Privacy Policy
Effective date: March 29, 2026 · Last updated: March 29, 2026
Welcome to Filmaro (bundle ID: org.reels.wizard), an AI-powered photo and video creation application. This Privacy Policy explains how the Filmaro Team ("we," "us," or "our") collects, uses, stores, shares, and protects your information. By using Filmaro, you consent to the practices described herein.
1. Information We Collect
1.1 Account Information
When you sign up via email, Google, or Apple sign-in, we collect:
- Email address
- Display name
- Profile avatar URL (if provided by your sign-in provider)
- Authentication provider type (email, Google, or Apple)
- Firebase unique identifier
1.2 Profile Information
During onboarding or in settings, you may optionally provide:
- Age
- Gender (male, female, or other)
- Interests (e.g., marketing, blogger, business)
This information is used solely to personalize your experience (e.g., show relevant templates).
1.3 User Content — Photos and Videos
To provide AI-based editing features, we process the photos and videos you upload. This includes:
- Facial imagery — used for AI portrait generation, face swap, collage creation, and dance video creation. Your facial features are sent to third-party AI services for processing.
- Product images — used for product poster and UGC video generation.
Important: We process facial imagery as biometric data under applicable laws (such as GDPR Article 9 and Illinois BIPA). By uploading photos containing your face, you provide explicit consent for this processing. You may withdraw consent at any time by deleting your account.
1.4 Transaction and Subscription Data
- Credit balance and transaction history (credits spent, earned, refunded)
- Subscription type (Free, Pro, Premium), status, and renewal dates
- Purchase receipts from Apple App Store or Google Play Store (we do not receive or store your payment card details)
1.5 Project and Generation Data
- Records of projects you create (template used, category, status, timestamps)
- Generation job metadata (processing status, error logs for debugging)
- Generated result URLs (stored in our cloud storage)
1.6 Usage Analytics and Device Information
We collect anonymized data to improve the App:
- Features used and frequency of use
- Session duration and interaction patterns
- Crash reports and error logs
- Device model, operating system version, app version
- Language and region settings
- Unique device identifiers (for analytics only)
2. How We Use Your Data
- Service delivery: Process your photos and videos through AI pipelines to generate portraits, collages, dance videos, UGC content, and product posters.
- Account management: Manage your account, subscriptions, credits, and billing.
- Personalization: Show relevant templates based on your age, gender, and interests.
- Improvement: Analyze usage patterns, diagnose bugs, and improve AI quality.
- Communication: Send service updates, security alerts, and support responses.
- Legal compliance: Fulfill legal obligations and enforce our Terms of Service.
We do not use your photos, videos, or facial data to train AI models. Your content is processed solely to deliver your requested generation and is not used for any other purpose.
3. Third-Party Services and Data Sharing
We share data with the following trusted third parties, each with its own privacy policy:
| Service | Purpose | Data Shared |
|---|---|---|
| Firebase (Google) | Authentication, crash reporting, analytics | Email, device info, crash logs |
| fal.ai | AI image/video generation (Flux, Kling, Veo3, AURA-SR, Florence-2) | User photos, product images, prompts |
| FASHN.ai | AI face swap (Model Swap) | User facial photos, template images |
| OpenAI | Content analysis, prompt generation, UGC script writing | Product images, template images, text prompts |
| Google Gemini | Face swap, collage generation, translation | User photos, template images, text prompts |
| Supabase | Database and file storage | All account data, generated results |
| Fly.io | API server hosting | All data processed by the API |
| Apple / Google | Subscription and payment processing | Purchase receipts (no card data) |
We do not sell your personal data to any third party. Data is shared only as necessary to provide the App's services.
4. International Data Transfers
Our servers and third-party services are located in the United States and other countries. If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data protection laws, your data will be transferred internationally. We rely on Standard Contractual Clauses (SCCs) and your explicit consent for biometric data processing.
5. Data Storage and Security
- All data transmission uses TLS/SSL encryption.
- Account data is stored in a secured PostgreSQL database.
- Generated files are stored in cloud storage with authenticated access.
- API server access is restricted with authentication tokens and role-based access control.
- Third-party AI services process your content in real time and do not retain it after processing (per their respective policies).
No system is 100% secure. While we implement industry-standard protections, we cannot guarantee absolute security.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until account deletion + 30 days for complete removal |
| Uploaded photos/videos | Temporary — deleted from processing servers within 24 hours |
| Generated results | Stored until you delete them or your account |
| Credit transactions | 24 months for accounting and dispute resolution |
| Subscription records | As required by law and app store policies |
| Usage analytics | Anonymized, up to 24 months |
| Crash reports | Up to 12 months |
7. Your Rights
Depending on your jurisdiction (GDPR, CCPA, and other applicable laws), you have the right to:
- Access — request a copy of your personal data.
- Deletion — request deletion of your account and all associated data. You can also delete your account directly in the App (Settings > Delete Account).
- Portability — request your data in a machine-readable format.
- Correction — request correction of inaccurate data.
- Objection / Restriction — object to or restrict certain processing activities.
- Withdraw Consent — withdraw consent for biometric data processing at any time by deleting your account or contacting us.
- Do Not Sell (CCPA) — we do not sell personal information.
To exercise your rights, email filmaro.app@gmail.com. We respond within 30 days.
8. Children's Privacy
Filmaro is not intended for children under 13 (or under 16 in the EEA). We do not knowingly collect data from children. Users under 13 are blocked from creating an account. If we discover that a child under 13 has provided data, we will delete it promptly. Contact filmaro.app@gmail.com if you believe a child has used the App.
9. Automated Decision-Making
Filmaro uses AI to generate content based on your inputs. This automated processing does not make decisions that produce legal or similarly significant effects on you. The AI generates creative outputs (photos, videos) based on templates and your uploaded content.
10. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users via email within 72 hours of becoming aware of the breach and notify the relevant supervisory authority as required by applicable law.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the App or via email. Continued use after changes constitutes acceptance.
12. Contact Us
For questions, concerns, or data requests:
Filmaro Team
Email: filmaro.app@gmail.com