Privacy Policy

Version 2026-06-15

TEMPLATE — this document must be reviewed and finalized by legal counsel before public launch. It describes current data practices for transparency but is not yet a binding legal notice.

Data we collect

Account data (name, email), authentication data (password hashes, session tokens), the content you create and the options you select, generated media, and billing records (we never store card numbers — payments are processed by Stripe).

Subprocessors

To generate content we send your inputs to third-party AI providers (Anthropic, OpenAI, Google, ElevenLabs), and we use Stripe (payments), Resend (email), and AWS (hosting/storage). Do not submit sensitive personal, health, or regulated data — the service is not HIPAA-covered.

Your rights

You can access and export your data, and permanently delete your account (Settings → Delete Account), which erases your personal data, generated media, and payment-processor profile. For requests, contact privacy@dilr.studio.

Retention

We retain account and content data while your account is active and delete it on account deletion, subject to legal/accounting retention of invoices and security audit logs.