Privacy Policy

Last updated: 20 February 2026

Welcome to AI Video Studio Pro. We are committed to protecting your personal data and respecting your privacy.

1. Data Controller

AI Video Studio Pro is operated by the AI Video Studio Pro Team, based in Ljubljana, Slovenia. For any privacy-related questions or to request our full legal entity details, you can contact us at info@aivideostudiopro.com.

2. Data We Collect, Usage & Legal Basis

We collect and process your data based on the following legal grounds (GDPR Art. 6). We strictly do NOT use your user content (prompts, scripts) to train our AI models.

  • Account Data: Email address and user ID from Clerk.
    Legal Basis: Performance of a Contract (to provide the service).
  • API Keys: Encrypted OpenRouter keys (AES-256-GCM).
    Legal Basis: Performance of a Contract (optional feature you enable).
  • User Content: Projects, scripts, and prompts (stored as encrypted blobs if encryption is enabled).
    Legal Basis: Performance of a Contract.
  • Usage Data: Anonymous metrics.
    Legal Basis: Legitimate Interest (to improve our product).

3. Data Retention

We retain your personal data only as long as necessary:

  • Account Data: Retained as long as your account is active. Deleted within 30 days of account closure.
  • User Content: Retained until you delete it or your account is closed.
  • API Keys: Deleted immediately upon your request or account closure.

4. International Data Transfers

Some of our processors (Clerk, Vercel, Stripe, OpenRouter) are based in the United States. We ensure your data is protected through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Participation in the EU-US Data Privacy Framework (where applicable).

5. Data Sharing and Processors

We use trusted third-party service providers to help us operate our business:

  • Clerk: For authentication and user management.
  • Supabase: For database hosting and storage.
  • Stripe: For potential future payment processing (currently inactive for Free Beta).
  • Vercel: For hosting the application.
  • AI Providers (OpenRouter): Your prompts are sent to these providers to generate content. Please refer to their respective privacy policies.

6. Data Security & End-to-End Encryption

We implement robust security measures, including encryption at rest and in transit, to protect your personal information.

  • Standard Security: All data is encrypted in transit (HTTPS) and at rest in our database.
  • User-Managed Encryption: We offer an optional secure mode. If enabled, your project data (scripts, prompts) is encrypted using a key that you control. This key is stored locally on your device and transmitted securely to our servers only for the duration of your session (via HTTP-only cookies) to allow necessary processing. We do not permanently store your encryption key in our database, meaning we cannot recover your encrypted content if you lose your key.

7. Your Rights (GDPR)

Under the GDPR, you have the right to access, correct, delete, or export your personal data. You can perform most of these actions directly from your "My Account" page, or request permanent deletion of your account and all associated data.

8. Right to Lodge a Complaint

If you believe we are processing your personal data in violation of the GDPR, you have the right to lodge a complaint with the supervisory authority in Slovenia: Informacijski pooblaščenec (Information Commissioner).

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.