Privacy Policy

1. Introduction

Solo Director ("Solo Director," "we," "us," or "our") provides software for creating and managing AI-assisted film and storyboard projects, including scripts, scenes, characters, locations, prompts, generated media, and related creative assets (the "Service"). This Privacy Policy explains what information we collect, how we use it, how we share it, how we store and protect it, and the choices available to you.

This Privacy Policy applies to our website, web application, and related services that link to it.

2. Information We Collect

2.1 Account and identity data

We collect or receive account information:

• Your name, email address, profile image, and authentication-provider identifiers
• Account status, preferences, and settings
• Information needed to authenticate you and keep your account secure

2.2 Project, prompt, and media data

We collect the content you create, upload, or generate in the Service, including:

• Projects, scripts, scene prompts, storyboards, characters, locations, and style guides
• Uploaded files and reference materials, including images, audio, and other media
• Generated outputs: images, videos, audio, transcripts, and related metadata
• Generation settings, usage records, timestamps, and model/output metadata needed to operate the Service

2.3 Billing and transaction data

When you purchase paid features or credits, we collect or receive:

• Subscription or purchase status, plan information, credit balances, invoices, and transaction records
• Billing contact details (your name and email address)
• Customer identifiers from our billing providers

We do not store full payment card details ourselves. Payment information is handled by our billing and payment providers.

2.4 Device, usage, and diagnostic data

When you use the Service, we automatically collect information:

• IP address, browser type, device type, operating system, timestamps, and basic request data
• Pages viewed, features used, session activity, and performance or error diagnostics
• Cookie, local storage, and similar technology data used for authentication, preferences, security, and measurement

2.5 Information from third parties

We receive information from third parties that help us operate the Service, including:

• Authentication providers you use to sign in
• Billing, payment, analytics, hosting, storage, support, and security providers
• AI and media generation providers used to process prompts and produce requested outputs

3. Google User Data and Google APIs

This section explains how Solo Director handles Google user data and Google-related services.

3.1 Google account data we access

If you choose to sign in with Google through our authentication provider, the Google scopes used for sign-in are limited to .../auth/userinfo.email and .../auth/userinfo.profile. Through that sign-in flow, we receive basic account information including your name, email address, profile image, and a Google-associated account identifier.

3.2 How we use Google account data

We use Google account data only for these account and service operations:

• Create, authenticate, and manage your account
• Display your account identity inside the Service
• Secure the Service and prevent fraud, abuse, and unauthorized access
• Support billing, support, and account-related communications

We do not maintain a separate first-party user profile database for this Google profile data. Instead, this information is primarily maintained by our authentication provider and accessed by Solo Director only when needed to operate the Service.

3.3 Google account data we do not access or use

• We do not request access to Gmail, Google Drive, Google Calendar, Google Contacts, Google Photos, or similar Google account content
• We do not sell Google user data
• We do not use Google user data from sign-in for advertising purposes
• We do not use Google user data from sign-in to train generalized AI or machine learning models

3.4 How Google account data is shared

Google account data received through sign-in is shared only with the service providers that help us operate the Service, and only for account-related purposes:

• Clerk stores and manages this information to operate sign-in and sessions
• Polar receives your name and email address when you start a paid transaction
• Tidio receives your name and email address when you use signed-in in-app support
• Amplitude receives your name and email address only if optional measurement is enabled

We do not share Google user data for advertising, sale, or unrelated third-party use.

3.5 Google AI processing

Separately from Google Sign-In, some Solo Director features use Google Cloud Vertex AI to process prompts, reference images, and other content that you submit for generation-related features. We use that processing only to provide the features you request, including prompt improvement and image or video generation.

This AI processing is distinct from access to your Google account data. It involves the content you submit to Solo Director, not data from your Gmail, Drive, Calendar, Contacts, Photos, or other personal Google services.

3.6 Google API policy

To the extent Solo Director receives and uses information from Google APIs, that use adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How We Use Information

We use personal information to:

• Provide, maintain, and improve the Service
• Create and manage accounts and authenticate users
• Store, organize, and display projects, prompts, and generated media
• Process prompts, files, and instructions through AI and media providers to generate requested outputs
• Process subscriptions, credit purchases, and related billing activity
• Provide customer support and respond to requests or feedback
• Monitor usage, troubleshoot issues, and improve reliability and product performance
• Detect, prevent, investigate, and address fraud, abuse, security incidents, and policy violations
• Comply with legal obligations and enforce our terms and policies

Where permitted by law, we also use aggregated or de-identified information to analyze and improve the Service and our business operations.

5. How We Share Information

We share personal information with the following categories of recipients:

• Authentication and identity providers (Clerk) to sign you in, manage sessions, and operate account security
• Hosting, database, storage, and infrastructure providers used to host application data and media files
• AI and media providers (Google Cloud Vertex AI, Replicate, fal.ai, ElevenLabs, and other providers enabled in the Service) to process prompts, reference files, audio, and other submitted content in order to generate requested outputs
• Billing and payment providers (Polar and its payment partners) to process purchases, subscriptions, invoicing, and customer records
• Realtime, analytics, logging, and support providers (Ably, Vercel Analytics, Axiom, Amplitude, and Tidio) to support realtime updates, diagnostics, product analytics, and customer support
• Professional advisors, authorities, and transaction counterparties, when necessary for legal compliance, protection of rights and safety, or a merger, financing, acquisition, reorganization, or similar transaction

We do not sell personal information or "share" it for cross-context behavioral advertising (as defined by the CCPA/CPRA). We do not share Google user data for advertising, cross-context behavioral profiling, or unrelated third-party purposes.

6. Data Storage and Security

We store information using systems and providers that support Solo Director, including authentication systems, application hosting, databases, file storage, billing services, analytics and logging tools, and AI infrastructure providers.

In practice, this means account identity is handled through our authentication provider, structured project data is stored in our application database, and uploaded or generated media is stored in cloud object storage. Private media access is protected through authenticated requests or time-limited signed URLs.

We use reasonable technical, administrative, and organizational safeguards designed to protect personal information, including encrypted connections, access controls, ownership checks for protected resources, logging, rate limiting on certain routes, and provider-level security measures. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Data Retention and Deletion

We retain personal information for as long as reasonably necessary to provide the Service, maintain your account, complete transactions, comply with legal obligations, resolve disputes, enforce agreements, and protect the security and integrity of the Service.

Retention periods vary based on the type of information and the reason we collected it. Application records are first marked as deleted (soft-deleted) before they are permanently removed. Associated files, system backups, logs, or billing records remain for a longer period where needed for operational, legal, fraud-prevention, security, accounting, or disaster-recovery purposes.

You can delete certain content directly from within the Service. To request deletion of your account or associated personal information, contact us at info@solo-director.xyz. We verify your request before acting on it.

8. Cookies and Similar Technologies

We use cookies and similar technologies to operate the Service, keep you signed in, remember preferences, maintain security, and measure product usage.

Some cookies are necessary for the Service to function. Where required by law, we ask for your consent before using optional measurement technologies. You can control cookies through your browser settings and, where available, our consent tools. For more information, see our Cookie Policy.

9. International Data Transfers

Your information is transferred to and processed in countries other than the one in which you reside, including countries where our service providers operate. Where required by applicable law, we take steps designed to provide appropriate safeguards for such transfers.

10. Your Rights and Choices

Depending on your location and applicable law, you may have rights to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Request deletion of personal information
• Object to or restrict certain processing
• Receive a portable copy of certain information
• Withdraw consent where processing is based on consent
• Lodge a complaint with a regulator or data protection authority

To exercise available rights, contact us at info@solo-director.xyz.

11. Legal Bases for Processing

Where required by applicable law, we process personal information on one or more of the following legal bases:

• To perform our contract with you and provide the Service
• To comply with legal obligations
• For our legitimate interests, such as operating, securing, and improving the Service
• Based on your consent, where consent is required

12. Children's Privacy

The Service is not intended for children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided personal information to us, please contact us and we will take appropriate steps to investigate and delete the information.

13. Third-Party Services

The Service contains links to third-party websites, products, or services. We are not responsible for the privacy practices of those third parties, and we encourage you to review their privacy policies before interacting with them.

14. Changes to This Privacy Policy

We update this Privacy Policy from time to time. If we make material changes, we will post the updated version on this page and update the effective date above. Your continued use of the Service after the updated Privacy Policy becomes effective means the updated Privacy Policy applies to your use of the Service.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at info@solo-director.xyz.