Privacy Policy

Account information. When you create an account, we collect your name, email address, company name, and authentication credentials. If you upgrade to a paid plan, our payment processor (Stripe) collects payment details on our behalf; we never store complete card numbers on our servers.

Customer Content. Brand assets, b-roll, audio, scripts, hooks, and Reels you upload, generate, or schedule through the Service. We store this content on secure cloud infrastructure (Cloudflare R2 and Hetzner Cloud) for the duration of your subscription plus 30 days post-cancellation.

Third-party platform credentials. When you connect TikTok, Instagram, Facebook, X, LinkedIn, YouTube, or other social platforms, we receive OAuth tokens that authorize us to publish on your behalf. We do not receive or store your social platform passwords.

Usage data. We collect aggregated, anonymized usage data via Cloudflare Web Analytics — page views, referrers, country, browser type. Cloudflare Web Analytics does not use cookies and does not track individual users across sites.

Communications. When you email us or submit a contact form, we collect the contents of your message and your contact details.

We use the information we collect to:

• Provide, maintain, and improve the Service;
• Generate content using AI models (text, images, video, voice) at your direction and based on inputs you provide;
• Schedule and publish content on your behalf to third-party platforms you authorize, including TikTok, Instagram, Facebook, X, LinkedIn, and YouTube;
• Process payments, send invoices, and prevent billing fraud;
• Send service-related communications (account notifications, billing receipts, security alerts);
• Respond to your support requests;
• Aggregate anonymized usage data to understand product performance and inform improvements;
• Comply with applicable legal obligations.

We do not sell your personal information. We do not use your Customer Content to train AI models, and we do not share Customer Content with third parties except as required to deliver the Service or as described in this Policy.

The Service uses third-party AI providers to generate content on your behalf. When you use the Service, content you provide (such as hooks, scripts, brand assets, and seed images) is transmitted to one or more of the following providers under their respective data processing terms:

• Anthropic (Claude models) — text generation. See anthropic.com/privacy.
• OpenAI (GPT-image-2 and other models) — image generation and (where applicable) voice synthesis. See openai.com/policies/privacy-policy.
• fal.ai — image-to-video and video generation orchestration (including ByteDance Seedance and Kling models). See fal.ai/privacy.

We negotiate data processing agreements with each provider. Where supported, we opt out of using your content to train provider models. Output from these providers is returned to the Service for your review and approval before any publishing occurs.

When you authorize the Service to connect to a third-party platform (TikTok, Instagram, Facebook, X, LinkedIn, YouTube, Metricool, etc.), we transmit only the content and metadata necessary to schedule and publish on your behalf:

• Approved Reel video files, captions, and post metadata (scheduled time, target platform, hashtags);
• Performance metrics retrieval (impressions, engagement, reach) for analytics in your dashboard.

Each integrated platform has its own privacy policy governing how it uses data we send. You can review and revoke any integration through your account settings or directly through the platform.

For TikTok specifically: when you connect your TikTok account, we receive scoped OAuth tokens limited to content publishing and analytics retrieval. We do not access your TikTok messages, contacts, or other personal data.

We use a minimal set of strictly necessary cookies for authentication and session management on the customer dashboard. The marketing site at https://reelsengine.io does not use third-party advertising trackers.

We use Cloudflare Web Analytics, which is cookieless and does not track individual users across sites. See our Cookie Policy for details.

We retain personal information only as long as necessary for the purposes described in this Policy:

• Account information: retained for the lifetime of your account plus seven years for billing and tax records as required by US law.
• Customer Content: retained for the lifetime of your active subscription plus 30 days post-cancellation, after which it is permanently deleted.
• Usage data: retained in aggregated, anonymized form indefinitely.
• Support communications: retained for two years for quality and training purposes.

Depending on your location, you may have rights under applicable data protection laws (including the EU General Data Protection Regulation, the UK Data Protection Act, and the California Consumer Privacy Act):

• Access the personal information we hold about you;
• Correct inaccurate or incomplete personal information;
• Delete personal information (subject to legal retention requirements);
• Port your data to another service in a structured, machine-readable format;
• Restrict or object to processing in certain circumstances;
• Opt out of marketing communications at any time.

To exercise any of these rights, email [email protected]. We will respond within 30 days. We do not sell personal information, so opting out of sale is not applicable.

We implement industry-standard technical and organizational security measures to protect your information, including:

• TLS encryption for data in transit;
• AES-256 encryption for sensitive data at rest;
• Role-based access controls and least-privilege account provisioning;
• Audit logging of administrative actions;
• Regular security reviews of our infrastructure and dependencies.

No security measure is perfect. If you believe your account has been compromised, contact us immediately at [email protected].

Our infrastructure is located in the United States and the European Union. If you access the Service from outside these regions, your information may be transferred internationally. For transfers from the European Economic Area, the United Kingdom, or Switzerland, we rely on Standard Contractual Clauses approved by the relevant authorities to ensure adequate protection.

The Service is intended for use by adults age 18 or older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at [email protected] and we will delete it promptly.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by a prominent notice within the Service. The date of the most recent update is shown at the top of this page.

For questions about this Privacy Policy, your information, or your rights, contact our privacy team at [email protected] or write to Voltage Holdings, LLC, 30 N Gould St Ste R, Sheridan, WY 82801.