Clipflow← Home

Policy · Privacy

Privacy policy.

Last updated · April 13, 2026

1. Introduction

Clipflow (“we”, “our”, “us”) operates the clipflow.to website and platform. This policy explains how we collect, use, and protect your personal information.

2. Information We Collect

  • Account data: Name, email address when you sign up.
  • Content data: Videos, scripts, transcripts, and outputs you create within the platform.
  • API keys: Your AI provider keys (OpenAI, Anthropic, Google) — encrypted with AES-256-GCM at rest. We never store them in plaintext.
  • Usage data: Pages visited, features used, generation counts — for product improvement.
  • Payment data: Handled entirely by Stripe. We never store credit card numbers.

3. How We Use Your Information

  • To provide and improve the Clipflow platform.
  • To route AI generation requests through your API keys to your chosen provider.
  • To send transactional emails (account verification, password resets, review notifications).
  • To enforce usage limits based on your subscription plan.

4. BYOK (Bring Your Own Key)

When you provide an AI provider API key, it is encrypted using AES-256-GCM before storage. API calls are made server-side directly to your chosen provider. We do not log, inspect, or store the content of AI requests or responses beyond what is necessary to display your generated outputs.

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Supabase: Database and authentication hosting.
  • Vercel: Application hosting.
  • Stripe: Payment processing.
  • Resend: Transactional email delivery.
  • Your AI provider: OpenAI, Anthropic, or Google — only the content you submit for generation.

6. Data Retention

Your content and outputs are retained as long as your account is active. You can delete individual content items at any time. If you delete your account, all associated data is permanently removed within 30 days.

7. Security

We use industry-standard security measures including HTTPS encryption in transit, AES-256-GCM encryption for API keys at rest, Row Level Security (RLS) in our database, and regular security audits.

8. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to access, correct, delete, or export your personal data. Contact us at privacy@clipflow.to to exercise these rights.

9. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies. See our cookie consent banner for more details.

10. Changes

We may update this policy. Significant changes will be communicated via email or in-app notification.

11. Contact

Questions? Email us at privacy@clipflow.to.