo or image you upload and any generated outputs associated with that request. We do not retain separate biometric templates or face identifiers. This content is stored until you delete it or your account is terminated.
• Usage analytics: Aggregated and anonymized data may be retained indefinitely for product improvement purposes.
• Transaction records: Retained as required by applicable tax and accounting laws.

Upon account deletion, we will remove your personal information and content within 30 days, except where retention is required by law.

Our website (www.pixreel.io) may use cookies and similar technologies to enhance your browsing experience. These include:

• Essential cookies: Required for website functionality (e.g., session management).
• Analytics cookies: Used to understand how visitors interact with our website (via PostHog). This data is anonymized and not linked to your App account.

You can control cookie preferences through your browser settings.

Mobile App Tracking: The App integrates third-party services that may collect device identifiers and usage data for advertising measurement and attribution. You can limit ad tracking through your device settings (iOS: Settings > Privacy > Tracking; Android: Settings > Privacy > Ads). When you opt out of tracking via your device settings, these services will respect your preference.

Do Not Track Signals: Some browsers offer a "Do Not Track" ("DNT") setting. There is currently no universally accepted standard for how companies should respond to DNT signals. At this time, we do not respond to DNT browser signals. For mobile tracking preferences, please use your device's built-in privacy controls as described above.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data and account.
• Restriction: Request that we restrict processing of your data.
• Portability: Request a machine-readable copy of your data.
• Objection: Object to processing based on legitimate interests.
• Withdraw Consent: Withdraw previously given consent at any time.

To exercise any of these rights, contact us at support@pixreel.io. We will respond to your request within 30 days.

The App is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 years of age in the United States. Users between 16 and 18 years of age (or the age of majority in their jurisdiction) must have parental or guardian consent to use the App. Parents and guardians are responsible for monitoring their minor's use of the Services.

If we discover that we have inadvertently collected personal information from a child under 13 (or under 16 in the EEA), we will take prompt steps to delete such information from our systems.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at support@pixreel.io so we can take appropriate action to delete such information.

If you are a California resident, you have additional rights under the CCPA:

• Right to know what personal information is collected, used, and shared
• Right to request deletion of your personal information
• Right to opt out of the sale of personal information
• Right to non-discrimination for exercising your privacy rights

We do not sell your personal information to third parties. To exercise your CCPA rights, contact us at support@pixreel.io.

If you are in the European Economic Area (EEA) or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR). Our legal bases for processing your information include:

• Contract performance: Processing necessary to provide the Services you requested.
• Legitimate interests: Improving our Services, preventing fraud, and ensuring security.
• Consent: Where you have given explicit consent for specific processing activities, including the processing of uploaded photos or images containing faces.
• Legal obligation: Where processing is required to comply with applicable law.

You may file a complaint with your local data protection authority if you believe we have violated your privacy rights under the GDPR.

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

Email: support@pixreel.io

TFP Labs
PixReel