Privacy Policy

We collect what we need to run the editor and bill you for it. We don't sell your data, and we don't train AI models on your uploads or prompts. Your projects, footage, and generated assets stay in your workspace until you delete them.

Account information. Email address, display name, and any profile data you choose to add. Authentication is handled by Clerk; passwords never reach our servers.

Billing information. Stripe collects and stores your payment method on its own infrastructure. We see only the last four digits, card brand, billing address (if collected at checkout), and Stripe's own customer / subscription identifiers — never the full card number.

Project data. Media you upload (video, audio, images), prompts you submit for AI generation, generated outputs, project metadata (timeline edits, exports), and Liveblocks collaboration state.

Operational logs. Standard server logs (timestamps, IP address, route, status code) for debugging and abuse prevention. Retained for 30 days unless required longer for security investigation.

To deliver the Service: render projects, generate AI media, sync collaboration state, store and serve uploads, send transactional emails (invitations, receipts).

To bill you: charge subscriptions, process top-ups, handle refunds and disputes via Stripe.

To keep the Service safe: detect abuse, comply with legal requests, investigate and respond to security incidents.

To improve the Service: aggregate, anonymized usage analytics — never individual user behavior tied to identity.

We share the minimum data required with the following third parties to operate the Service. Each is bound by their own privacy and security agreements:

• Vercel — hosts our application.
• Neon — Postgres database (account + project metadata).
• Cloudflare R2 — object storage for uploads and renders.
• Cloudflare Stream — adaptive video encoding.
• Modal — GPU compute for cloud renders.
• Clerk — authentication and identity.
• Liveblocks — multi-user collaboration sync.
• Stripe — payment processing and billing.
• Fal.ai — AI video and image generation (Seedance, Kling, Nano Banana, GPT Image).
• Anthropic — Claude API for the in-editor chat panel.
• Resend — transactional email delivery.

When you submit an AI generation, the prompt and any reference images are forwarded to the relevant model provider (Fal.ai or Anthropic). These providers process the request to return the generation; refer to their privacy policies for their own retention and use practices.

We do not train AI models on your uploads, prompts, or generated outputs. We do not sell your personal data to advertisers or data brokers. We do not run third-party tracking pixels, ad networks, or behavioral retargeting on authenticated surfaces of the Service.

The marketing site (/landing) may use lightweight first-party analytics to measure conversion of the pricing flow. No data from the editor is shared with the marketing analytics.

Your projects and uploaded media remain in your workspace for as long as your account is active. If you cancel your subscription, content is retained for 90 days to allow re- subscription, then permanently deleted. If you delete an individual project, it is removed from your workspace immediately and from backups within 30 days.

Billing records (invoices, payment history) are retained for 7 years to comply with US tax and accounting requirements. Account email addresses are retained until you request deletion.

You can:

• Access and edit your profile data inside the Service;
• Download or copy any of your projects and uploaded media at any time;
• Cancel your subscription via the Stripe Customer Portal;
• Request deletion of your account and all associated data by emailing hello@timecut.app — we honor verified requests within 30 days.

If you are in the EU, UK, or California, you have additional rights under GDPR / UK GDPR / CCPA, including the right to object to processing and the right to receive your data in a portable format. Email us to exercise any of these rights.

We use only essential cookies — session tokens for authentication, CSRF protection, and feature-flag state. No advertising cookies, no cross-site tracking, no third-party analytics on authenticated surfaces. Third-party cookies set by Stripe and Clerk are scoped to those providers' own domains and required for their respective integrations.

Data in transit is encrypted via TLS. Data at rest in Cloudflare R2 and Neon is encrypted with provider-managed keys. Access to production systems is gated by 2FA and limited to operations personnel. We follow industry-standard practices for vulnerability response and disclose incidents affecting user data within 72 hours of confirmation.

Material changes to this policy will be announced by email at least 14 days before they take effect. The "Last updated" date at the top reflects the most recent revision.

Questions, requests, or concerns? hello@timecut.app. For service status, see /status.